urlscan.io logo urlscan.io
SecurityTrails logo

pinoytambayansteleserye.su Open in urlscan Pro
195.154.207.225  Public Scan

Go To Rescan Add Verdict Report
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Submission: On October 26 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 57 IPs in 4 countries across 82 domains to perform 1307 HTTP transactions. The main IP is 195.154.207.225, located in France and belongs to Online SAS, FR. The main domain is pinoytambayansteleserye.su.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 29th 2021. Valid for: 3 months.
This is the only time pinoytambayansteleserye.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
38 195.154.207.225 12876 (Online SAS)
14 172.217.16.138 15169 (GOOGLE)
2 142.250.186.99 15169 (GOOGLE)
2 157.240.20.19 32934 (FACEBOOK)
6 142.250.185.238 15169 (GOOGLE)
4 93.184.220.66 15133 (EDGECAST)
2 2.21.141.169 16625 (AKAMAI-AS)
2 151.101.0.84 54113 (FASTLY)
2 104.244.42.72 13414 (TWITTER)
1 142.250.185.141 15169 (GOOGLE)
11 11 172.67.190.56 13335 (CLOUDFLAR...)
11 104.26.9.222 13335 (CLOUDFLAR...)
25 172.217.23.100 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
363 172.67.151.84 13335 (CLOUDFLAR...)
11 142.250.184.233 15169 (GOOGLE)
40 172.66.40.190 13335 (CLOUDFLAR...)
77 142.250.185.98 15169 (GOOGLE)
11 172.217.23.99 15169 (GOOGLE)
70 142.250.186.130 15169 (GOOGLE)
22 104.16.87.20 13335 (CLOUDFLAR...)
66 37.252.172.249 29990 (ASN-APPNEX)
34 216.58.212.130 15169 (GOOGLE)
22 2.18.232.130 16625 (AKAMAI-AS)
4 142.250.74.194 15169 (GOOGLE)
26 142.250.185.66 15169 (GOOGLE)
30 142.250.185.65 15169 (GOOGLE)
15 34.95.89.54 ()
102 104.26.10.209 13335 (CLOUDFLAR...)
79 142.250.185.225 ()
19 142.250.185.226 ()
1 31.186.14.221 ()
1 136.243.207.61 ()
2 2 69.173.144.165 ()
2 100 142.250.185.130 ()
5 178.162.133.149 ()
3 3 18.66.112.34 ()
5 5 2.18.235.93 ()
3 4 34.96.105.8 ()
6 142.250.185.198 ()
1 2 91.228.74.226 ()
5 5 18.192.95.190 ()
4 4 37.157.6.252 ()
4 4 151.101.130.49 ()
4 13.248.242.197 ()
4 4 213.155.156.166 ()
2 4 72.251.244.140 ()
3 3 35.190.0.66 ()
3 3 52.18.203.148 ()
4 4 81.222.128.215 ()
2 52.49.74.33 ()
4 174.137.133.49 ()
2 2 217.66.147.170 ()
1 1 213.87.44.187 ()
4 4 3.120.29.221 ()
1 1 185.29.132.241 ()
1 1 85.114.159.93 ()
1 1 193.0.160.129 ()
4 4 135.125.160.77 ()
3 3 54.93.162.63 ()
5 5 3.126.56.137 ()
1 1 54.93.151.69 ()
2 2 35.186.193.173 ()
2 2 44.194.225.67 ()
3 3 216.52.2.30 ()
3 3 76.223.111.18 ()
5 217.79.188.11 ()
2 217.79.188.9 ()
1 1 169.50.137.190 ()
2 2 35.210.53.219 ()
2 35.212.101.174 ()
1 2 104.18.12.5 ()
2 2 213.19.147.44 ()
2 52.199.44.14 ()
16 172.67.74.129 ()
1 3 34.102.128.115 ()
1 64.158.223.140 ()
2 2 50.31.142.191 ()
2 2 54.175.198.118 ()
1 31.220.27.134 ()
1 1 108.174.11.37 ()
2 2 66.155.71.25 ()
1 1 159.65.196.12 ()
2 2 139.162.78.222 ()
4 4 193.232.148.156 ()
4 4 142.250.184.198 ()
2 7 104.111.239.217 ()
2 148.251.139.77 ()
2 35.187.117.15 ()
3 46.236.13.147 ()
4 4 35.186.253.211 ()
1 18.66.97.9 ()
1 1 213.133.107.215 ()
1 2 195.201.218.101 ()
1307 57
38    195.154.207.225 (France)

ASN12876 (Online SAS, FR)
PTR: 195-154-207-225.rev.poneytelecom.eu
pinoytambayansteleserye.su
tvking.net
14    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net
fonts.googleapis.com
2    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
2    157.240.20.19 (United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
6    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
apis.google.com
4    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2.21.141.169 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-169.deploy.static.akamaitechnologies.com
assets.pinterest.com
2    151.101.0.84 (United States)

ASN54113 (FASTLY, US)
widgets.pinterest.com
log.pinterest.com
2    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    142.250.185.141 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f13.1e100.net
accounts.google.com
11    172.67.190.56 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.dramacool.so
11    104.26.9.222 (United States)

ASN13335 (CLOUDFLARENET, US)
asianembed.com
25    172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f4.1e100.net
www.google.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
ssl.gstatic.com
363    172.67.151.84 (United States)

ASN13335 (CLOUDFLARENET, US)
sorrelma.com
11    142.250.184.233 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f9.1e100.net
www.blogger.com
40    172.66.40.190 (United States)

ASN13335 (CLOUDFLARENET, US)
api.adinplay.com
77    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
11    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net
www.gstatic.com
70    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
22    104.16.87.20 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
66    37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
34    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.de
22    2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
adservice.google.de
26    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
adservice.google.com
30    142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
15    34.95.89.54 (None, )

ASN- ()
prod-rtb.ad4mat.net
102    104.26.10.209 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
79    142.250.185.225 (None, )

ASN- ()
tpc.googlesyndication.com
19    142.250.185.226 (None, )

ASN- ()
www.googletagservices.com
1    31.186.14.221 (None, )

ASN- ()
cdn.theadx.com
1    136.243.207.61 (None, )

ASN- ()
app.theadx.com
2    69.173.144.165 (None, )

ASN- ()
pixel.rubiconproject.com
100    142.250.185.130 (None, )

ASN- ()
cm.g.doubleclick.net
5    178.162.133.149 (None, )

ASN- ()
sync.go.sonobi.com
3    18.66.112.34 (None, )

ASN- ()
s.ad.smaato.net
5    2.18.235.93 (None, )

ASN- ()
cs.media.net
4    34.96.105.8 (None, )

ASN- ()
tr.blismedia.com
6    142.250.185.198 (None, )

ASN- ()
s0.2mdn.net
2    91.228.74.226 (None, )

ASN- ()
cms.quantserve.com
5    18.192.95.190 (None, )

ASN- ()
x.bidswitch.net
4    37.157.6.252 (None, )

ASN- ()
c1.adform.net
4    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
4    13.248.242.197 (None, )

ASN- ()
match.adsrvr.org
4    213.155.156.166 (None, )

ASN- ()
d5p.de17a.com
4    72.251.244.140 (None, )

ASN- ()
tracking.m6r.eu
3    35.190.0.66 (None, )

ASN- ()
ads.travelaudience.com
3    52.18.203.148 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
4    81.222.128.215 (None, )

ASN- ()
ssp.adriver.ru
2    52.49.74.33 (None, )

ASN- ()
ads.yieldmo.com
4    174.137.133.49 (None, )

ASN- ()
rtb2-useast.e-volution.ai
dsp.adkernel.com
2    217.66.147.170 (None, )

ASN- ()
sm.rtb.mts.ru
1    213.87.44.187 (None, )

ASN- ()
tech.rtb.mts.ru
4    3.120.29.221 (None, )

ASN- ()
pm.w55c.net
1    185.29.132.241 (None, )

ASN- ()
sync.mathtag.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    193.0.160.129 (None, )

ASN- ()
a.rfihub.com
4    135.125.160.77 (None, )

ASN- ()
c.eu1.dyntrk.com
3    54.93.162.63 (None, )

ASN- ()
pixel.advertising.com
5    3.126.56.137 (None, )

ASN- ()
ups.analytics.yahoo.com
1    54.93.151.69 (None, )

ASN- ()
match.sharethrough.com
2    35.186.193.173 (None, )

ASN- ()
gcm.ctnsnet.com
2    44.194.225.67 (None, )

ASN- ()
fksnk.com
3    216.52.2.30 (None, )

ASN- ()
ap.lijit.com
3    76.223.111.18 (None, )

ASN- ()
eb2.3lift.com
5    217.79.188.11 (None, )

ASN- ()
imagesrv.adition.com
2    217.79.188.9 (None, )

ASN- ()
ad3.adfarm1.adition.com
1    169.50.137.190 (None, )

ASN- ()
um.simpli.fi
2    35.210.53.219 (None, )

ASN- ()
pool.admedo.com
2    35.212.101.174 (None, )

ASN- ()
cs.chocolateplatform.com
2    104.18.12.5 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
2    213.19.147.44 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
2    52.199.44.14 (None, )

ASN- ()
cc.adingo.jp
16    172.67.74.129 (None, )

ASN- ()
ad4m.at
3    34.102.128.115 (None, )

ASN- ()
g.rtbrain.app
1    64.158.223.140 (None, )

ASN- ()
dclk-match.dotomi.com
2    50.31.142.191 (None, )

ASN- ()
b1sync.zemanta.com
2    54.175.198.118 (None, )

ASN- ()
sync.srv.stackadapt.com
1    31.220.27.134 (None, )

ASN- ()
s.kadxin.net
1    108.174.11.37 (None, )

ASN- ()
px.ads.linkedin.com
2    66.155.71.25 (None, )

ASN- ()
pixel-sync.sitescout.com
1    159.65.196.12 (None, )

ASN- ()
match.adsby.bidtheatre.com
2    139.162.78.222 (None, )

ASN- ()
a.c.appier.net
4    193.232.148.156 (None, )

ASN- ()
px.adhigh.net
4    142.250.184.198 (None, )

ASN- ()
ad.doubleclick.net
7    104.111.239.217 (None, )

ASN- ()
www.awin1.com
2    148.251.139.77 (None, )

ASN- ()
banner.congstar.de
2    35.187.117.15 (None, )

ASN- ()
neso.r.niwepa.com
3    46.236.13.147 (None, )

ASN- ()
track.webgains.com
4    35.186.253.211 (None, )

ASN- ()
rtb.openx.net
1    18.66.97.9 (None, )

ASN- ()
analytics.webgains.io
1    213.133.107.215 (None, )

ASN- ()
campaign.mobility-ads.de
2    195.201.218.101 (None, )

ASN- ()
www.autohaus-koenig.de
Apex Domain
Subdomains		 Transfer
363 sorrelma.com
sorrelma.com
10 MB
186 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net Failed
ad.doubleclick.net
2 MB
186 googlesyndication.com
pagead2.googlesyndication.com
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
tpc.googlesyndication.com
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
2 MB
118 ad4m.at
as.ad4m.at
ad4m.at
assets.ad4m.at
1 MB
88 adnxs.com
ib.adnxs.com
acdn.adnxs.com
551 KB
58 google.com
apis.google.com
accounts.google.com
www.google.com
adservice.google.com
142 KB
40 adinplay.com
api.adinplay.com
2 MB
26 google.de
adservice.google.de
4 KB
22 jsdelivr.net
cdn.jsdelivr.net
29 KB
22 tvking.net
tvking.net
374 KB
19 googletagservices.com
www.googletagservices.com
694 KB
16 pinoytambayansteleserye.su
pinoytambayansteleserye.su
163 KB
15 ad4mat.net
prod-rtb.ad4mat.net
78 B
14 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
www.gstatic.com
49 KB
14 googleapis.com
fonts.googleapis.com
6 KB
11 blogger.com
www.blogger.com
6 KB
11 asianembed.com
asianembed.com
383 KB
11 dramacool.so
embed.dramacool.so
3 KB
8 adition.com
dsp.adfarm1.adition.com
imagesrv.adition.com
ad3.adfarm1.adition.com
16 KB
8 yahoo.com
pr-bh.ybp.yahoo.com Failed
ups.analytics.yahoo.com
8 KB
7 awin1.com
www.awin1.com
5 KB
6 2mdn.net
s0.2mdn.net
909 B
6 twitter.com
platform.twitter.com
syndication.twitter.com
148 KB
5 bidswitch.net
x.bidswitch.net
3 KB
5 media.net
cs.media.net
5 KB
5 sonobi.com
sync.go.sonobi.com
2 KB
4 openx.net
rtb.openx.net
1 KB
4 adhigh.net
px.adhigh.net
2 KB
4 dyntrk.com
c.eu1.dyntrk.com
2 KB
4 w55c.net
pm.w55c.net
4 KB
4 adriver.ru
ssp.adriver.ru
1 KB
4 m6r.eu
tracking.m6r.eu
4 KB
4 adsrvr.org
match.adsrvr.org
1 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 blismedia.com
tr.blismedia.com
1 KB
4 adform.net
c1.adform.net Failed
2 KB
4 de17a.com
d5p.de17a.com Failed
1 KB
4 pinterest.com
assets.pinterest.com
widgets.pinterest.com
log.pinterest.com
20 KB
3 webgains.com
track.webgains.com
29 KB
3 rtbrain.app
g.rtbrain.app
940 B
3 3lift.com
eb2.3lift.com
1 KB
3 lijit.com
ap.lijit.com
2 KB
3 advertising.com
pixel.advertising.com
1 KB
3 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
2 KB
3 travelaudience.com
ads.travelaudience.com
1 KB
3 smaato.net
s.ad.smaato.net
1 KB
2 autohaus-koenig.de
www.autohaus-koenig.de
112 B
2 niwepa.com
neso.r.niwepa.com
950 B
2 congstar.de
banner.congstar.de
1 KB
2 sitescout.com
pixel-sync.sitescout.com
977 B
2 adkernel.com
dsp.adkernel.com
466 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 chocolateplatform.com
cs.chocolateplatform.com
95 B
2 admedo.com
pool.admedo.com
716 B
2 fksnk.com
fksnk.com
1 KB
2 ctnsnet.com
gcm.ctnsnet.com
882 B
2 adingo.jp
cc.adingo.jp Failed
87 B
2 e-volution.ai
rtb2-useast.e-volution.ai
466 B
2 yieldmo.com
ads.yieldmo.com
69 B
2 appier.net
a.c.appier.net Failed
1 KB
2 quantserve.com
cms.quantserve.com
800 B
2 zemanta.com
b1sync.zemanta.com Failed
1 KB
2 rubiconproject.com
pixel.rubiconproject.com
918 B
2 stackadapt.com
sync.srv.stackadapt.com Failed
736 B
2 theadx.com
cdn.theadx.com
app.theadx.com
111 KB
2 facebook.net
connect.facebook.net
78 KB
1 mobility-ads.de
campaign.mobility-ads.de
469 B
1 webgains.io
analytics.webgains.io
51 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
565 B
1 linkedin.com
px.ads.linkedin.com
815 B
1 kadxin.net
s.kadxin.net
142 B
1 dotomi.com
dclk-match.dotomi.com
104 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
582 B
1 1rx.io
sync.1rx.io
697 B
1 simpli.fi
um.simpli.fi
510 B
1 sharethrough.com
match.sharethrough.com
358 B
1 rfihub.com
a.rfihub.com
1 KB
1 mathtag.com
sync.mathtag.com
706 B
0 o2online.de Failed
partner.o2online.de Failed
0 blau.de Failed
partner.blau.de Failed
0 turn.com Failed
ad.turn.com Failed
0 pubmatic.com Failed
image6.pubmatic.com Failed
1307 82
Domain Requested by
363 sorrelma.com tvking.net
sorrelma.com
100 cm.g.doubleclick.net sorrelma.com
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
pinoytambayansteleserye.su
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
79 tpc.googlesyndication.com af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
77 pagead2.googlesyndication.com sorrelma.com
pagead2.googlesyndication.com
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
www.googletagservices.com
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
pinoytambayansteleserye.su
tpc.googlesyndication.com
70 securepubads.g.doubleclick.net api.adinplay.com
securepubads.g.doubleclick.net
pinoytambayansteleserye.su
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
66 ib.adnxs.com api.adinplay.com
acdn.adnxs.com
46 ad4m.at as.ad4m.at
ad4m.at
43 as.ad4m.at af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
as.ad4m.at
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
ad4m.at
40 api.adinplay.com sorrelma.com
api.adinplay.com
29 assets.ad4m.at as.ad4m.at
26 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
26 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
25 www.google.com apis.google.com
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
tpc.googlesyndication.com
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
22 acdn.adnxs.com api.adinplay.com
22 cdn.jsdelivr.net api.adinplay.com
22 tvking.net pinoytambayansteleserye.su
tvking.net
19 www.googletagservices.com af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
16 pinoytambayansteleserye.su pinoytambayansteleserye.su
15 prod-rtb.ad4mat.net pinoytambayansteleserye.su
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
14 fonts.googleapis.com pinoytambayansteleserye.su
sorrelma.com
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
11 www.gstatic.com www.blogger.com
11 www.blogger.com tvking.net
11 asianembed.com tvking.net
11 embed.dramacool.so 11 redirects
7 www.awin1.com 2 redirects as.ad4m.at
6 s0.2mdn.net 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
6 apis.google.com pinoytambayansteleserye.su
apis.google.com
accounts.google.com
5 imagesrv.adition.com tracking.m6r.eu
pinoytambayansteleserye.su
imagesrv.adition.com
5 ups.analytics.yahoo.com 5 redirects
5 x.bidswitch.net 5 redirects
5 cs.media.net 5 redirects
5 sync.go.sonobi.com af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
4 rtb.openx.net 4 redirects
4 ad.doubleclick.net 4 redirects
4 px.adhigh.net 4 redirects
4 c.eu1.dyntrk.com 4 redirects
4 pm.w55c.net 4 redirects
4 ssp.adriver.ru 4 redirects
4 tracking.m6r.eu 2 redirects bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
4 match.adsrvr.org 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
4 sync-tm.everesttech.net 4 redirects
4 tr.blismedia.com 3 redirects 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
4 c1.adform.net sorrelma.com
4 d5p.de17a.com sorrelma.com
4 platform.twitter.com pinoytambayansteleserye.su
platform.twitter.com
3 track.webgains.com as.ad4m.at
3 g.rtbrain.app 1 redirects f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
pinoytambayansteleserye.su
3 eb2.3lift.com 3 redirects
3 ap.lijit.com 3 redirects
3 pixel.advertising.com 3 redirects
3 ads.travelaudience.com 3 redirects
3 pr-bh.ybp.yahoo.com 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
3 s.ad.smaato.net 3 redirects
3 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.autohaus-koenig.de 1 redirects as.ad4m.at
2 neso.r.niwepa.com as.ad4m.at
2 banner.congstar.de as.ad4m.at
2 pixel-sync.sitescout.com 2 redirects
2 dsp.adkernel.com 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
2 cs.chocolateplatform.com bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
2 pool.admedo.com 2 redirects
2 ad3.adfarm1.adition.com tracking.m6r.eu
ad3.adfarm1.adition.com
2 fksnk.com 2 redirects
2 gcm.ctnsnet.com 2 redirects
2 cc.adingo.jp f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
2 sm.rtb.mts.ru 2 redirects
2 rtb2-useast.e-volution.ai 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
2 ads.yieldmo.com 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
2 a.c.appier.net f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
2 cms.quantserve.com 1 redirects f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
2 b1sync.zemanta.com 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
2 pixel.rubiconproject.com 2 redirects
2 sync.srv.stackadapt.com af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
2 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 syndication.twitter.com platform.twitter.com
pinoytambayansteleserye.su
2 assets.pinterest.com pinoytambayansteleserye.su
assets.pinterest.com
2 connect.facebook.net pinoytambayansteleserye.su
connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
1 campaign.mobility-ads.de 1 redirects
1 analytics.webgains.io track.webgains.com
1 match.adsby.bidtheatre.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 s.kadxin.net pinoytambayansteleserye.su
1 dclk-match.dotomi.com 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.1rx.io 1 redirects
1 s.tribalfusion.com sorrelma.com
1 a.tribalfusion.com 1 redirects
1 um.simpli.fi 1 redirects
1 match.sharethrough.com 1 redirects
1 a.rfihub.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync.mathtag.com 1 redirects
1 tech.rtb.mts.ru 1 redirects
1 app.theadx.com 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
1 cdn.theadx.com 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
1 log.pinterest.com pinoytambayansteleserye.su
1 ssl.gstatic.com accounts.google.com
1 accounts.google.com apis.google.com
1 widgets.pinterest.com assets.pinterest.com
0 partner.o2online.de Failed as.ad4m.at
0 partner.blau.de Failed as.ad4m.at
0 ad.turn.com Failed f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
0 image6.pubmatic.com Failed sorrelma.com
1307 114

This site contains links to these domains. Also see Links.

Domain
www.pinterest.com
www.reddit.com
Subject Issuer Validity Valid
pinoytambayansteleserye.su
cPanel, Inc. Certification Authority		 2021-08-29 -
2021-11-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tvking.net
cPanel, Inc. Certification Authority		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-04 -
2021-11-02		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
asianembed.com
Cloudflare Inc ECC CA-3		 2021-10-19 -
2022-10-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-24 -
2022-06-23		 a year crt.sh
*.blogger.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
adinplay.com
Cloudflare Inc ECC CA-3		 2021-07-22 -
2022-07-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-10-22 -
2022-01-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.theadx.com
RapidSSL RSA CA 2018		 2020-02-10 -
2022-03-11		 2 years crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
m6r.eu
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2021-09-13 -
2022-10-14		 a year crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2		 2021-04-15 -
2022-05-17		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2021-05-21 -
2022-06-22		 a year crt.sh
chocolateplatform.com
GTS CA 1D4		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh
g.rtbrain.app
GTS CA 1D4		 2021-10-24 -
2022-01-22		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
kadxin.net
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
*.congstar.de
TeleSec ServerPass Class 2 CA		 2021-05-18 -
2022-05-23		 a year crt.sh
*.r.niwepa.com
AlphaSSL CA - SHA256 - G2		 2021-03-15 -
2022-04-16		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
autohaus-koenig.de
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh

This page contains 195 frames:

Primary Page: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Frame ID: 76519A9DFFB8C5B2CC80FC115678CE75
Requests: 32 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=bFR2enpnQnpaK3BJcDJ1dFpyV2dqdz09
Frame ID: B7AB95C676450596F16609E243A12B09
Requests: 3 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=RWlpUG8xQW5mZzJUTG9aYS9TWWpWUT09
Frame ID: 5EAB499A3817FF5DE7B8C241364A76AB
Requests: 3 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=U3VqU0srTlhSRk5obUNURjBaWllMUT09
Frame ID: 64F68963CEC3FC6D387559D2DD6C9CF9
Requests: 3 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=eGNKcDRES3FLSzRISDVYM0FEZDVvUT09
Frame ID: 25CE46D23ECF1F0956E0BDD0802610FA
Requests: 3 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=Tlg3T3ZkUWRFY01PUXBNWlRVNWNNUT09
Frame ID: C4F3234CD4FE82A21229A7A7419C8358
Requests: 3 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=K2x0M2Q3aXVnR1AyRTVPdDBCL2VxUT09
Frame ID: F691EACD7E4217B79AE1BBB1A0030C77
Requests: 3 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=QXF6WVZGMlFPWWNFeDZST1VlUXpKQT09
Frame ID: 8B236D8BFEDF237E2E3CF49D6D1336DD
Requests: 3 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=a2FyNEFoYUJZQVRzaGZuNlpRMU5DZz09
Frame ID: 6B52838BF5A4065CD2E44860D8EBB7E3
Requests: 3 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=N0xnVHdiVkl5VVN0VVpCMS9HQk8wUT09
Frame ID: 32BBBEEAC81146AE663F021B42FB7309
Requests: 3 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=K3RlL2IvdmIycW5sQk1IRzZwQVpYZz09
Frame ID: 095F2D833EFED2DF99422FCE0D78B5FC
Requests: 3 HTTP requests in this frame

Frame: https://tvking.net/video.php?id=WURPNVFzeU5QQUtsTk5yT1dQWVIwdz09
Frame ID: AB4B03A669F8BEDEF66EF182871105D8
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fpinoytambayansteleserye.su
Frame ID: 20985D586C1A906BD47988A5D8B3B736
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fpinoytambayansteleserye.su&url=https%3A%2F%2Fpinoytambayansteleserye.su%2Fits-showtime-september-16-2021-today-hd-episode.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 59CF564E85C4744BD892C14FCA61A9AC
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpinoytambayansteleserye.su&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Frame ID: 78691F2DA1B284DA300F2C263BFF331E
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Frame ID: 0D4F08467E55FEEB3B19166B0B64F6C1
Requests: 2 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: 60A886266E7457425FE2D6A11DE56E15
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/video.g?token=AD6v5dyWvTOnbljcDUDvVtPVxVN9ku_DvfH5tDuBf74sOPJ9qfWD5WpUXWtKmaV2viU0ERzyLSVZ1BfVf5Dq7Fm7MMeV0xW7wd77CJ75a4NN_sEBPfW-dDSGOU5WYmS06Dt91XV4j8ZD
Frame ID: 5D513E3672C6C719667C005ECB004E60
Requests: 2 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: 3226E3118498CFF1AF1E0990C321181A
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/video.g?token=AD6v5dwbo6WmQHoWlTRjvl8xjhThARiuHjrJTFnLvW401gQGqo5l-v_mvyxalZNXxqrK1tEiCeIA7setQvHHCv6yjgIaYYVK03C5tQU7SdUm7MtyjRyyfU-WtWZY7sfwNLyTApvOZk0
Frame ID: 4F9D36E236CD0CC4D5A04866B3275EEA
Requests: 2 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: 103F6F5F5CF1742417A65FE473C58443
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/video.g?token=AD6v5dy2V4Pr2u83-ANpjVMPvEGUg44Aoq_OUnsTzL9ty_Ypqnetmu8E2zCDBiwQQo1MkrHzsLsaOn2Df0MCHzeSA1HxC1USc55RnkLYU_HWjNKELvVZ9w3-EOZ3hS5TXmMAPayNRNkw
Frame ID: 7A346EC9C2FB90F3FCD933C6E005F853
Requests: 2 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: C9ED569870A9127280CD2E70C2905BAA
Requests: 1 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: 413A35279442BA2BDEAE432160C85979
Requests: 1 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: A6CD7FFCDA692601949530D7AF5EE6DF
Requests: 1 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: 94E6419EB1B8384B6B2F85B014452F53
Requests: 1 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: DCEA6883F8B1C4CAEF6C9497066D9C87
Requests: 1 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: DF8AFED4E509963CCEB16DBE5381D077
Requests: 1 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: 7B3690B03BFD5FEAE006B772FDCC792A
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/video.g?token=AD6v5dwxP2r0VzVZJOiHaYWOT5pF7hV52_dbHqHy9vN6mbVgYQUfGwlDe4hTClZuL6AKr1UmECAGRl6UZ3Hh9FrbY6HOjSs_TOChMvEfR0ll9nRYrWFSXgLknoDBsf2CtcqMy9hBVL4i
Frame ID: F8EA95649C3B6418D8F11FB0CB4C4B82
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/video.g?token=AD6v5dwA0HvO9ySrTA4AtnTmz6rg7pDmVi49eCSMfoAiCYVq5bGD4MrdyazUj1pySxr15OFEIQBmLCD8GWGqrbD78iUY9dC7YJRRkIyh_SkWhXS-g_C8C_at_CN8wiofN_tUj5R4KdM
Frame ID: FAEC45DEABEC5FE3549CDD3A5CDEE38E
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/video.g?token=AD6v5dyu-KDYiQjmrzsOv5XKYtVCe8iyczSnjMGwhCVgBCRQWv8Mt4EJlQuFtZHNmH_UpGZ3YfqXI8wSf1qD0EnaVbFp_V5XW8BVbE9FAIXTGBSgwT7pSedo4jIMNkVP735lFcSx9r0
Frame ID: 62700C06289993C8A7DC89828243F08D
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/video.g?token=AD6v5dxOziquq0qY23ht3patikEdWb-M4mcdu5vwv_9MvMME7iLKK229_DmigxG4BnRjjLWDdftCAlLeIaNMLHIf7Fj26cKz4w1KDxVLf4xTHEp9J25i9Rh72nnBQBwgmKNa-rKM0G3V
Frame ID: F817623EB32587B4C8B3085B7F13B937
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/video.g?token=AD6v5dzYtFM2KnRS7vtOZwJx9JW3NsSuamg-_-8CX2zBB8atVqL-f4Fj3dBj0cQ7kg8bfkvOmZl_zU50azldLUxv0UYOiMN8nq6az46LJCYwLbXyIXXsFqCdDT0Cna7RtiMAFq9b7UaS
Frame ID: F3F3A4BACD2815916C371C84F5B4A2AB
Requests: 2 HTTP requests in this frame

Frame: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Frame ID: A03A32496BB739F311BC13A3B8F64404
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/video.g?token=AD6v5dwO3cqciAyv5mT48Kc-GWghHqQxkL24ngctktDhTIHV-JJFmxYbzf40dAybudLmbkD1h3Cj-R9D71fC19ROhNfaV-GsebFWi2D8EnCGMR-DVMxDxDDoL5gTbh09xQJKM8Jfers
Frame ID: FD6536A97637DCD54E17E50E71BF0984
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/video.g?token=AD6v5dzFToud6eOwF6DDN_USuHvgzQ7lyQayXzWoZpEr_XMHSdVgBch07eiHeEvB49bNeIMoH-UhY5HrVRYjv6MKhjyTKTV5EM-WZyosM3tUQyIWVoY9yLNmzfkZM1fmfwzNuGsa4akb
Frame ID: D9B6DDB0630E3CAD5A7866B4BEE9030F
Requests: 2 HTTP requests in this frame

Frame: https://www.blogger.com/video.g?token=AD6v5dxqy7I0uiLMlz2vz-5QJwBFvf2BaDqL80icaKCXOxLU9GQSt7p91CVfkjF8DIbzsSoAJid-U5nxdBBe14M7Ycwgwn0Twp80t4QtC4nrSf8sjL-TESfe1nFG1Q0RKVNIk9_4P_Bf
Frame ID: B0E9A21DE35EE601B999EFF831C37E93
Requests: 2 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: ACD68D5581840D9923B8ED62822821AF
Requests: 51 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: 8EA16803CBF72806C53603AFF951444F
Requests: 53 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: 11E4E3D43CE6EFB3DC88497AE3416A3B
Requests: 54 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: 2E7395A3EF4CE8E73C587ACF8C81CC4C
Requests: 53 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: 99402F225F25CDAAED530746AB5F5416
Requests: 52 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: 78935EB4A1303CD80B267DA3B4B4734D
Requests: 56 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: 9C7CDADB56621589295FA098E85B92CC
Requests: 57 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: C4DCAB65993C8A54D1393B16C0290A86
Requests: 55 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: BAB508BEF0E2542FC587E7DCCA795791
Requests: 54 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: 7260AEA40511095D8FE451DC9310BFC2
Requests: 56 HTTP requests in this frame

Frame: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Frame ID: C14ACFB098D4D7E426E57DC214D7C625
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: 0A9C19D5A7E7CC341E74EE45474AD4E8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1541995751883BC1F518640723DAAF94
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E8A7897D29A71F513F204D71DF92AD94
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 63E9DE77679F171725B6AC133FECF26C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9E62112A3D0AF847E2EE85E980739474
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223578&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805209&bpp=4&bdt=650&idt=1141&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=246032844071&frm=8&ife=1&pv=2&ga_vid=75252885.1635230806&ga_sid=1635230806&ga_hid=672280154&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062525%2C31062663%2C31063183&oid=2&pvsid=2261141832269456&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.7842lu6tkpf4&fsb=1&dtd=1154
Frame ID: 9C399ACA777DB1F47F84E5A22F9BE479
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223572&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805499&bpp=1&bdt=933&idt=869&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=2570955413733&frm=8&ife=1&pv=2&ga_vid=1341641798.1635230806&ga_sid=1635230806&ga_hid=276536048&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31063295%2C31062526%2C31063140&oid=2&pvsid=3355200543626438&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.tnakrv33pedt&fsb=1&dtd=874
Frame ID: B872DB253253969D274D1D6A8B33EE36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223577&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805556&bpp=1&bdt=946&idt=829&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=2177627242792&frm=8&ife=1&pv=2&ga_vid=901358038.1635230806&ga_sid=1635230806&ga_hid=1652268948&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062422&oid=2&pvsid=2143231000418624&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.kkk5w0qsuaga&fsb=1&dtd=835
Frame ID: 2C73FEBE0A9FD5B23E0D449B0C18FC3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=980219931&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805589&bpp=4&bdt=955&idt=820&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=2600376283715&frm=8&ife=1&pv=2&ga_vid=1399544675.1635230806&ga_sid=1635230806&ga_hid=135499769&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=44752094%2C31062944%2C31063260%2C31062524%2C31063139&oid=2&pvsid=2094331154805026&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.wnamiar7qjok&fsb=1&dtd=831
Frame ID: 944ECB1B8642681407234B01DE1B170E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FE32DD639C94A190A3727356CE459B3E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A0914CD40E61D1184AE1E12C3AEB18E0
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8143776E6754A1B35A12E9543B222170
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2309FF6F95296C0A7DA13EECC9E6BEF4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223576&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805462&bpp=1&bdt=888&idt=1027&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=6996386346182&frm=8&ife=1&pv=2&ga_vid=210503027.1635230806&ga_sid=1635230806&ga_hid=809567159&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C31062525&oid=2&pvsid=2546505396439370&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.j3k40wr1ue8r&fsb=1&dtd=1032
Frame ID: C8DB1B6081EB41B16E7E8BC3F179A68C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223581&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805926&bpp=1&bdt=1276&idt=580&shv=r20211020&mjsv=m202110210101&ptt=9&saldr=aa&nras=1&correlator=1544734014085&frm=8&ife=1&pv=2&ga_vid=1837983081.1635230807&ga_sid=1635230807&ga_hid=351039452&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31063261%2C31062525&oid=2&pvsid=3761144809957779&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.gtufp1rt4llv&fsb=1&dtd=599
Frame ID: CFCD4F44DBB05204E48B30BB22E2709A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223580&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805935&bpp=2&bdt=1279&idt=598&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=3102704846844&frm=8&ife=1&pv=2&ga_vid=939484896.1635230807&ga_sid=1635230807&ga_hid=1399399062&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062525%2C31063182&oid=2&pvsid=3528714001232785&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.q8th962m7ha6&fsb=1&dtd=604
Frame ID: 8E07EAEA7DB25757120DA3B7BAAE4CA0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223579&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A148096%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805490&bpp=1&bdt=910&idt=1060&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=84907730175&frm=8&ife=1&pv=2&ga_vid=67234239.1635230807&ga_sid=1635230807&ga_hid=2096104949&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062937%2C31062524%2C31062931&oid=2&pvsid=507165796166891&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.lboa865wo4uz&fsb=1&dtd=1066
Frame ID: 03B1819053AC5E13E79AC4A043E26563
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223582&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805531&bpp=3&bdt=927&idt=1036&shv=r20211020&mjsv=m202110210101&ptt=9&saldr=aa&nras=1&correlator=5287322814176&frm=8&ife=1&pv=2&ga_vid=619093451.1635230807&ga_sid=1635230807&ga_hid=219653584&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062937%2C31063261&oid=2&pvsid=1063323530164287&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.2isqynhavrkz&fsb=1&dtd=1040
Frame ID: FA33E871C33FFD0B2E8DF8FCA04329D6
Requests: 1 HTTP requests in this frame

Frame: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 7933453CE11AB00C092E2D48FB3DB2AA
Requests: 1 HTTP requests in this frame

Frame: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: E6F95538FCFCF477F0B314EF7829D00B
Requests: 1 HTTP requests in this frame

Frame: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 071EB99BC84911513CB1732B818A4352
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223587&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805697&bpp=1&bdt=1054&idt=977&shv=r20211020&mjsv=m202110210101&ptt=9&saldr=aa&nras=1&correlator=973025186595&frm=8&ife=1&pv=2&ga_vid=1035855769.1635230807&ga_sid=1635230807&ga_hid=582278695&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31063261%2C21065725%2C31062526%2C44748552&oid=2&pvsid=556060901943839&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.fy07vsj8nfkk&fsb=1&dtd=983
Frame ID: 717AE33B45D95EE1E6F678A0C62D14F6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 70AD93078A7CAB6AF16A2C8969AD04FD
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 646FEA11115DB6EE99792CF490FBEFF6
Requests: 3 HTTP requests in this frame

Frame: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 5B086216E1C5EBB1CD92FCBBD0192DBE
Requests: 1 HTTP requests in this frame

Frame: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: ADD0203C65B0B0918F684D381AA9F0D7
Requests: 1 HTTP requests in this frame

Frame: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 1EE1A5BDBC5962595C11B47C7022D309
Requests: 9 HTTP requests in this frame

Frame: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: DAE007D22999131FAC604428BD42D8E3
Requests: 10 HTTP requests in this frame

Frame: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 5F8473FD4261B338147CFBEA7F931728
Requests: 1 HTTP requests in this frame

Frame: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: F72CB2EBB0D3E7A38E1A0E5B5912611C
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0BE9600454FD07E5E5E02ED4EAE29921
Requests: 3 HTTP requests in this frame

Frame: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 48C45511815AC8499169716CA3B4D4C0
Requests: 1 HTTP requests in this frame

Frame: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: B8B83BCAE7CEDD277D245A46C0D292BD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 89015422D319ECB2F7ECA56822A10503
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4D1E5D7E1F9211A237B97B9BB5EAAB5A
Requests: 3 HTTP requests in this frame

Frame: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 3C16DB236CC8F489CC1BC6A4DAC715F4
Requests: 9 HTTP requests in this frame

Frame: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 37292BC9802DC8D3989AD5321F668AD4
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E07A6D421EE0D0D03B342F87113A806D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7534185C1A0EB602911905BB63C73C1B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C53E1D369D964D817E6ECC40C4AE66CC
Requests: 3 HTTP requests in this frame

Frame: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 561756FA998761565E6516FD54B551AA
Requests: 1 HTTP requests in this frame

Frame: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: FC39969FC6184D5887E8D3F05C835D69
Requests: 1 HTTP requests in this frame

Frame: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: A465A40CE656A4E6C3085839AC9F66A3
Requests: 8 HTTP requests in this frame

Frame: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: DDF95B21D4B403CF8B1A6B20482867BC
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1021F04620852897B3C5FBC532B9CF10
Requests: 3 HTTP requests in this frame

Frame: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: CAE33282A8C6A10BC8684EA03618C47A
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jz13zh2xcmjryz5qmm1dwkxzb7e6ca1n6xjk78w134dyet66vg33ygv4yyq3e1ar7bsfqzgpjr3b7m0xw9ge8bjdzr1at434tyz1ckv27ar2yjs7s6z1gn2e2rmzzfvsqy4f2m6w0bvrgn07mmar683d29pvp5rnw4k003tm65nsm3w0hwvnrd084hvwjhf3tvhthhnak3zg6pweqzgccz0pdqtm20ksnk4qc732enzka7avyrq9y0hkqjmndwd7789nshva3dnyjrsarcvrs485xqmx9j38wpwee20w734vfd3r4kr4nyz6nexh0340b7cmzpcpgyhaamdwces1j7z655mxx3c71gd45cndk1j72hjp355ak99zj0n6dpt959csvrsje2v4wj4xw1vcr2ytztk2sp67bxp6yh5zjjradp564ka2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqGAOVqR3YazQKP2i7_UP2vSh4AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9CCV7OsUuoUoWL2L4fKmW6jLeLtVXfhLg6edSq2O2z6SVe7JnzZNoIy-e81dDKF4fzy6FBQ5a2dwFPtaLGwAkTUUQDq0pBYkKGQBDg4z7U-SgUdYnmbiaw36ubW1_fKzmX-lVxRZn7_g7B8VZi70fZLrTKH8gpAP9_CV3G2noBP8HbihRnfvsSzRawT5o6Ph9__keFLYuacpKKjZSSWhKi4ih3eY0v0-E4hgVYUP76EXtZvpJZ2Jd5r_RJ8Yvnw7_04HP6msQIC6rV7o-Bb8tFoKGAqYVUOaeu07aFJyISqSeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3z0_L-gk-2TBChM9Zv4oQxkqGCjA%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: 0A8DBC21027709E6EA58AB40E889663B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BFFCFAA615DD203F257B4FB4A0AC89C9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223583&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230806953&bpp=1&bdt=2167&idt=585&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=5831082390859&frm=8&ife=1&pv=2&ga_vid=897778963.1635230808&ga_sid=1635230808&ga_hid=1029041341&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062422%2C31062525&oid=2&pvsid=3264558835570243&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.ebhvylb4scx7&fsb=1&dtd=592
Frame ID: 880BB6F3B58625CA2FC3837429EA61F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC3818239C5DD0A76066CABD09C3A094
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kqy7fz016egpbe9p2bk0fnzrjt65pyncnqmx4ey9rs0jck0eaavrrk58m0kekrth2gae6vta9n26tbkqgdh3mz2wr3jvqtsnaadv576ctv23n60mk1t9tr3y7hwrjr3mktzjnaqb74aejet6s9e5zphbhy32btet910fdpyxwpwkzd7c5vfesp48mwk1y7e319ab5fw9ejkjbaye1466q61kghqrhhkwf0wj2y512b0efw959yf56vynths2ve92zdngv20ehshes7t440b4d9d9ff8jsg9j4bz6396ytpkgnbekhnsh7xhj4en8cc3nafenz0n2bcwkbcw47gw87w80a0t7z5z485q5gxxsqbf0ehfv9gymy99hkv5975w5vsp508h8xt4cg7ay3cqhq89bxegryfapjmetqzxwxjf8kfnyy0kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy9zhVqR3YdbhK8vlgAfprqr4CpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0JJkxZNEEF01oxKY9ORRd-HvIGJnLmA7VBrS55eDJZ1HZj1mxgThz-eZ-BH2k8dBk9_4oOK1HlPH_DLhX8E0Okb2P9ijH-bwe4hZQ05DygYh_-x9vT1lc8xqTS02cj39R5afAFTTox5LpFX7j2hWmkLwN69EEkRrjsda8oHcbJnNjQL_L7bxke-krz6chJ0-Y4nF5tkp8TAmfdp47zGrz1COqW0APka9uUH2j9ofKN10d5dTkp2EycRAg3mrzeaT6TOQcrq_G90XDqhbtfStayknsdFYzzNgfZvnNWGoE2fB4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qq-pJMyRY3iK7ImfZoIkDdbeqJQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: FCB7BC03CF9541AD74362675F061AEA0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ACB5EA842F1FED19FF10176F1BEC5A86
Requests: 9 HTTP requests in this frame

Frame: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 085C01D2422369D453F5B1B17CEE0967
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1190F2ED77B1A70C457F2F95C9208997
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FC48AF16E723412D3A8EA2AFBC37A809
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k10vft8hdq14q9wkn98gcb4kjsh91vxprp87farzaayqhwkd806mgvan2j3q4mtzr9zvtrvv3qd2q1btjkz9wzyp9fwmwyztbegaqmkxcnnvx6a0n5xchztprq5b0sdzbdqfbda7bhchx9v9nkmhabrrrg2cnn0f44v4q8mfdztrtbz59019q8kst4ndncyaya96q5c53ztwxmkjhz6c67gp2bwbmzp84ez2rc138nekxn205b4kae2dk3e9ctwfazbcnw2zm50b38rwg0n1cey659ffaw8hxxpaq2fme2y64wr5yteysn74sstzdkdgtkwaegrfg0sj2fhdc2jhy5j4brvm4c12vvmrq988xcz5x7qrh2tz9kncv6fc0k25rg6k76wqxmkfe016jd2nm7wcwa7y07qwnk1qvr3tpynbc8fde2vr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2O_MVqR3Yb-hM82rgQfRlJ7oC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Bm66OrP0VW8XsoFKpIu2ax3Oob-Kga1dp6pMe-mEiQHMHY9vj-os_oVtdN5n6VOscqA5gC18iLjFWAAiusKHGV_Go_nfI1zAaQcQHmiY0HYEOdcUkW8e0wgutj4XIwNmPdMzs6Wj3O_t287EMiMK1zg34cAOOAblXaewVh6XjK1W7Qa9zi4d6yBbxrpf6f0M92uO-e9xeXW1_Px178VtJ0gBAl95apLXYevFGL6ziTNPRh0qxKvUQNnzInkavdm_xs-yRQxllqXFUYURhUpS4QsnAGGXXK5LnwATpSpkQ0H4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2CAula5xu4Iz4iCJtvBT2uo80Z0Q%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: 3436D403493B0377972D375CF9E4DBDB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 41EC32943F63E27CF01EDC82A584A2B6
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kgd5ar9t1qfq84satfrhzx0ztw8gkg8rx6j1hz043ykb0xjndnfv341c2qqsbcadhexr7dgaqbmq057tz116a04znkg66cq7b9570efm2da5hezzjmq2d3kwxhhw91d19tj7e4qnbpftgydd8g7wzzsavcaq1ee6hz94t2e626r1vys8zex7me7jz7hh86spgrb4er7r7c39ez31ekp7cd40f6eewtnjf1q39b0nw87m8nasj2725srhd9apdvbp61a3b87vf7sbz70jkx6bez84ada5swgyx3v8ecmzf3tvfj19sjpsg7rhwncqfbv920sgj94m6nvc6h0w7njzwdfsezknn1x256w4v2mcrn437dq9jzqsjgftkwyc8wbcpemkp4xvjrnwdc3rh87q6f4wh7pwkh8z348c3wkg6f27ccjz94gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDkpdVqR3Yeb2N-rO7_UP67qk6ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CLz3T7jhPROwYIB7xf7mWZbEokXOXH9mDRNKfJQbr8-CSq9qzWVgiOIEjefdBxLOVFPyYAy437YSJqQ4sMCAchNs-sAYPQXpBdLZzkBZOJ2pi2nJZ95z-ad6S28gp-614MbhF-MIXbUY8HIPAjcm1xCNCAoTlAK8ts9rj3qArp4fIHqjJ0AS-BB2DNp9SqfNRlRs26Nmaxn0-70QDjdkFCzBBWNAKEdAw2-nWZ1_qhtQXiR4DlHdu-GrUoZ9hyL_qcGRFQYg71deTuudh_4MTpJR7W1Vz80lrQwguhg-DQheAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vS1U8fFm0SOXJ4NQjQ3eauC1jpQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: 75F6334AD22BAB882611857CA951D66D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3DAA352A7FA6996150B8B9F20A3DBBCA
Requests: 9 HTTP requests in this frame

Frame: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: D75ACE8196870ABBC45BF14C4594D753
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jmxw3g8vnk2nw1nxk76hfm3jfrtm64tyw2nk2hx6v7tt5t3bngcg4emvja9e48j99syc7frgjat724m0sd8aake4ztvs54nj655km389cz1z3n7jtjq95dmxwm0dzxz0tgqkqqjkxpgqvwfq58by18ddvffdwzp8dw7m1aqzgqa2nfz6x3kkjzczpw45a83mhjk9h71hd4v9c35n62yz4wt344ntk96knbfr55yk27npa72h992zcwxpsr9nkyprc5pbfw3vd0tb4v2p9tx08pj8bnw16kdh3vszz7p6y46mzsn57cvw087y5vem1919kskaa4d9g8m4xcfz76001expcs3qqvjkcmgvq089qy1hb532mwn2yw1s0wtnz83643wsvthj3f2v0v4qn3acz2ahvkd9ehjkpfnbc8debkt8h0r68bsc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: AAA9B5C597165156F3844499FE54C922
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4AA8DF4A287FE249465DE28BA74C011A
Requests: 9 HTTP requests in this frame

Frame: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: D0735F09A62A955E63B28F279D5228DF
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kgr571q15v7a7m59qy5ddyk7ce9dt86px5grcbe5sef7s6jgqq9hxm8a2wt1p7y30yjkjd65pgwmdd0xyc3yvyh24s764srhqzv7yzmefk7paj3z7hd2kac0xpxsjkzbpv2sa0cayp9mc64x47njjdz4ma2svqmksegym8wn03djdmq6bejh108jvz9seev7340mb114rhj6gft0mvvgqh3rdarmy2nxbavz78z6gp1yzybfedrtedje5gnx4wzjqwvvkjqzdp60zvv0c4nqrev2f6074yqy7sswxgg58r3z60djkyjgh8xarn2s5byh50s9c28ch0wc744cxt7ekz92rnd2jhe8wtax5kktq9hbwtj0g5d7fwjd1wkeqeywe13tgf2xxxb3xxvhjwhhaqd81gx46xyd0j1cwgytyk28n3696450&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChp_AV6R3YcTxCfPg7_UP65O_6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9AErV1Ql1r9jSmzKwuoUmFqfykbCvBjnJHMaBbum72TL3ZHxWaAMQN98Q5wSI0FhZ329DPvUhsb_ze_fA7xqZF0MHEKnNtCuo1F2z2nFpHhx3YuHTv8PKth6-EvAgmivOnAx-oukRtcFTVyOaA-o4VatpgNLuJ1S6qgaKWzfeVvdMb6LI9oVj0SrCe5IWrD-UVy5L3QjlkS7RB9Arz7OeZI421aQFrVhaokgtRYbzNamt2bId4ogNLhD9FjZPU1KIg_35tN9UDuC68p_FjtNU-pXlA5asRNnZDqd2Y6F_MfPeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZFhRIXNzi9EZrE1ERMKxdhMM74g%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: B944030FD5E5660A67CF87CA9D28FBFE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9B0F4EC0E4254F779010426D61A8A37C
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gm6enez85w06mzc576yzwzv7x2wrf4tqp1n74z2vhrynrn63c5q7xd2j8a2bcf7pfbkq50ymsn96ah2qqm3c4a23kwxd4tz70scq4y1pp04wytd1b5w4bh3grg9h0ban370h98798v605h106wzh37bvr37fnv165gt6bdk08tpya1wwnsxnvcgm9839xtfz5wj6j0kd1kdrzcnxc6bvnms0qjgnwffez1xfh24vhmcqqmxcy9b7bt3t7v8khj20tc5nn69gnwd9ykd65nyaesbmswa9t7rjadzbzq7z93by5f9p7d6xyy7vtmgnwpx2etp677envz3za1eatmz6njw28k05xr1sg6r3exypkjke7hz6mhcwwm5y36smh8rdg7xnt2yewaap7t0myea66y3bzgsvwes6sjemebvr4cqxq1ctr8sm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUZnV6R3Yc6cDNuV9u8P1Yy8wAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCxZ8zjLd3sz7gAgCoAwGqBOIBT9AMCdT9u9QnbG2tkd_t-FYEUcG47LLumiVf5hGgjqjMuaUvBuk-F1yk9mVRYUnY8yXWUN-HDL5MPF6gvcr2mXsLUdM48BLhPiaFhpco9AwCNuquI5nAczu9_Bnnev53HbXUixcyrfmDmzh31kKoCSZTsBmJPnF6k08SRpaPtf0q7215f24QhQDYxxMfsaSJjq8YHUn5wlMeQflBSUEZ6LUklbxcZdt6helP-lKHH1yORvbm2SRCZw6S1g54N3k4kbfoa9PWyGmDL5N89xl5Jho5IpiUaAjNHmAYD94kba0XJeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11xDzdiv0bdbQ5P9nTh0na6bERVA%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: E8C26A1874B51237DFB6E0C7522E4DFF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 43368B6DD468A5752D0F466BF4585067
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 93CECD3064AB70635048138C5C89CECD
Requests: 3 HTTP requests in this frame

Frame: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: DF12141A9983B398CEDE1FEE36073D4F
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 70864F2E0A1204F4A07D664A9F9AE823
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jrsf3e0hyw39e401ecydtndakj74mnddzxws2dvm1n2ky99p9wh0mfsayydksmapt1q0eyagxfaehbd58hkzn80tg3jk3a9819n7vs2jdzr89njwr75zs4344mvfc49dbd4dsrjz7q3bq35dhy4caxmt4mmh6x15nym8qtysm7vgft53mf74z1ppcfe9k0smh20dvdxmzcj8s8y2cx931xsg6nvysbk0bk1p7xc4ceqqj1sz63cah1rnwg7ny3d19j70gsh517vx2d1d13da54cx4r6tjt7jt0gx9v7j39s70fcysatp39c1andh6kmgakh18p3vs872vynxxng474hjrans2v73vfb9x41hytdrgz96rs09ebe5cd90dbrbg70geapckv9ky2t1f5w3nrvk7hej7vbmkbtk0et0awaghh3acg9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpJ_3V6R3YaTjGuWV9u8Po-awwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9A-cU5EYiv9OwCr-Mons8ROEq4l3iyF1wTXtV1GBuH6pqKcS4mPy1rWKaIqtpYQpOGxJlsM0Wfd_pERa9IHyLMXrpf2NIZ7G404YsHZ4g6vT7NVU-TZYXhmYxp-iGpSbztjq6W3SUeZjg6V9mZCDq5gVSVjuCoYIS22J-r_rupU7mOCbhRqhUtkl3x96lZyJxMgnuMcpHuGB_Xz6K_GiJO5C4D_J_ddjXncoC2drBVy8hxB0mX3tqDpoqFuYStbIXPZOX86l8uokGEZn1DuExkRlrdOG9pmaFuKlDeEzyYkvuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0fw4LrM6Zx0CEzTi8qrS34XndUKQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: 9885808A6E6510A78E94A1DC32B9F69A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 150638A742058F6AFBB47F76FFF45397
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A180213469D5CB0398CDA31ED271DDEA
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A386385C9743A703D05F460DB9EC3A66
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3ED143F45B78E0F3EC31D19613640587
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 32BA640CA8F47F015911AB1E401BA926
Requests: 1 HTTP requests in this frame

Frame: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 8B28B57A8136EFC16FC0F5DE5CA5BB41
Requests: 8 HTTP requests in this frame

Frame: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: FBAD3C07FE55AF8080B08DA05564AA39
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j5m9ym1x3bjx45yzskwjadqpwdynmz6n62fdv81jchs2q4ke4xnh567wzyvyjswvg568nay1jyymwxs72552yvqy2fkzec327ybc594ykr66ncvmnwa8gp65ff91y3ngs9a7w39kab82309tckx1b7yvm74y2y1pq2b9hdrdmb2yzswnkahjsta0jhnchfq6z888wmhv443rnzyz3q1h0azmfr9p3y756h12reg5bds35d8kv101xq05k5288twxfy7ap630bjj0f1k2eegsa8srkjs77vdn11hjvmzgj7x6f0vmm4kv09gj9ywg820avsgs33y4ew1a814gdrjk089pva5zsc3wwfsgmbwhzk982ncazdqr4dh0rk2pa4qf84g7qnw02ymxrz9n0352ndyadpb0h2fzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: 2951C4D01D6751325A73813F94AE25EC
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D1E620EC95AC23D6989067279A043454
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 50B1087F559327F3EE3CCF581CFBC364
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0C360D2391CB1255DBC392D9AA2CDDA6
Requests: 1 HTTP requests in this frame

Frame: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 9F5FFE3DE9D810BEFB48A5971825AF99
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: AFBA85F6954C6A60B2A45EFF85C5E478
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: ED024709174270AD03F0F9993EC85F6C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9EF3385EA761B4AF90D6B56CE5FB879E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jn7rg7gz7jjj3cfz6v0vkdkfqg1kwp725zmz09dm04rx56my9dk67b96harexs2a3gge46525v0edax28a6wtnfnftte0zp390dgs763gvymg9zvbq9c957snwq9x526n5hr5zxjptb85zs2h3y4re4xm78cjd9eztwk92fa76szzn2dkwpraffdnqn4twhjyvrba3y5c64sae6x6e3ttz05p0eks5pcyff2zkamqeeh4he8zadyk1xes93bgt3ggy84zp2ywm1b22fj0e855sth65z8bbbbzbnd44xpn7095983vza626bkgznchj4vzpfecsjz4srv9zy2vj98j315baanaemvgfka4e03yv50bj2rtq9cpwqhvp6ddmd7mcdpnzs0tt60jbdfkvv8txmvbdwn78vz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: 399D61EC3C21D7E9C0DE2B0B452467F6
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CAD2E14B384D0DE2172AF9C9A734F444
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hqftp2acb8gwzezcm6gfqk1w8kgvn39eaetq9sr3twdsx89b1kb2aw62cqggyz8z6gxh2czdmjb1h033heh9wt169bdxvfaztsx3vkm3dcysg1rhat0pzd30e5y40ss1nr1gsdnp03zntsc7vda7r1jmef43h5zbbvrfk5jd9ngczz6cxhe0dy4h9gf5g5b5v79es3veg1qtyejmjwhjmv031hdynvsrktqjr2pk25xbpa9yf2zceyc8jsd4nrkeg5yrrh6pehp3qw1fa4hz8s5gfydd9xa9ypj59bwv1cmhcaz7wwckjkjaange7hehc8rva4s8p3nft88mtq4qhm9hp5whdgvax5skj8rsr24g21ak34nhbxvw1h61krgaywvx8kdv0y3yz5rmk1f8hp26f0en338c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: E82FFC00407CD9D1B2344B86A9E95B1C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BF5F753B247FBF350AB3DB3BCA945414
Requests: 9 HTTP requests in this frame

Frame: https://imagesrv.adition.com/js/adition.js
Frame ID: 0C47A82DDE3F4600AA5EB456C27EB4E5
Requests: 4 HTTP requests in this frame

Frame: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 38E28613C7538748CE1BED1232C88F20
Requests: 11 HTTP requests in this frame

Frame: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 376A53A62403622A4D25A5FCD16F58BC
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A6FDF5417271BC2E6459EB95D98A6A88
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14142F11201385C2912C5D2CF3BA5EAC
Requests: 2 HTTP requests in this frame

Frame: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 4F779EF742B83B421C589E38892C4EA3
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B924CF96860CA03AEC5F6194ED14B64C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 147056BBB7D11D524A098747F99A44BA
Requests: 2 HTTP requests in this frame

Frame: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: EF5FDA5B8CEED3D387C1D885FA9FA812
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 56917C1DEDBFA4078BF52B9827B7629A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hm873ehmnkxt6z4t2y7x7am172psh6e990ywjh17yqdxq3hx9jd8f4tb1vbj6wmsq4m3mcp361f5e361s4bg37emhb0cmndp041rc7fh37r8txk0kgjx893z6q27q5nj9agp9fzhs9a0breehw2k102wvx4vme7zvnvechzw7cm0cs8b817e3eb9azqrgqch7xk0jjq0671d07f5avdr07ntxq3agpddj66gbxz4scja1tm01rk66xg7j276ddd412s75nm6st9cxgqg32rs8fn4xz3t2y1pcqqwvh1csrcqmhxmkc5zz1wgfcnjbzfsencpvexen616es3599vjz2rme418v02cqj0rka1c57ctb62n7n3mag9c5hh7cr17w2sbkckwm1g14bs51vt3cdc8kcnp2c0b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: 023B22E239BB987F151181795ABAFD69
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 050BFB42016DF157563083F363205CE6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8043DD59521CEB42AC71068DED7867A3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 54BC8056C0B0D3A1D594400AC76CC07C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 08A83752E1424E29774C2872675898E4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9B14D2C9F3243D1DF6A0BD8950AFC76F
Requests: 2 HTTP requests in this frame

Frame: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 52EF36047C6A24B5197374D3CBE4093C
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 78A87C75F8BB8D0844563F4850684583
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8A318F6D1D424C0027FD88AA6CB2AA2A
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: AFF6DCBA56BCD1AA37D3B2FE3FFDC4A6
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kdwra9x5629yc226qgk405v86qkhm2bvz3t6ezrba1ew160ecy0ws9w18tfg4k762yvxk19kev0zg83y77y3pj7c20mp3vharynxxz0bqqk4b5gnttv867q2j4qzbmq823hpdcm7rngnjsqjj4x73dyx3be9avfr6v5wq8c7br5nrgxw4s14j1azrha8j28ynr1v2pahme1zvsnvygd5dsj7789dk8a7xxsbcjsfhha9ved4zv7bzkykqypf2zsh5me68ptxdjw2bajxm5jk6k9bdaztygprb7800b34bthqhr75p3nmypyq5wx7egj1p85cd6dwdcnpkg47xpe50cxem5sxzpr75912qykxar6wmgtnv6k8jqqn34spz2bb5cmedq2a0vyz9d8xzr7bghe2j0s0z5hmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYAUnWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTiAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctwUfOZlQKwD52iqoQ5ejFMrZ_o4uAngBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Sxl_WqCWT4-KzPG1DCvRWvt-YXQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: C5C2009CF6D1CFFC4907B7A67F7AF1E8
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 57D4647945A482F797795AFE2A731EC8
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jac426eaq86yk5w1xvax0jhx0g80f05zbfexbzr4vrq9ze74zcqdj9ff0edq455qpnmdb3tvtgwk747mgqph0k6zzqxmqj8r3yztxze8f314tyq7k3qnbj4p08cpveb3jynbmccphdq0f6x9hdy3dhhn37cx7wbcexrb05k9bs3yf5v2sbmebgytqx838kg6gg32hra1sz8ef99c6zzkmdjzgb6xmb096vbf15wxjp5z453fv11pr3kjvqc5367qvzrmv2y0e3g1zcpgf834b9qsma2jhfz86p9myb1x78mp1yffpw2hyygt15m25ghr2wvn2t1p06gb338sgz7n98hv5e0ca81z79qfxe7vnq9c47yq9w82hxhffx9nvg36852p9q2ntwb7pe0335vmrzq6kaw8zfnjg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_QO9WKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelDPIlHs_ZVmNnB5EYIeGPoOLZr65m-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0N4Q_l61RmBjzPIfeIbON5xTwMEQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: 8B0138F42B5974EDECFC6FBC72433699
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D015E6E05DBAC4409AFC5DAA9C1E0CC1
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j9zk28smej82epga63ktbq1xasrszc8pq6mmtpdxxfa86wba1c9dny6a52k8v70kk4ar9f2ffgm9n41v6vjvn9w83wfdcyw5nf0gf9671r4dyjzkb4eft2cs7xxnw6kej4ezp64g74877berv338gt62qsz7waaay6w34tp2pydw2pqd97cdct6j72v10gtanc73ecw25d319gy016xvdav3r46e121v1fm2z5m2twnd4dthvftgv48w1yfwtsm9fgre6v2e6mv7msnzkwrfjk58ws6tbntw1nv78fn44gg6ym0b4aj32drhp7am8nywrtzrswpp137xbgresf4pqwx6q9rmm46ww2eaqyencm6nwdtsbtvjsj2szx74ed2thvsbxr5cv7pw5earzzgy2k3gcdwf41dv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUMxWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4tYqWCKkwOodaHHcAnK_548kQL0SGOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RAIrtzkQuqd0ubr5z3zDXAD9KzA%26client%3Dca-pub-3282547114800347%26adurl%3D
Frame ID: 51BAF05ABABC2FCCE3A0F1864746DDA4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2159704039DF5FB718F9904CBA6D41AF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EA6C4EAF830DE185E30BFEB9D6392784
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B43FF9C56FCFBC329EADF9685CA781B
Requests: 2 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/250/00/db/47/eb/index.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr%2Dbm1gPIAQmpAsWfM4y3d7M%2D4AIAqAMBqgTjAU%5FQjbNpQBk2EWkSo3zYrJser4%5FBmNrPdFNQHq6OLcPG7vLThXy9sYH%5FsaRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go%5FSWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4%5FmpJSlQbMkrtwMlwC9M0rRmwpwfyU%5F4y4KvAOeuskD15CGgqAqS6%2D1wxzcTQCDVnPZr24iuRpqq2eFuB%2D9D%5FTZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a%2DG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64%5F0qM13%5FohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca%2Dpub%2D3282547114800347%26adurl%3Dhttps%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx%2Dauction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3Dhttps%253A%252F%252Fad3.adfarm1.adition.com%252Fredi%253Flid%253D7023262846072259801%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7023262841771980939%2526sid%253D4662864%2526kid%253D4646472%2526bid%253D14370795%2526c%253D53455%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: CB2CE0B955DFE158035330F327092062
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Frame ID: 8021740CA8999D54EE418F2F94982A2C
Requests: 13 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 46F54E371EFC048313B1810040AFE851
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F011498CF1291D7711BAE08BF4F1D22F
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 582858D680A6AAB0AE550FD8C6D11233
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9A5B3F987E746F58DDB68694616DAAE9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7C3D6F87011945ECE76174E0B7755891
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 40E296C80A2AF22C7A6C39235FB08A08
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C9F9D6E484AFE740467F29F1A7F6C57A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2FFF2B6FF024AF7AABCB14B34EB460D4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D47CA75F6A8616C5FEB79D098B957D39
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0E3F798D1998EE9089AE97B1F48C052C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EEA6946FF4A2EFCCD498F2BC59F0D626
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A7835692E2EC5A2743079B61FA67906
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1A1225E35B1B9FB652A68BDE9DE15C84
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16467BE790E85045E26AFDA2A8EC393B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 06EE1A1929CF2D451844F4B83B73BEDF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 350350A7268E4122991FD26AAB483A0F
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Frame ID: 7A5A49419103105B5C3E400FEF1D559B
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 940B96A35BCA051500BD4D58D0E9F6CF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A35CCA40B8B05EC9CA0A1600704CAC05
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Frame ID: 6F8E758DAB64F96EC60CC61A1BFCB600
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Frame ID: 3FC2783360BE559D4C5CD73382800DFE
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Frame ID: 44284C8FC1F1EB6575861198C22BD09E
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=56666%2C765%2C19840&b=9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2Td%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAGT7%2Cm3AsefGfARbfmHZHZtzt6rQtDTwTX8AfA&f=13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7MjfA%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQT9%2C7QZTqfzf16VCrHXHgtECkZ5SGT1Tr9ZuM&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=2239bd0826168675d51c52c5466b5264%2F9327653644529426845&i=22427%2C1676%2C22610&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810491&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kt1y4jt0nvh2jf6yr97v6f7j67xxjkx7dqa0a57be6eag1xwgcaxg3d5cegvf8c5kmew4s2jt7c3cg1wznb2n7atf6332yx50p12zxgwzaz6n707arzkvjyjaekdkqjxxk9f2hwmsqmgea6qkdzb0vzc4hqtw2yccnkvnrc5sg7sztdwmj9v1zvfdbdfq9rf8ck1hpx33es8y5va82d15wk11h1ec4qzaemrtpd2dbhkgpdqcvjqq4sck59m8bqehj98vxqke4g4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYAUnWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTiAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctwUfOZlQKwD52iqoQ5ejFMrZ_o4uAngBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0Sxl_WqCWT4-KzPG1DCvRWvt-YXQ%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Frame ID: DD2F0304A6AB7BF7AB2FB6040DDED851
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=af13e495a88df0eea36838b00d59c3bf%2F17593796819662339678&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810494&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k3hy1bg3yrjrf59v3n8kz5d710z9pnqtfe1dfgnaspy0bekczmc1wfem53gs24x3e4csgk0y3n2hsq2bywbrf1y5bmaxas0bvdegtc8k4bmswcx1xsz8gxwhz0rr9dtsyc1gznys9vcwy932h5t8b71tmsxj0kv1e17wt27nbzcegqnnz9g8ee9spjyeyvw29bfmzp5cxemh9x864k4xjapq5kd3vz3s50gevctm2xvq60fh8x9nq1ww78d1bnat9r8ntzjcc4xr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_QO9WKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelDPIlHs_ZVmNnB5EYIeGPoOLZr65m-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0N4Q_l61RmBjzPIfeIbON5xTwMEQ%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Frame ID: 578CDC504A88D0381077ED0AA10D34E3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=161178%2C37798%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=663fe86585a1b99aa877f767806f4e2a%2F11435454982926394521&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810508&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h7mnxe3gt4bt6ze26zww85apdtz01a3tnbavfyevaynywjrdpb6r1e4vdktgdxd52fennhrzz1wrang0jnpr48t3bwtepeh3mj1zc4zhpkrs5qk3gpjdq1skzc001ka4rby3wejyga5hwsgkw5aa3jvz6e0xd8n27dqcd0jzdmbqq9bhvkjgn8594d1p7q7vad5hs41ar2f1ba4mb1x5m99gn31bf5f9hc338y0tccak0380nj7rzr1vcaavnfpc2970dd0tvnzy%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNUMxWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4tYqWCKkwOodaHHcAnK_548kQL0SGOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0RAIrtzkQuqd0ubr5z3zDXAD9KzA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Frame ID: B117DDE05996567A6ED6B9C9F4C75F27
Requests: 1 HTTP requests in this frame

Frame: https://www.autohaus-koenig.de/htlp/?coyotetrackingid=386115884
Frame ID: 7C811932862D8FADE3984F968D93AE51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Its Showtime September 16 2021 Today HD Episode - Pinoy Teleserye

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1307
Requests

97 %
HTTPS

0 %
IPv6

82
Domains

114
Subdomains

57
IPs

4
Countries

21241 kB
Transfer

45978 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 47
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 49
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 51
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 53
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 55
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 57
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 59
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 61
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 63
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 67
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1 HTTP 301
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Request Chain 805
  • https://fksnk.com/cs/google?google_gid=CAESEAXNy8YM_WZCwUy1wNWC5XY&google_cver=1&google_push=AYg5qPKgMv0B-CtZKMcL7wEkgHPSXN5GZwz4ya6lM9zgZHoeSXzNnVvJbHEDVgOQu_i7p9Wact8MLUjd9MSQoiJ_ormQm0Y6Zf70iw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzZENjk0MDg1RUUzNzc4Mw==
Request Chain 807
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA7g2GGIKbPQpyXkZOGntS4&google_cver=1&google_push=AYg5qPJ3R1prYEJ6iLlOpnOyI22MTBfvaVX6hRO2TEdpeRgg9oSYifks_oIJocWOyvkgyH1oxKTJZwQIUKZNeJaO6hCNoRo5686X6Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y3UTdBTzAtVS1GUFRG&google_push=AYg5qPJ3R1prYEJ6iLlOpnOyI22MTBfvaVX6hRO2TEdpeRgg9oSYifks_oIJocWOyvkgyH1oxKTJZwQIUKZNeJaO6hCNoRo5686X6Q
Request Chain 808
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEK1Nq1DxqjKz3b3JjNZFvBo&google_cver=1&google_push=AYg5qPKJJqr_1F6IwSA4gM5Iv4bWi7_2Bx095XNIbZidLohHKzSkLM9a8Ktm8KdLqZrCzwuYl2n45d7ckDK-5n-EhVPETB4XgByNXg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=UjVXaTE3R2RJdmw3&google_ula=2046794&google_push=AYg5qPKJJqr_1F6IwSA4gM5Iv4bWi7_2Bx095XNIbZidLohHKzSkLM9a8Ktm8KdLqZrCzwuYl2n45d7ckDK-5n-EhVPETB4XgByNXg
Request Chain 810
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKE0YotPDqoy_b5nplnnndA&google_cver=1&google_push=AYg5qPKjyMkmGOsQ0eB8H86jb37H60nl2mUg0HabWT6DDvuP3yk3KCw4cgwoTFOkQS7_r8MHLC-qu1Xwx7AZBlHQhSzpLnfG14HG6Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKjyMkmGOsQ0eB8H86jb37H60nl2mUg0HabWT6DDvuP3yk3KCw4cgwoTFOkQS7_r8MHLC-qu1Xwx7AZBlHQhSzpLnfG14HG6Q
Request Chain 811
  • https://cs.media.net/cksync?type=g&google_gid=CAESELEqbxDXWYkmcRTkDA1hP88&google_cver=1&google_push=AYg5qPKGmJ0TiNijFvwtHShTl0qps6PDmecamS1Ru4HezxUUiPdOkK9Y-0qYhs_tsc_xWN5balg1J-e9KdjnsU1BEHUT6kmDW0JZyw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKGmJ0TiNijFvwtHShTl0qps6PDmecamS1Ru4HezxUUiPdOkK9Y-0qYhs_tsc_xWN5balg1J-e9KdjnsU1BEHUT6kmDW0JZyw&gdpr=&gdpr_consent=
Request Chain 813
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKhfKQ6oRdfnCBMCuWY7QqM&google_cver=1&google_push=AYg5qPLls3iZxyoVfNsjN2yWeAc6sLqJ2BNi0d-hvEQGrC3M3FKpblqMsdr3FH0vJ5UkmpDaSXIjcwJkSPhXk1HQkt8ZTfsX0WqZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLls3iZxyoVfNsjN2yWeAc6sLqJ2BNi0d-hvEQGrC3M3FKpblqMsdr3FH0vJ5UkmpDaSXIjcwJkSPhXk1HQkt8ZTfsX0WqZ
Request Chain 814
  • https://um.simpli.fi/gp_match?google_gid=CAESEOEqbj8QP4YJk_ev17_L9h4&google_cver=1&google_push=AYg5qPJERL3HO9QAt4xAUG-dDgBGVosOTh_iwEm9oQE88-rQ_0vcWzH73pd3SUwtiR3L7SoGJccmpargQbrc9eUrC-TDOHBqOdM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4BBC99F38D2A46BF9B24531513E07064&google_push=AYg5qPJERL3HO9QAt4xAUG-dDgBGVosOTh_iwEm9oQE88-rQ_0vcWzH73pd3SUwtiR3L7SoGJccmpargQbrc9eUrC-TDOHBqOdM
Request Chain 815
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGNTg8Zk214pK5XCX5Z5jhU&google_cver=1&google_push=AYg5qPLJo1cuogQMADunaE3reFBXZvt-1q_fekrsu0broQojedzIdKpWF-Mv-voazmIGY6vq7EWybYMc6Q_V6EaaUsJDCyFdIU8G HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzI2Mjg0MTc3MTk4MDkzOQ%3D%3D&google_push=AYg5qPLJo1cuogQMADunaE3reFBXZvt-1q_fekrsu0broQojedzIdKpWF-Mv-voazmIGY6vq7EWybYMc6Q_V6EaaUsJDCyFdIU8G
Request Chain 816
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPJ2BgZ3BCQmtkKKGDhuielMqyAiqvR-EQK1teDQ9ODYb-SrSjfp64l6SlBgX2aKNxdGWlD6c1z-6Yt9KREY-qfVS6EUrtGX HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPJ2BgZ3BCQmtkKKGDhuielMqyAiqvR-EQK1teDQ9ODYb-SrSjfp64l6SlBgX2aKNxdGWlD6c1z-6Yt9KREY-qfVS6EUrtGX
Request Chain 817
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPJu1e2SqQ4FL4ZTN8ZtnG2ZIPD6NySP2HB98IXPAeigRcPZ34b6EXQIlpt1Q9LcX_n9eihKj3TOVTm2Sg3G0AmTnDd9LFnx HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPJu1e2SqQ4FL4ZTN8ZtnG2ZIPD6NySP2HB98IXPAeigRcPZ34b6EXQIlpt1Q9LcX_n9eihKj3TOVTm2Sg3G0AmTnDd9LFnx
Request Chain 819
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFFLyjnVGRdavkUv4kfTrbo&google_cver=1&google_push=AYg5qPJLEghW9NhpSOwKBT7l73dnp45inX6xtTls4Q_DWp1MDlcgq6pb1nQpSE7Pr0zK4h0BGylXZz2SlUhqdg5zsClYoMSnjsV7 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJLEghW9NhpSOwKBT7l73dnp45inX6xtTls4Q_DWp1MDlcgq6pb1nQpSE7Pr0zK4h0BGylXZz2SlUhqdg5zsClYoMSnjsV7&google_gid=CAESEFFLyjnVGRdavkUv4kfTrbo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPJLEghW9NhpSOwKBT7l73dnp45inX6xtTls4Q_DWp1MDlcgq6pb1nQpSE7Pr0zK4h0BGylXZz2SlUhqdg5zsClYoMSnjsV7
Request Chain 825
  • https://um.simpli.fi/gp_match?google_gid=CAESEOEqbj8QP4YJk_ev17_L9h4&google_cver=1&google_push=AYg5qPIKgyLWFnhRoA-KVRuJdPiDLuStB11osIHs1CjPDiVXEL2KNopoEsFAI0fdduCLuHEfnhIBf3-KTu2wUZpHKCJQ0DwW4NL0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17DE5C7B864B46579AE4222FB6BB3A3D&google_push=AYg5qPIKgyLWFnhRoA-KVRuJdPiDLuStB11osIHs1CjPDiVXEL2KNopoEsFAI0fdduCLuHEfnhIBf3-KTu2wUZpHKCJQ0DwW4NL0
Request Chain 829
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPKstH5UbFVVUyKWY218GfPlzDtHuIMVt2yu0xKlEwjF7mUqsk-zJ5mT2oUV-m8RreOpHyaWyhDxK-gd_0rXmDM_njxVfR_sZQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPKstH5UbFVVUyKWY218GfPlzDtHuIMVt2yu0xKlEwjF7mUqsk-zJ5mT2oUV-m8RreOpHyaWyhDxK-gd_0rXmDM_njxVfR_sZQ
Request Chain 831
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGSDuE06tgkOg71rqq2hkDY&google_cver=1&google_push=AYg5qPJsYo6Qf00uxdKx-Drhc7uyj6AXQuOFgv2xueXxp_8ndV95XdcsTXgVUrdX3ra74rQRpY7U7wElMVG6BsPSCTGuXrdp6wqF4A HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGSDuE06tgkOg71rqq2hkDY&google_cver=1&google_push=AYg5qPJsYo6Qf00uxdKx-Drhc7uyj6AXQuOFgv2xueXxp_8ndV95XdcsTXgVUrdX3ra74rQRpY7U7wElMVG6BsPSCTGuXrdp6wqF4A&rdf=1
Request Chain 850
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIwsnHAQG4TUK6b1NEMIN4U&google_cver=1&google_push=AYg5qPIH9LnHwm-qOM3nuHWPRymvigkR5jXrHgvl0-cF6XIdAhCyR1_JXe087ca6SQkSFot9zBlMqLTaV34tYGIwm2tEkgvKLbi7CQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIwsnHAQG4TUK6b1NEMIN4U&google_cver=1&google_push=AYg5qPIH9LnHwm-qOM3nuHWPRymvigkR5jXrHgvl0-cF6XIdAhCyR1_JXe087ca6SQkSFot9zBlMqLTaV34tYGIwm2tEkgvKLbi7CQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIH9LnHwm-qOM3nuHWPRymvigkR5jXrHgvl0-cF6XIdAhCyR1_JXe087ca6SQkSFot9zBlMqLTaV34tYGIwm2tEkgvKLbi7CQ&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
Request Chain 851
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPL0jlCFgLZ0hJIB7ZzA31TLdg-br-gp6VXmquqeew-xIMXwQmOkaNZqtuRcjsIr3rd-jeFA_rWdJABHBhrdAhxAuFWtTfLrZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM1MTA2Mjg5NTQ5Mzc3NjE3NA&google_push=AYg5qPL0jlCFgLZ0hJIB7ZzA31TLdg-br-gp6VXmquqeew-xIMXwQmOkaNZqtuRcjsIr3rd-jeFA_rWdJABHBhrdAhxAuFWtTfLrZg
Request Chain 852
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPJrNbP8IUu0R67rVXo0W7k&google_cver=1&google_push=AYg5qPLg7aUijGv9wsPyZu7w0YSwxJAw2jnk9FP5PqfcTu6RDWe9f6jrGssH7e7THoP0T-eZai3IXH3NNE-wdApzuJUYj3y5_LVbMQ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPJrNbP8IUu0R67rVXo0W7k&google_push=AYg5qPLg7aUijGv9wsPyZu7w0YSwxJAw2jnk9FP5PqfcTu6RDWe9f6jrGssH7e7THoP0T-eZai3IXH3NNE-wdApzuJUYj3y5_LVbMQ&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXekWCieGtnP6ifADr2TcgAABHcAAAAB&google_gid=CAESEPJrNbP8IUu0R67rVXo0W7k&google_cver=1&google_push=AYg5qPLg7aUijGv9wsPyZu7w0YSwxJAw2jnk9FP5PqfcTu6RDWe9f6jrGssH7e7THoP0T-eZai3IXH3NNE-wdApzuJUYj3y5_LVbMQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXekWCieGtnP6ifADr2TcgAABHcAAAAB&google_gid=CAESEPJrNbP8IUu0R67rVXo0W7k&google_cver=1&google_push=AYg5qPLg7aUijGv9wsPyZu7w0YSwxJAw2jnk9FP5PqfcTu6RDWe9f6jrGssH7e7THoP0T-eZai3IXH3NNE-wdApzuJUYj3y5_LVbMQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXekWCieGtnP6ifADr2TcgAABHcAAAAB&google_gid=CAESEPJrNbP8IUu0R67rVXo0W7k&google_cver=1&google_push=AYg5qPLg7aUijGv9wsPyZu7w0YSwxJAw2jnk9FP5PqfcTu6RDWe9f6jrGssH7e7THoP0T-eZai3IXH3NNE-wdApzuJUYj3y5_LVbMQ
Request Chain 856
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPJpqmo-T0ZcxWiJK60lnaSE6X7e_pZIEiIvbB8U6N5-1Qtp6UB0N3HIUG4I5w1UY5ucajxrZF1CmcxmcTFtSMgOHWRvA0k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_push=AYg5qPJpqmo-T0ZcxWiJK60lnaSE6X7e_pZIEiIvbB8U6N5-1Qtp6UB0N3HIUG4I5w1UY5ucajxrZF1CmcxmcTFtSMgOHWRvA0k
Request Chain 858
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELiZEGIdlx_7f-I-Vq1bOJ4&google_cver=1&google_push=AYg5qPJUNUpg2W5WND3UoIT5X2SJ8yQNnm8Gi7HPbF39dxkUjnZvRE3uWRiihFhZFtr2CIJKQawQkWTzlnDAfxvzs17NKjhEfA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJUNUpg2W5WND3UoIT5X2SJ8yQNnm8Gi7HPbF39dxkUjnZvRE3uWRiihFhZFtr2CIJKQawQkWTzlnDAfxvzs17NKjhEfA&google_hm=hmF3pFht5znJGcFr3Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6177A4586DE739C919C16BDDBLIS
Request Chain 859
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPJcZmHkAG4tDwZfhriXRE0hqvzO9yhOdZXUdBmsjEJZUNFMelQVwaPI95Pmjxx5nezyh1Op7wIO--QBi2_6eXWPwboeex0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJcZmHkAG4tDwZfhriXRE0hqvzO9yhOdZXUdBmsjEJZUNFMelQVwaPI95Pmjxx5nezyh1Op7wIO--QBi2_6eXWPwboeex0
Request Chain 860
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPIrKblLuSrTkcVC5LOmBdXqJ5dueMtUQtPPXl_TerMLPDIcpcr5q2NDpz4Kf4FMW44NFsVuPyBtiy4XY8xIIVI5AcoxuQw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1MzQ0Mzc2MDg2MjAxMjI3OA&google_push=AYg5qPIrKblLuSrTkcVC5LOmBdXqJ5dueMtUQtPPXl_TerMLPDIcpcr5q2NDpz4Kf4FMW44NFsVuPyBtiy4XY8xIIVI5AcoxuQw
Request Chain 861
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOTWl_FRqihe81hpW0K1uVU&google_cver=1&google_push=AYg5qPJewVEtad6I0-143t41woO9M8h8xMbVwRxa_JeaIns4TnfrzqaBajhHYzNrvIRCIImkr90j3ll3Q2vgwDnhxg-59a4wMw HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOTWl_FRqihe81hpW0K1uVU&google_push=AYg5qPJewVEtad6I0-143t41woO9M8h8xMbVwRxa_JeaIns4TnfrzqaBajhHYzNrvIRCIImkr90j3ll3Q2vgwDnhxg-59a4wMw&s=2
Request Chain 862
  • https://cs.media.net/cksync?type=g&google_gid=CAESELEqbxDXWYkmcRTkDA1hP88&google_cver=1&google_push=AYg5qPIt9adKVOrN2B4540sSjH2uKs5laABg-QiE1brPWJ5WwLrsmDRFefDtiDLTbJ1vfYYzFSmWDbUccGkFVTDOYsq4kLVYFpE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIt9adKVOrN2B4540sSjH2uKs5laABg-QiE1brPWJ5WwLrsmDRFefDtiDLTbJ1vfYYzFSmWDbUccGkFVTDOYsq4kLVYFpE&gdpr=&gdpr_consent=
Request Chain 865
  • https://tracking.m6r.eu/impression/creative?format=script&creativeLinkId=c353a180-a1ea-487d-a047-52014a213b0b&id=adx-auction%3A6177a457000726d90a77fb844302d76b&mbrUserId=fa5c8f50b3abeba1f95937f3f693ff9c&adxPrice=YXekVwAGTfwKd7QDAAg7HlHSd4zBZ3J0v3sbLA&sync=adx&target=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr-bm1gPIAQmpAsWfM4y3d7M-4AIAqAMBqgTjAU_QjbNpQBk2EWkSo3zYrJser4_BmNrPdFNQHq6OLcPG7vLThXy9sYH_saRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go_SWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4_mpJSlQbMkrtwMlwC9M0rRmwpwfyU_4y4KvAOeuskD15CGgqAqS6-1wxzcTQCDVnPZr24iuRpqq2eFuB-9D_TZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qM13_ohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca-pub-3282547114800347%26adurl%3D HTTP 302
  • https://tracking.m6r.eu/impression/creative?format=script&creativeLinkId=c353a180-a1ea-487d-a047-52014a213b0b&id=adx-auction%3A6177a457000726d90a77fb844302d76b&mbrUserId=fa5c8f50b3abeba1f95937f3f693ff9c&adxPrice=YXekVwAGTfwKd7QDAAg7HlHSd4zBZ3J0v3sbLA&sync=adx&target=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr-bm1gPIAQmpAsWfM4y3d7M-4AIAqAMBqgTjAU_QjbNpQBk2EWkSo3zYrJser4_BmNrPdFNQHq6OLcPG7vLThXy9sYH_saRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go_SWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4_mpJSlQbMkrtwMlwC9M0rRmwpwfyU_4y4KvAOeuskD15CGgqAqS6-1wxzcTQCDVnPZr24iuRpqq2eFuB-9D_TZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qM13_ohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca-pub-3282547114800347%26adurl%3D&checkcookies=true
Request Chain 892
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAkOKuOR3K6tNpRJJ7V33yg&google_cver=1&google_push=AYg5qPLkrtB8frq5Di0TipK14f7nXeW-x-7Jd_-WXJdefyuro5M8OVLaAVZiu_XzDlxAvreg2woDVJnLJaO-QDfqyKa9TIo_Rg-Qvg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=M2lwVZhISqKBQ7mvRMIVMg2&google_push=AYg5qPLkrtB8frq5Di0TipK14f7nXeW-x-7Jd_-WXJdefyuro5M8OVLaAVZiu_XzDlxAvreg2woDVJnLJaO-QDfqyKa9TIo_Rg-Qvg
Request Chain 893
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELEMrX5n7ZyXDEVy7z6rZYg&google_cver=1&google_push=AYg5qPJmW3Cfh2Pb47vvC4B0SP5m8xdF0Fd8o9KU3P4gGiY9_oPos9IxuyB9S4FC5EhGEHHHizrkHe9p09zkwBBDC5T4Q2oOMc1Vnw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJmW3Cfh2Pb47vvC4B0SP5m8xdF0Fd8o9KU3P4gGiY9_oPos9IxuyB9S4FC5EhGEHHHizrkHe9p09zkwBBDC5T4Q2oOMc1Vnw&google_hm=MTQwMzA3NjkyMzcyMjc3MDg0Mg%3D%3D
Request Chain 894
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEAJl9XfjGV92pfjgA8o9Wkc&google_cver=1&google_push=AYg5qPL68budzDjznQ7MIY3TsSJdYTwA52AQdAcZGS3-Hdk35IiHgutcw6Uk5Hrc5Ap5gldde2FynyjBKI-2WSiIKuf03N9IkvWD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPL68budzDjznQ7MIY3TsSJdYTwA52AQdAcZGS3-Hdk35IiHgutcw6Uk5Hrc5Ap5gldde2FynyjBKI-2WSiIKuf03N9IkvWD&google_hm=QXVIYXNLeWlUeDR3R19QZzAxSXhxeGc=
Request Chain 896
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEPe_uP3BEH3eKSn9P3DFk38&google_cver=1&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA
Request Chain 898
  • https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEG0vBDR4lGTixmo8MAvRtQc&google_cver=1&google_push=AYg5qPKfsgWtfZRIrNrNANOiimdGgePnyYglolgGMbIQ5TmFu1imk8iDnEgbUWgjKaWAULYOL9g_SPCOwoahUTmaTrloS7hRzo-0QHc HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=12&google_push=AYg5qPKfsgWtfZRIrNrNANOiimdGgePnyYglolgGMbIQ5TmFu1imk8iDnEgbUWgjKaWAULYOL9g_SPCOwoahUTmaTrloS7hRzo-0QHc&exu=CAESEG0vBDR4lGTixmo8MAvRtQc HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=40c407a6-02d6-4fb7-885d-9368f0fcea3c&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D40c407a6-02d6-4fb7-885d-9368f0fcea3c%26google_push%3DAYg5qPKfsgWtfZRIrNrNANOiimdGgePnyYglolgGMbIQ5TmFu1imk8iDnEgbUWgjKaWAULYOL9g_SPCOwoahUTmaTrloS7hRzo-0QHc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=40c407a6-02d6-4fb7-885d-9368f0fcea3c&google_push=AYg5qPKfsgWtfZRIrNrNANOiimdGgePnyYglolgGMbIQ5TmFu1imk8iDnEgbUWgjKaWAULYOL9g_SPCOwoahUTmaTrloS7hRzo-0QHc
Request Chain 900
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJtMei8Ek6WhrpiwwuYLpgK8gzJYRNiNPJFlBd0oNS0kGKbh0qANdWQpKBzD-u5C0GHfCQiMxreRgin-di1a5WbOxTMYBio HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJtMei8Ek6WhrpiwwuYLpgK8gzJYRNiNPJFlBd0oNS0kGKbh0qANdWQpKBzD-u5C0GHfCQiMxreRgin-di1a5WbOxTMYBio HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJtMei8Ek6WhrpiwwuYLpgK8gzJYRNiNPJFlBd0oNS0kGKbh0qANdWQpKBzD-u5C0GHfCQiMxreRgin-di1a5WbOxTMYBio
Request Chain 901
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKhfKQ6oRdfnCBMCuWY7QqM&google_cver=1&google_push=AYg5qPKioXp5jwEEXRdKyVpCCko-_Y-dDNOmhKtvlpYf2x0n6qs6XG7H2lWPggod5bTUk2C71BvK7WdV079CLoRCiHJhgNZxL_fv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=L6Rhd6RXQwC91ELUV_tyvA&google_push=AYg5qPKioXp5jwEEXRdKyVpCCko-_Y-dDNOmhKtvlpYf2x0n6qs6XG7H2lWPggod5bTUk2C71BvK7WdV079CLoRCiHJhgNZxL_fv
Request Chain 902
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGNTg8Zk214pK5XCX5Z5jhU&google_cver=1&google_push=AYg5qPI_hJtlfCjocm2ycuYjCpCpLHpLo3FEOYxWycKVFJTdaXoLMtHiQWZ2PG1bsWwbhbeWbZLObwO0D_pZWhimxd4Qe99_0ce_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzI2Mjg0MTc3MTk4MDkzOQ%3D%3D&google_push=AYg5qPI_hJtlfCjocm2ycuYjCpCpLHpLo3FEOYxWycKVFJTdaXoLMtHiQWZ2PG1bsWwbhbeWbZLObwO0D_pZWhimxd4Qe99_0ce_
Request Chain 904
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKgHrq6R5LT4cUsThnDE4gE&google_cver=1&google_push=AYg5qPL4H12NMT65aRZVFuk12fhMHlcXvN-xMEUQOPbU5becIqx1mmbuuWWmaNLZo2qoHnBw1ZJDG-uLEGQI2klSEpVq4SILDeA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tE-UdoBcQutd6jgZOPDuT9iDby4&google_push=AYg5qPL4H12NMT65aRZVFuk12fhMHlcXvN-xMEUQOPbU5becIqx1mmbuuWWmaNLZo2qoHnBw1ZJDG-uLEGQI2klSEpVq4SILDeA
Request Chain 906
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEMJq9upkybf00gaAWM7QgVI&google_cver=1&google_push=AYg5qPLsFYzp9bZ8RwSmGYVIs_AeS-vDBDHBNoGydkuxeJ6uYunwu1tRTUpZIavYeta-vFJROFFfBgoVBzkGLjV-hntso4bBJkbV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLsFYzp9bZ8RwSmGYVIs_AeS-vDBDHBNoGydkuxeJ6uYunwu1tRTUpZIavYeta-vFJROFFfBgoVBzkGLjV-hntso4bBJkbV&google_hm=Mjg5NTI0NzE5MDQwMDEwMjYwOQ==
Request Chain 908
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAkOKuOR3K6tNpRJJ7V33yg&google_cver=1&google_push=AYg5qPIadxOP_yMTq758SIM1Rr2P50mWCp5ueZJqGMYqZ_3eA0JxqcDyWYpgsh3Smjjur5edbX7bht3wHFbKOX7hWxsqvIkvfU4T HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4uGdcOA3Tyi_YQbVVm72Hw2&google_push=AYg5qPIadxOP_yMTq758SIM1Rr2P50mWCp5ueZJqGMYqZ_3eA0JxqcDyWYpgsh3Smjjur5edbX7bht3wHFbKOX7hWxsqvIkvfU4T
Request Chain 909
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELQp2NWFqDAmJ4GUspa7HLk&google_cver=1&google_push=AYg5qPLbGQCWRQQtpBoLWy8jVFzheH_55DRD-sIw7RtmCsZpgbev2SQupv5awpa34mSnyDGI2tf5c1uWfioAl6jugZU_BaFl_yfz HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELQp2NWFqDAmJ4GUspa7HLk&google_cver=1&google_push=AYg5qPLbGQCWRQQtpBoLWy8jVFzheH_55DRD-sIw7RtmCsZpgbev2SQupv5awpa34mSnyDGI2tf5c1uWfioAl6jugZU_BaFl_yfz&prevuid=&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLbGQCWRQQtpBoLWy8jVFzheH_55DRD-sIw7RtmCsZpgbev2SQupv5awpa34mSnyDGI2tf5c1uWfioAl6jugZU_BaFl_yfz&google_hm=
Request Chain 910
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEAJl9XfjGV92pfjgA8o9Wkc&google_cver=1&google_push=AYg5qPKVBQ6-NKHB2xCFIVK-KW06OOmLZuFXHaHaHF_6cD8jDoZEoyyUGNfcbYoGdF5qR9vz0lcaXkYwYkYDONJ9ltiqcfQ1tB6wNQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPKVBQ6-NKHB2xCFIVK-KW06OOmLZuFXHaHaHF_6cD8jDoZEoyyUGNfcbYoGdF5qR9vz0lcaXkYwYkYDONJ9ltiqcfQ1tB6wNQ&google_hm=QURCaDhjdEltYnUtWncyTE5CSTFoR3c=
Request Chain 911
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKE0YotPDqoy_b5nplnnndA&google_cver=1&google_push=AYg5qPKa0f8t8R01nHKDv9BBdZRdqIjn9GFe652cle5Vt7sz-YLgkEyN3nn_ZsU1CjrVNerZe6cv_lNOmFggY78-khLcONKBBNUvcA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKa0f8t8R01nHKDv9BBdZRdqIjn9GFe652cle5Vt7sz-YLgkEyN3nn_ZsU1CjrVNerZe6cv_lNOmFggY78-khLcONKBBNUvcA
Request Chain 912
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBfeb0FH5sgBRTseeaHsPDM&google_cver=1&google_push=AYg5qPIs1AR6eRnddqp-YQPus1WZfXG90JKtfqbNfsKlIMLytnv-uRsM66GmbMBeclqdJv5aVPfb96Ky2oF2vNgP_LlTGR8TMHn8F1k HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBfeb0FH5sgBRTseeaHsPDM&google_cver=1&google_push=AYg5qPIs1AR6eRnddqp-YQPus1WZfXG90JKtfqbNfsKlIMLytnv-uRsM66GmbMBeclqdJv5aVPfb96Ky2oF2vNgP_LlTGR8TMHn8F1k&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBfeb0FH5sgBRTseeaHsPDM&google_cver=1&google_push=AYg5qPIs1AR6eRnddqp-YQPus1WZfXG90JKtfqbNfsKlIMLytnv-uRsM66GmbMBeclqdJv5aVPfb96Ky2oF2vNgP_LlTGR8TMHn8F1k&apid=UP7e0b15d2-3628-11ec-92f1-06c633d59412 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3ZTBiMTVkMi0zNjI4LTExZWMtOTJmMS0wNmM2MzNkNTk0MTI%3D&google_push=AYg5qPIs1AR6eRnddqp-YQPus1WZfXG90JKtfqbNfsKlIMLytnv-uRsM66GmbMBeclqdJv5aVPfb96Ky2oF2vNgP_LlTGR8TMHn8F1k
Request Chain 913
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMLGW_0MN4VBTVnKkphQUNU&google_cver=1&google_push=AYg5qPK9X9VwtxjenOpbCIXyCnoBDIuPFqxi7cvcitB9l2LxFHTpQOUpBRHttuZU3GhlaYYPYgC6IHQSrYTEGFi7tN0qvQpgb7QdzKc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPK9X9VwtxjenOpbCIXyCnoBDIuPFqxi7cvcitB9l2LxFHTpQOUpBRHttuZU3GhlaYYPYgC6IHQSrYTEGFi7tN0qvQpgb7QdzKc
Request Chain 914
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEI7BYT8ZsyUKrG7FJ7UFZ5w&google_cver=1&google_push=AYg5qPKWrbfFrFWEsiZhb0P3bBbSoHqhIWtstEJheLiOojheQv2zZvE_UTz9fQC3oGjx58ThYkr5NjAMZLZqDfdlUUvqwvy0oTmqM58 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OGJlMDMyNWYtOGY3MC00ZDMyLWIwMWItZDg5YjI4OTllNmRk&google_push=AYg5qPKWrbfFrFWEsiZhb0P3bBbSoHqhIWtstEJheLiOojheQv2zZvE_UTz9fQC3oGjx58ThYkr5NjAMZLZqDfdlUUvqwvy0oTmqM58
Request Chain 953
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE05YFd2tdevRZn3jJDUfgg&google_cver=1&google_push=AYg5qPJtEtj5PNJCqWuR7JIuyCNai8A3gVcTO9zVrraHdCxB85qpwrfkH4FwURDzBRZ2q5B95oP5jhbTyQen3mTaC-ZOQQ-KCUFP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJtEtj5PNJCqWuR7JIuyCNai8A3gVcTO9zVrraHdCxB85qpwrfkH4FwURDzBRZ2q5B95oP5jhbTyQen3mTaC-ZOQQ-KCUFP&google_hm=iRAq0OmjQM2sS1xqMxO7zC4
Request Chain 954
  • https://fksnk.com/cs/google?google_gid=CAESEAXNy8YM_WZCwUy1wNWC5XY&google_cver=1&google_push=AYg5qPLYRAAfxbmdeP7MAeeuIJgagH1YxO_CO-hW4Sef9uEgo7aN9jbPsXgAaYL-gcQZFXO7M3pLCN7IgeXuDfENBLGCouti4ZlP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzZENjk0MDg1RUUzNzc4Mw==
Request Chain 955
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELJsxJGzPCZsQAT2_U6bzGQ&google_cver=1&google_push=AYg5qPKLOTVle3wDe-u5myVSNcOvUYKlTfVwYSbnV4dICLkMXax9C5KoaC3kQgIadvvBotyxEUkc_YfOJGR4vp0KaEeRPa3I_fFI HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELJsxJGzPCZsQAT2_U6bzGQ&google_cver=1&google_push=AYg5qPKLOTVle3wDe-u5myVSNcOvUYKlTfVwYSbnV4dICLkMXax9C5KoaC3kQgIadvvBotyxEUkc_YfOJGR4vp0KaEeRPa3I_fFI&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKLOTVle3wDe-u5myVSNcOvUYKlTfVwYSbnV4dICLkMXax9C5KoaC3kQgIadvvBotyxEUkc_YfOJGR4vp0KaEeRPa3I_fFI&google_hm=cf745295171a9a0440edb135
Request Chain 956
  • https://match.360yield.com/match/ebda?google_gid=CAESEM69U3a1AallweLTK-DWo1g&google_cver=1&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtudsB1vM99XE2MzWw HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEM69U3a1AallweLTK-DWo1g&google_cver=1&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtudsB1vM99XE2MzWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtudsB1vM99XE2MzWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtudsB1vM99XE2MzWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtudsB1vM99XE2MzWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtudsB1vM99XE2MzWw
Request Chain 957
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFFLyjnVGRdavkUv4kfTrbo&google_cver=1&google_push=AYg5qPISQ8ZiDyhQTVn4Pn89VTRakr1UAYvoBSIMh-w1dAr6DPgP7N_wwUX70fYni3n4JtSb3LLLHK7zH23DYokG6qmWqZ35FS6X HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPISQ8ZiDyhQTVn4Pn89VTRakr1UAYvoBSIMh-w1dAr6DPgP7N_wwUX70fYni3n4JtSb3LLLHK7zH23DYokG6qmWqZ35FS6X
Request Chain 996
  • https://um.simpli.fi/gp_match?google_gid=CAESEOEqbj8QP4YJk_ev17_L9h4&google_cver=1&google_push=AYg5qPJbS8DuwOKO_bpW3FWF0AiM4LT65VkhbH4teb0td5-5h-HvUsl6v2VflocxZa6xssRlRl9MNPSUVHVkiod9PDgIXAD8Ink HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17DE5C7B864B46579AE4222FB6BB3A3D&google_push=AYg5qPJbS8DuwOKO_bpW3FWF0AiM4LT65VkhbH4teb0td5-5h-HvUsl6v2VflocxZa6xssRlRl9MNPSUVHVkiod9PDgIXAD8Ink
Request Chain 997
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELiZEGIdlx_7f-I-Vq1bOJ4&google_cver=1&google_push=AYg5qPKjGVabbeaVSBzxVFX2F-ztBGKkvqh6FNLqM42jxpSEjflwOVGuObERD0Ssv-dZLmpltkh-mcF7_HG2u46CPb49Sh1eqE0 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPKjGVabbeaVSBzxVFX2F-ztBGKkvqh6FNLqM42jxpSEjflwOVGuObERD0Ssv-dZLmpltkh-mcF7_HG2u46CPb49Sh1eqE0&google_hm=hmF3pFht5znJGcFr3Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6177A4586DE739C919C16BDDBLIS
Request Chain 998
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEN7FCimv0IDyJ2WZkCAmimw&google_cver=1&google_push=AYg5qPJTDmyrQWYtRbVoy7WuatL02OmJQJe9x-qePpLjj5UIi18DQPZC__k25laI6AapYwxUTQ0-GTuhJ98Eptv0nBAAnv08QQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-lyPULOr66H5WTfz9pP_nA&google_push=AYg5qPJTDmyrQWYtRbVoy7WuatL02OmJQJe9x-qePpLjj5UIi18DQPZC__k25laI6AapYwxUTQ0-GTuhJ98Eptv0nBAAnv08QQ
Request Chain 999
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIwsnHAQG4TUK6b1NEMIN4U&google_cver=1&google_push=AYg5qPKcqMVrhYtW8useA9HOOAt2azgtJDuj8Jwin-4veH7krTHpY7JU49LkSmCk9fHFOjVFajm5TX-dH7USl-FbdzRhOLzM0FY HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=da5b4089-2795-4384-b054-74e250c74418 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=da5b4089-2795-4384-b054-74e250c74418 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f76375ad-0db0-46df-8354-cb0aeb5713dd&user_group=1&ssp=google&bsw_param=da5b4089-2795-4384-b054-74e250c74418 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKcqMVrhYtW8useA9HOOAt2azgtJDuj8Jwin-4veH7krTHpY7JU49LkSmCk9fHFOjVFajm5TX-dH7USl-FbdzRhOLzM0FY&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
Request Chain 1001
  • https://cs.media.net/cksync?type=g&google_gid=CAESELEqbxDXWYkmcRTkDA1hP88&google_cver=1&google_push=AYg5qPLY_TsjGh_m2CVYE1JwkWNIdr0nO9lvEVYPe92xEd5Q9HRxncMNlYi7luBc1joYsQ1hwM4Sv2RVE7uRXTvYV34IACg5T7w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLY_TsjGh_m2CVYE1JwkWNIdr0nO9lvEVYPe92xEd5Q9HRxncMNlYi7luBc1joYsQ1hwM4Sv2RVE7uRXTvYV34IACg5T7w&gdpr=&gdpr_consent=
Request Chain 1027
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHhwrQIjPANHdjqc_iPd7V4&google_cver=1&google_push=AYg5qPIgwuX8rAZlPhxXwzPnYPnqPeJPMLwN1pYUZbTdchcP70SSNEj3Gl_DERikgYOpxf4I5fpCd4NI862-ppmaMguOsz_1TJ1Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgwuX8rAZlPhxXwzPnYPnqPeJPMLwN1pYUZbTdchcP70SSNEj3Gl_DERikgYOpxf4I5fpCd4NI862-ppmaMguOsz_1TJ1Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHhwrQIjPANHdjqc_iPd7V4&google_cver=1&google_push=AYg5qPIgwuX8rAZlPhxXwzPnYPnqPeJPMLwN1pYUZbTdchcP70SSNEj3Gl_DERikgYOpxf4I5fpCd4NI862-ppmaMguOsz_1TJ1Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgwuX8rAZlPhxXwzPnYPnqPeJPMLwN1pYUZbTdchcP70SSNEj3Gl_DERikgYOpxf4I5fpCd4NI862-ppmaMguOsz_1TJ1Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 1028
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPJB4ZHC9RCJixgh3avrWF4eA2306UpVN6Kn6QBqKLOFf06Q903Z1ccUj9skQ8RijzaETvhvAoLhgbJh9058jvQpcQXwaLM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPJB4ZHC9RCJixgh3avrWF4eA2306UpVN6Kn6QBqKLOFf06Q903Z1ccUj9skQ8RijzaETvhvAoLhgbJh9058jvQpcQXwaLM
Request Chain 1030
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPKavu1dMPP75KTLzv0fqTXDNRYKDhqtYPZMdobLF_YoUpyWCYNRGHNGjbHtXqHi4Yaw1hOCtCtneXd6t13LnZthI7Be5l6P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5NDYwNDAwNDgwNDU2OTEyMw&google_push=AYg5qPKavu1dMPP75KTLzv0fqTXDNRYKDhqtYPZMdobLF_YoUpyWCYNRGHNGjbHtXqHi4Yaw1hOCtCtneXd6t13LnZthI7Be5l6P
Request Chain 1032
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEgZ0QEfUM0_kixpw87EK5E&google_cver=1&google_push=AYg5qPL3JJZiVOP55gCpT2g0mfax24NkgzT1OLzrQLX48Kfk_ghtbKO-BmBOTafh2g27hA_s7d46UcdMW4LRn_rLjiWsRdx5tPXk HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c0716310-07e7-411b-9fed-5b30fdf41a48-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPL3JJZiVOP55gCpT2g0mfax24NkgzT1OLzrQLX48Kfk_ghtbKO-BmBOTafh2g27hA_s7d46UcdMW4LRn_rLjiWsRdx5tPXk%26google_hm%3DA8BxYxAH50Ebn-1bMP30Gkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL3JJZiVOP55gCpT2g0mfax24NkgzT1OLzrQLX48Kfk_ghtbKO-BmBOTafh2g27hA_s7d46UcdMW4LRn_rLjiWsRdx5tPXk&google_hm=A8BxYxAH50Ebn-1bMP30Gkg
Request Chain 1058
  • https://g.rtbrain.app/rtimp?sid=7e0eb148-3628-11ec-9a5d-4aafd4d64344&d=sorrelma.com&cr=dts_gen2__23&gid=CAESEOrRm-oHGPl89DFpZVLHP6c&a=imp&p=YXekWAACxQUK4DDSAAnvnOTMk66QqosQHNQOZQ&im=1Bzxg-6qmX2rMVH_dQ1g8GTz2PxCvQ7Ygkc6qr9nECbi6YVtMv2R0NpjaAN7lmF3iJy-hR5IGj8PP9S2p9kfw_sr9JZy9Uepm3Ze7w_73jpFAzbAew0K-AIdOjSRQZVz5JqUKMu5sJAwqhfZbGj9xyHqCrEL7YmTAVOujWJAAmlDPGepXI5pK1RAOZyoSaPs6HnH8X4q5qpaX0y5R6LAGZGHjXLN2_KytVS2XVhiPHiOKjTW0-FejaVGXvY8-cackxuU4qp0D61-4wsM3-4Ydg HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=rtbrain_app&google_cm=&google_tc=&id=7ea70178-3628-11ec-83b4-0e58779fcebf&source=RTBRAIN&google_hm=fqcBeDYoEeyDtA5Yd5_Ovw== HTTP 302
  • https://g.rtbrain.app/rtpixel?id=7ea70178-3628-11ec-83b4-0e58779fcebf&source=RTBRAIN&google_gid=CAESEOrRm-oHGPl89DFpZVLHP6c&google_cver=1
Request Chain 1096
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPI_cK7fIE4XkpQ4CVn19RirjhCozwXC-JA0tgGpq-v6Mv1MxyULwJQ-6FJOITb2mCv_R9y-wRnE_aZfwnTfEn790Bx7jCM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPI_cK7fIE4XkpQ4CVn19RirjhCozwXC-JA0tgGpq-v6Mv1MxyULwJQ-6FJOITb2mCv_R9y-wRnE_aZfwnTfEn790Bx7jCM
Request Chain 1097
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE05YFd2tdevRZn3jJDUfgg&google_cver=1&google_push=AYg5qPLmim7N9uz3ufkGYNg-GHe5H6WCFNy_2INTlePF5EMTSqF0YM8iaEmxGAERp1Gm4fRORlfOfvtJWQUJ9zeMapQWLdtUXBU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLmim7N9uz3ufkGYNg-GHe5H6WCFNy_2INTlePF5EMTSqF0YM8iaEmxGAERp1Gm4fRORlfOfvtJWQUJ9zeMapQWLdtUXBU&google_hm=iRAq0OmjQM2sS1xqMxO7zC4
Request Chain 1098
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELiZEGIdlx_7f-I-Vq1bOJ4&google_cver=1&google_push=AYg5qPI_7J1u79YLvcITlImGWebefllsTxYQ0wAGRO8vKBhxYnuCY_ISCJR4hhQBKxEgbCCCdiJYlkfdPW5OmFPH9GirXFYUxQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPI_7J1u79YLvcITlImGWebefllsTxYQ0wAGRO8vKBhxYnuCY_ISCJR4hhQBKxEgbCCCdiJYlkfdPW5OmFPH9GirXFYUxQ&google_hm=hmF3pFht5znJGcFr3Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6177A4586DE739C919C16BDDBLIS
Request Chain 1099
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELEMrX5n7ZyXDEVy7z6rZYg&google_cver=1&google_push=AYg5qPL-spx6LVyJ9iJPQdvnAC6yp78hUsW_WziAhKYLjM1HNi9j4_RarUxdrCTL605Dkmt8VV2dNds2lcDVLJmAL3yTDBHBSA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL-spx6LVyJ9iJPQdvnAC6yp78hUsW_WziAhKYLjM1HNi9j4_RarUxdrCTL605Dkmt8VV2dNds2lcDVLJmAL3yTDBHBSA&google_hm=MTQwMzA3NjkyMzcyMjc3MDg0Mg%3D%3D
Request Chain 1100
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPK0EOO169jCYfKOg1PlY94EBm5i_FiCFHxnq2wXgCiMwLHyE4eEyIP8KO1JPdPo2SmWqJFMB4zICndpRVEEOqRJJ0515k8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK0EOO169jCYfKOg1PlY94EBm5i_FiCFHxnq2wXgCiMwLHyE4eEyIP8KO1JPdPo2SmWqJFMB4zICndpRVEEOqRJJ0515k8
Request Chain 1101
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKE0YotPDqoy_b5nplnnndA&google_cver=1&google_push=AYg5qPLp3rUXdZGLW5tvxLm301f4CMyGqCmzaL0uQFp4fEDfYFVc3GheXmMT3a22R9cxIRFkAiaV_l1c8bYdbu6duXFeCpzCuhY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLp3rUXdZGLW5tvxLm301f4CMyGqCmzaL0uQFp4fEDfYFVc3GheXmMT3a22R9cxIRFkAiaV_l1c8bYdbu6duXFeCpzCuhY
Request Chain 1105
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPIY9rjyGPquxJcabQkwJhXOtHNjqHNkDIKnCIXuVnf3gHdyByN1L6WyVA8NZsBH6UZZvv0TXev400WDnw5f4cJoxSMiRnJo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPIY9rjyGPquxJcabQkwJhXOtHNjqHNkDIKnCIXuVnf3gHdyByN1L6WyVA8NZsBH6UZZvv0TXev400WDnw5f4cJoxSMiRnJo
Request Chain 1107
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOTWl_FRqihe81hpW0K1uVU&google_cver=1&google_push=AYg5qPKfpaoqB1US9tk5OvGPVWErTob9TnIpNdKWye556oXVUDZBxrTLMN7v_QdWEu3hyI-JuWi1WhyKUCP-eDfKhIwklVX_5T0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKfpaoqB1US9tk5OvGPVWErTob9TnIpNdKWye556oXVUDZBxrTLMN7v_QdWEu3hyI-JuWi1WhyKUCP-eDfKhIwklVX_5T0&google_hm=b0hxYUFRdlFJbDBmdW9pRGtiZFU=
Request Chain 1108
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKgHrq6R5LT4cUsThnDE4gE&google_cver=1&google_push=AYg5qPJMeIYvYDEzmSv565ZbdXYpAHWF0fwsmCsIpACKvjr17hpArTH8GzrXn5V0PE_44rJoZXK98StQ7moyr_Ld00QIJpLYSyUR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tE-UdoBcQutd6jgZOPDuT9iDby4&google_push=AYg5qPJMeIYvYDEzmSv565ZbdXYpAHWF0fwsmCsIpACKvjr17hpArTH8GzrXn5V0PE_44rJoZXK98StQ7moyr_Ld00QIJpLYSyUR
Request Chain 1110
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFFLyjnVGRdavkUv4kfTrbo&google_cver=1&google_push=AYg5qPJLBTPo9_on8g6Tx8J7n7jxTieoFBdtWOIUrAT85oO6LLKBSGMXdYHBZXLPXtnPhV9aK3MZGXYPSWf3LgYiq1ozRP6iytME HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPJLBTPo9_on8g6Tx8J7n7jxTieoFBdtWOIUrAT85oO6LLKBSGMXdYHBZXLPXtnPhV9aK3MZGXYPSWf3LgYiq1ozRP6iytME
Request Chain 1113
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-lyPULOr66H5WTfz9pP_nA& HTTP 302
  • https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
Request Chain 1120
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJWft3FHOgnkJz80py1alGXjEctRSoZqryAQfe4uzImmuu4qEEnsr4ziAkvqxIwSdn4rwTWTx3L17v0D6vt9lSuC0V1wPCJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJWft3FHOgnkJz80py1alGXjEctRSoZqryAQfe4uzImmuu4qEEnsr4ziAkvqxIwSdn4rwTWTx3L17v0D6vt9lSuC0V1wPCJ
Request Chain 1122
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELQp2NWFqDAmJ4GUspa7HLk&google_cver=1&google_push=AYg5qPIJwI8qg7mXvoSsOZXvLyF7wbnqZ7XejlC0qgwjdOHsTuEEe4M-cqZP2IMmXejujFI-68dlFB1i2qRyYdIdVnme6vm1IbA HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELQp2NWFqDAmJ4GUspa7HLk&google_cver=1&google_push=AYg5qPIJwI8qg7mXvoSsOZXvLyF7wbnqZ7XejlC0qgwjdOHsTuEEe4M-cqZP2IMmXejujFI-68dlFB1i2qRyYdIdVnme6vm1IbA&prevuid=&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPIJwI8qg7mXvoSsOZXvLyF7wbnqZ7XejlC0qgwjdOHsTuEEe4M-cqZP2IMmXejujFI-68dlFB1i2qRyYdIdVnme6vm1IbA&google_hm=
Request Chain 1123
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEAJl9XfjGV92pfjgA8o9Wkc&google_cver=1&google_push=AYg5qPKIiGxl9ygl8V-hZcnMR75hu1XdCVoa_oD8v_oRV1rCPwNwC3BWtv4v0tKw-0MxYfkXtCetayz8n3aqYIDvLQ4rHiBAnMPC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPKIiGxl9ygl8V-hZcnMR75hu1XdCVoa_oD8v_oRV1rCPwNwC3BWtv4v0tKw-0MxYfkXtCetayz8n3aqYIDvLQ4rHiBAnMPC&google_hm=QTU2MUt0dTZzUVZtVndZQXgwTFhZZFE=
Request Chain 1126
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMLGW_0MN4VBTVnKkphQUNU&google_cver=1&google_push=AYg5qPIp1zonZ4y2YTq83r61G7yZMV0kFNbMzKdgf2dMwPnCUARRK7KSL8MOLDttpxP44xYuoGsNpzxeIH_rY839cGZX1M5i9L8h HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPIp1zonZ4y2YTq83r61G7yZMV0kFNbMzKdgf2dMwPnCUARRK7KSL8MOLDttpxP44xYuoGsNpzxeIH_rY839cGZX1M5i9L8h
Request Chain 1160
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEAYq1bn9ar-62BR5452Unj4&google_cver=1&google_push=AYg5qPIX6Kcff0J-wl64KXFztqksFV2mSGkDIRMkyUqf_vM8GfSwJ2G5I-C_J9xlS1KiXEbowD74_9-Rj1n5-B_SKaeMu6cEEGV4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIX6Kcff0J-wl64KXFztqksFV2mSGkDIRMkyUqf_vM8GfSwJ2G5I-C_J9xlS1KiXEbowD74_9-Rj1n5-B_SKaeMu6cEEGV4
Request Chain 1161
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELBRZF0bNMmxLQ2BEEHCG0g&google_cver=1&google_push=AYg5qPJ9rWDuzlsfzuw_0natc73n90femC6V5AxnPtcz1MecR1S9V19lwya6jdxSBy6RV6zuB9OVCnEpM3StxbJKTdlYiDX1g8o HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESELBRZF0bNMmxLQ2BEEHCG0g&google_cver=1&google_push=AYg5qPJ9rWDuzlsfzuw_0natc73n90femC6V5AxnPtcz1MecR1S9V19lwya6jdxSBy6RV6zuB9OVCnEpM3StxbJKTdlYiDX1g8o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=S4RMJeirSjeTWn-HmbGX02F3pFk
Request Chain 1162
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAkOKuOR3K6tNpRJJ7V33yg&google_cver=1&google_push=AYg5qPKcSLAww9ZM_bbRTCAtXRZbvnr_UUvxuB8ZC3ro5WjlE8TRmRJJFmP96ls4BfYzuFqUH8BZzMTP06HI6nkT9r6jmd3310CC HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4uGdcOA3Tyi_YQbVVm72Hw2&google_push=AYg5qPKcSLAww9ZM_bbRTCAtXRZbvnr_UUvxuB8ZC3ro5WjlE8TRmRJJFmP96ls4BfYzuFqUH8BZzMTP06HI6nkT9r6jmd3310CC
Request Chain 1163
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESENlU70GSasHyBJvs_8QePu4&google_cver=1&google_push=AYg5qPJgM92N6jVieovsiMhSaupmHsyG05aNTDxPIHuNb80A5JusHTkuJetnn5BiwR2pY0c1ivkIVjSVUAHarXdbFZuEg2MAcMk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJgM92N6jVieovsiMhSaupmHsyG05aNTDxPIHuNb80A5JusHTkuJetnn5BiwR2pY0c1ivkIVjSVUAHarXdbFZuEg2MAcMk
Request Chain 1164
  • https://match.360yield.com/match/ebda?google_gid=CAESEM69U3a1AallweLTK-DWo1g&google_cver=1&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq
Request Chain 1165
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFFLyjnVGRdavkUv4kfTrbo&google_cver=1&google_push=AYg5qPLuljXFzfigCpDFd5WCKI_fsF_bhgQDjlQdk8dO-2mqMcUWCk24zOAQDTn9R-XPuFHWAbHHiryuwaG8P0ah0LdEmHU734yc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPLuljXFzfigCpDFd5WCKI_fsF_bhgQDjlQdk8dO-2mqMcUWCk24zOAQDTn9R-XPuFHWAbHHiryuwaG8P0ah0LdEmHU734yc
Request Chain 1166
  • https://cs.media.net/cksync?type=g&google_gid=CAESELEqbxDXWYkmcRTkDA1hP88&google_cver=1&google_push=AYg5qPKd9YrDemNi31NVjiOI6wSqGtfEboobxb6n6mEJ1mxp8_MNfn1guozm3MYdXpx5XMuRjDLzZcNjeM01hO77KiHUYpizrWM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKd9YrDemNi31NVjiOI6wSqGtfEboobxb6n6mEJ1mxp8_MNfn1guozm3MYdXpx5XMuRjDLzZcNjeM01hO77KiHUYpizrWM&gdpr=&gdpr_consent=
Request Chain 1168
  • https://a.c.appier.net/gcm?google_gid=CAESEMhuV-zxyf89e83YrUSi6O4&google_cver=1&google_push=AYg5qPKSq1qhJcxQKPbmi8NdgbKe8N6yiRQ9iFbASU0PrsD4rw-OSVPR3QAy_7MmDMQj5sNU0oUEdX46KHuSYj80I9zPHEVFE48Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFFEblBBS2lCMGVXaGNTc1dhUjNZUQ%3D%3D&google_push=AYg5qPKSq1qhJcxQKPbmi8NdgbKe8N6yiRQ9iFbASU0PrsD4rw-OSVPR3QAy_7MmDMQj5sNU0oUEdX46KHuSYj80I9zPHEVFE48Q
Request Chain 1169
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEKI-FTpfkI0NZbyenBhA8pI&google_cver=1&google_push=AYg5qPJE7aaDfGNqEls3ebFUxt_bRUkc43T4n85ig3glWjqqyW9tL5l8Ng0gToCS7jLOrxTZt1zX0nKgpYU0M7H4-thLLdaj3IQ HTTP 302
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEKI-FTpfkI0NZbyenBhA8pI&google_cver=1&google_push=AYg5qPJE7aaDfGNqEls3ebFUxt_bRUkc43T4n85ig3glWjqqyW9tL5l8Ng0gToCS7jLOrxTZt1zX0nKgpYU0M7H4-thLLdaj3IQ&bounced=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPJE7aaDfGNqEls3ebFUxt_bRUkc43T4n85ig3glWjqqyW9tL5l8Ng0gToCS7jLOrxTZt1zX0nKgpYU0M7H4-thLLdaj3IQ&google_hm=opYnSXy3k00AAikABlF8u1n-uw%3D%3D
Request Chain 1171
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPIrvZSAxEUChkj5orQV5-YW1SHOhVZ1L4UVSIc3OMRn11ccIJhLueKTpgo9m9KTzsKCsRS93-huqNNo7tiEOvKxJuOOESyY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIrvZSAxEUChkj5orQV5-YW1SHOhVZ1L4UVSIc3OMRn11ccIJhLueKTpgo9m9KTzsKCsRS93-huqNNo7tiEOvKxJuOOESyY
Request Chain 1174
  • https://cs.media.net/cksync?type=g&google_gid=CAESELEqbxDXWYkmcRTkDA1hP88&google_cver=1&google_push=AYg5qPIiJo2GL4onTEsF8ZkTjrdakDX8ho30fwZxc80mZRyc-A03wpZbJnjn6TAfTxStM5uczi2Mfb9b9vW1SMFQ_J9Q8ouscjrX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIiJo2GL4onTEsF8ZkTjrdakDX8ho30fwZxc80mZRyc-A03wpZbJnjn6TAfTxStM5uczi2Mfb9b9vW1SMFQ_J9Q8ouscjrX&gdpr=&gdpr_consent=
Request Chain 1176
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENqjNHC7y5pqBVFPKXcoHts&google_cver=1&google_push=AYg5qPJ_eQIaTBfkcPlw2ntQjrAesNSX38D746HDO6WszzL0Evvz18ooDQma0DVQEJtZRzV7hFnpgJ8CsKYJYvl1-BRiNhRImAPi0A HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ_eQIaTBfkcPlw2ntQjrAesNSX38D746HDO6WszzL0Evvz18ooDQma0DVQEJtZRzV7hFnpgJ8CsKYJYvl1-BRiNhRImAPi0A&google_hm=ixneLUyw1cTSkm6CyqYZsw
Request Chain 1177
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJgzRrktT3ldw5hSzRNzgbTFThQ74Xgtg3sA1j6ZR18GnS8ZA1-kvqJv467_8oKeSyKBoqqM2nPYVkAQPy4C8WNPUQwkAai6A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJgzRrktT3ldw5hSzRNzgbTFThQ74Xgtg3sA1j6ZR18GnS8ZA1-kvqJv467_8oKeSyKBoqqM2nPYVkAQPy4C8WNPUQwkAai6A
Request Chain 1178
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEKI-FTpfkI0NZbyenBhA8pI&google_cver=1&google_push=AYg5qPKJPU3ujaXCWiNHrIQG0tcBUh2VRRwVr37IEQtFV5ky-51np6sKr1Palbrz25rEMVWas-UKfPmzfWrz52BT8sWhwU_NEw1l HTTP 302
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEKI-FTpfkI0NZbyenBhA8pI&google_cver=1&google_push=AYg5qPKJPU3ujaXCWiNHrIQG0tcBUh2VRRwVr37IEQtFV5ky-51np6sKr1Palbrz25rEMVWas-UKfPmzfWrz52BT8sWhwU_NEw1l&bounced=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPKJPU3ujaXCWiNHrIQG0tcBUh2VRRwVr37IEQtFV5ky-51np6sKr1Palbrz25rEMVWas-UKfPmzfWrz52BT8sWhwU_NEw1l&google_hm=opYnSXy3k00AAikABlF8u1n-uw%3D%3D
Request Chain 1179
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIwsnHAQG4TUK6b1NEMIN4U&google_cver=1&google_push=AYg5qPKF9eB93q32UhcEcDObvlwfAf5cFw2tMELfgBhr6SJ96C8qbnORH355PC4vCG2FimBgltYMmWqZJZe7wvoLUrRcm25e5wsmYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKF9eB93q32UhcEcDObvlwfAf5cFw2tMELfgBhr6SJ96C8qbnORH355PC4vCG2FimBgltYMmWqZJZe7wvoLUrRcm25e5wsmYw&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
Request Chain 1180
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPI_6MSqCmEI4s82fh9rctx8uSkvlBVCHEfOq0Aod0vp7hapnIBU4QN4Gxw3A4izAakB99bEagDF4CcX3aQ35F4t5e96taI8Zw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI_6MSqCmEI4s82fh9rctx8uSkvlBVCHEfOq0Aod0vp7hapnIBU4QN4Gxw3A4izAakB99bEagDF4CcX3aQ35F4t5e96taI8Zw
Request Chain 1181
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPKInnx_BBIPZJ79LEi3WizKMIKATaaU4RLWuoDC5YFBiXb4-jkff1Lq1fqKVBTQeKXZ0py45NZ-WunQbOc2Iq4R3K92BJvcWg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5NDYwNDAwNDgwNDU2OTEyMw&google_push=AYg5qPKInnx_BBIPZJ79LEi3WizKMIKATaaU4RLWuoDC5YFBiXb4-jkff1Lq1fqKVBTQeKXZ0py45NZ-WunQbOc2Iq4R3K92BJvcWg
Request Chain 1182
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMLGW_0MN4VBTVnKkphQUNU&google_cver=1&google_push=AYg5qPJ7oRAtC_EJV2Tj2Ip03ZmUH5_4eTpmjHqDXrkbTWX9WCgJoDdbssdjgRpxkELdBIlCRARaREq2lipcxNMJjbUv5ETKu-tK8Tc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPJ7oRAtC_EJV2Tj2Ip03ZmUH5_4eTpmjHqDXrkbTWX9WCgJoDdbssdjgRpxkELdBIlCRARaREq2lipcxNMJjbUv5ETKu-tK8Tc
Request Chain 1189
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKfxqry95_MCFcO43godwAcKOQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635230810_7f183f50-3628-11ec-8a48-2265030db828
Request Chain 1208
  • https://a.c.appier.net/gcm?google_gid=CAESEMhuV-zxyf89e83YrUSi6O4&google_cver=1&google_push=AYg5qPIaPUbUgEnhfABBb-gEOYDS5HWTbKlmEGkQWjuItHCV_cPudNxLSY7il7llS69fgDJGVnQnSXtab9upgaTz75wA9Q9O7xE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFFEblBBS2lCMGVXaGNTc1dhUjNZUQ%3D%3D&google_push=AYg5qPIaPUbUgEnhfABBb-gEOYDS5HWTbKlmEGkQWjuItHCV_cPudNxLSY7il7llS69fgDJGVnQnSXtab9upgaTz75wA9Q9O7xE
Request Chain 1209
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELEMrX5n7ZyXDEVy7z6rZYg&google_cver=1&google_push=AYg5qPIlcI9LC-lCXjQ8CeZBbxazEVW29YgyZX75jk2wXvvyTX_2kDHvbBJ3DS79oCXt53c-YhMu_uW5ytIc4zVvApHuFL6Xzvs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIlcI9LC-lCXjQ8CeZBbxazEVW29YgyZX75jk2wXvvyTX_2kDHvbBJ3DS79oCXt53c-YhMu_uW5ytIc4zVvApHuFL6Xzvs&google_hm=MTQwMzA3NjkyMzcyMjc3MDg0Mg%3D%3D
Request Chain 1210
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEAJl9XfjGV92pfjgA8o9Wkc&google_cver=1&google_push=AYg5qPJpCydfgSxlDLOaDEBtQlXvBaMaxAnp-X8ji_l5SU4lCYAFRcEJI_bYT71m0RgYoSlHn1RPpfstw4W1p6LAJaBFCbtefA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJpCydfgSxlDLOaDEBtQlXvBaMaxAnp-X8ji_l5SU4lCYAFRcEJI_bYT71m0RgYoSlHn1RPpfstw4W1p6LAJaBFCbtefA&google_hm=QTdBemg1Vjk3cVlfbF92UDItbnBBUEE=
Request Chain 1211
  • https://rtb.openx.net/sync/dds?google_gid=CAESECnKyOoRcfut5vzhPV7MSEQ&google_cver=1&google_push=AYg5qPLXK9obOUEHBj14sn5PLnM7vkvQp-DAMtj7DXI5-0zlPFd_i3bk3y9W9tlfYsW9ed9tSfzsh7MZMpXwwU6tAJ6UoJWFR60 HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESECnKyOoRcfut5vzhPV7MSEQ&google_cver=1&google_push=AYg5qPLXK9obOUEHBj14sn5PLnM7vkvQp-DAMtj7DXI5-0zlPFd_i3bk3y9W9tlfYsW9ed9tSfzsh7MZMpXwwU6tAJ6UoJWFR60&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLXK9obOUEHBj14sn5PLnM7vkvQp-DAMtj7DXI5-0zlPFd_i3bk3y9W9tlfYsW9ed9tSfzsh7MZMpXwwU6tAJ6UoJWFR60&google_hm=aLDK9bghz6YCCaxBVzeURg==
Request Chain 1212
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOTWl_FRqihe81hpW0K1uVU&google_cver=1&google_push=AYg5qPKKH_v9Wz3EUlgS7xLSmacKsqVICllAsaUjAkAzl96uXs8mEsPAlN_aSDuxUEtmac2SfX5eDVRoN1bLJUXGTHskmUlE-ls HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKKH_v9Wz3EUlgS7xLSmacKsqVICllAsaUjAkAzl96uXs8mEsPAlN_aSDuxUEtmac2SfX5eDVRoN1bLJUXGTHskmUlE-ls&google_hm=b0hxYUFRdlFJbDBmdW9pRGtiZFU=
Request Chain 1216
  • https://fksnk.com/cs/google?google_gid=CAESEAXNy8YM_WZCwUy1wNWC5XY&google_cver=1&google_push=AYg5qPLJgakh8XDrzRGaVCDygyoXMIhTVkCXRbXZtBQ3_3oA_MUiErbC8ZXh_y8Qws2xuzJuSKEpMyG8BnnyNSQ2xiNpvF29fL63Jg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzZENjk0MDg1RUUzNzc4Mw==
Request Chain 1217
  • https://rtb.openx.net/sync/dds?google_gid=CAESECnKyOoRcfut5vzhPV7MSEQ&google_cver=1&google_push=AYg5qPJyMTP9Q3HAaDLLgrqvc_ju-2eeqzLKOkR_cFiXEAl9rSr9Mfik-G9vGo7xps-GO99RAEWBE7hfuW2LkdpIU9lrwP7x-S5l8g HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESECnKyOoRcfut5vzhPV7MSEQ&google_cver=1&google_push=AYg5qPJyMTP9Q3HAaDLLgrqvc_ju-2eeqzLKOkR_cFiXEAl9rSr9Mfik-G9vGo7xps-GO99RAEWBE7hfuW2LkdpIU9lrwP7x-S5l8g&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJyMTP9Q3HAaDLLgrqvc_ju-2eeqzLKOkR_cFiXEAl9rSr9Mfik-G9vGo7xps-GO99RAEWBE7hfuW2LkdpIU9lrwP7x-S5l8g&google_hm=aLDK9bghz6YCCaxBVzeURg==
Request Chain 1218
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKgHrq6R5LT4cUsThnDE4gE&google_cver=1&google_push=AYg5qPITSaanIgjpOXv1aqD-G-b1KFm58yInBCYwXC6F5UmRgpX9vrdPpLDUt_dYyqrvxnPkbpahMBB0oAgmJEkmM3UkBx8dVdcYvA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tE-UdoBcQutd6jgZOPDuT9iDby4&google_push=AYg5qPITSaanIgjpOXv1aqD-G-b1KFm58yInBCYwXC6F5UmRgpX9vrdPpLDUt_dYyqrvxnPkbpahMBB0oAgmJEkmM3UkBx8dVdcYvA
Request Chain 1219
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA7g2GGIKbPQpyXkZOGntS4&google_cver=1&google_push=AYg5qPJlf5SZ38esdmLMq6SyOoDCDu22NnxSvFYXy6EMC9d30RpPyRg4_R5AREv4M0Un_kKaRa7tvmEsxacPiU0YMcl_JdMCzrGK0A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y3UTdDNlgtSi1CMjhP&google_push=AYg5qPJlf5SZ38esdmLMq6SyOoDCDu22NnxSvFYXy6EMC9d30RpPyRg4_R5AREv4M0Un_kKaRa7tvmEsxacPiU0YMcl_JdMCzrGK0A
Request Chain 1220
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELJsxJGzPCZsQAT2_U6bzGQ&google_cver=1&google_push=AYg5qPL2ZDb3dUmibtBYLWoPP5SOufRZf7HjpA90bhVJqvzt_HanxAaR2qMOB94-vKPZyWjoVQO_EUJmGIp8Q_BFEo2Iix-BXCAJIw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL2ZDb3dUmibtBYLWoPP5SOufRZf7HjpA90bhVJqvzt_HanxAaR2qMOB94-vKPZyWjoVQO_EUJmGIp8Q_BFEo2Iix-BXCAJIw&google_hm=cf745295171a9a0440edb135
Request Chain 1221
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBfeb0FH5sgBRTseeaHsPDM&google_cver=1&google_push=AYg5qPJ-d8_CNhNLIMXQNm1WGqHTK3DXYZ7jA5fT5vXL7o7R6i6NHNv3Iw6CucGaK9dnu_sZR7Y4OVa_td8XKd6Q8R253Cod22NnIg HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBfeb0FH5sgBRTseeaHsPDM&google_cver=1&google_push=AYg5qPJ-d8_CNhNLIMXQNm1WGqHTK3DXYZ7jA5fT5vXL7o7R6i6NHNv3Iw6CucGaK9dnu_sZR7Y4OVa_td8XKd6Q8R253Cod22NnIg&apid=UP7e0b15d2-3628-11ec-92f1-06c633d59412 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3ZTBiMTVkMi0zNjI4LTExZWMtOTJmMS0wNmM2MzNkNTk0MTI%3D&google_push=AYg5qPJ-d8_CNhNLIMXQNm1WGqHTK3DXYZ7jA5fT5vXL7o7R6i6NHNv3Iw6CucGaK9dnu_sZR7Y4OVa_td8XKd6Q8R253Cod22NnIg
Request Chain 1260
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJ6i1Ly95_MCFc5R4AodA1cCGw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635230810_7f6d1610-3628-11ec-8a48-2265030db828
Request Chain 1277
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneid8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tkoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneid8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tkoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021102608465057693622797X117663V1225131106MSoneid8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tkoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid
Request Chain 1280
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuMoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuMoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021102608465057693622795X117679V1226132702MSoneid7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuMoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&spid=2021102608465057693622795X117679V1226132702MSoneid7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuMoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&wfid=117679
Request Chain 1293
  • https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Tdoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.autohaus-koenig.de/htlp?coyotetrackingid=386115884 HTTP 301
  • https://www.autohaus-koenig.de/htlp/?coyotetrackingid=386115884

1307 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request its-showtime-september-16-2021-today-hd-episode.html
pinoytambayansteleserye.su/ 		38 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
230849fb8e0efbdb97aaa2c77269c7d873be1a8d23a2c70a46760b1174f58012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pinoytambayansteleserye.su
:scheme
https
:path
/its-showtime-september-16-2021-today-hd-episode.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:43 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://pinoytambayansteleserye.su/xmlrpc.php
link
<https://pinoytambayansteleserye.su/wp-json/>; rel="https://api.w.org/", <https://pinoytambayansteleserye.su/wp-json/wp/v2/posts/2116>; rel="alternate"; type="application/json", <https://pinoytambayansteleserye.su/?p=2116>; rel=shortlink
x-litespeed-tag
b3f_HTTP.200,b3f_PGSRP
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
style.min.css
pinoytambayansteleserye.su/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 19:45:51 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Thu, 25 Nov 2021 06:46:43 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
style.css
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/ 		68 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/style.css
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
c9671c66e5ece29de88b9499080ccafa75f547ea2c34edb347d1d239f68b05b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Thu, 25 Nov 2021 06:46:43 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
font-awesome.min.css
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/font-awesome.min.css
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/css/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Thu, 25 Nov 2021 06:46:43 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
responsive.css
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/responsive.css
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
aa48dec78a0c69ebc4867e474e9e68d379ffdb8500710f6e13246453db63c864
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/css/responsive.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Thu, 25 Nov 2021 06:46:43 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jquery.min.js
pinoytambayansteleserye.su/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/js/jquery/jquery.min.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 19:45:51 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:43 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jquery-migrate.min.js
pinoytambayansteleserye.su/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 19:45:51 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:43 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
css
fonts.googleapis.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Allan:normal|Armata:normal&subset=latin
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
e85af27feceea9b0d42d59458b326b55a15841af68b54b44bedda943bf658563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 06:46:43 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:43 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:43 GMT
reddit.png
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/images/ 		921 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/images/reddit.png
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
136f336d0c5e8c08d6c03a973b2e8d16cf7459b71a0fb60d57aa30b7f2918d6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/images/reddit.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
content-type
image/png
expires
Sat, 25 Dec 2021 06:46:43 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
921
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
postviews-cache.js
pinoytambayansteleserye.su/wp-content/plugins/wp-postviews/ 		133 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/plugins/wp-postviews/postviews-cache.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
aa8ab2153beec5132d9268e321035fbee7f935ddcf90294ceb3424f7fe3e5405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/wp-postviews/postviews-cache.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Sep 2021 07:58:16 GMT
server
nginx
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:43 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
133
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
comment-reply.min.js
pinoytambayansteleserye.su/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/js/comment-reply.min.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/comment-reply.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 19:45:51 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:43 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
customscript.js
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/customscript.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
7f3bc7b4be6099584627703c3a0054021b3045faca29c270dde716ed62be9537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/js/customscript.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:43 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
wp-embed.min.js
pinoytambayansteleserye.su/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/js/wp-embed.min.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-embed.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 11:17:50 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:43 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
wp-emoji-release.min.js
pinoytambayansteleserye.su/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 29 Aug 2021 19:45:51 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:43 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
nobg.png
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/images/ 		68 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/images/nobg.png
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/images/nobg.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
content-type
image/png
expires
Sat, 25 Dec 2021 06:46:43 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
68
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
gokvH63_HV5jQ-ENkzR2.woff2
fonts.gstatic.com/s/armata/v12/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/armata/v12/gokvH63_HV5jQ-ENkzR2.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allan:normal|Armata:normal&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
315124a1c80ef3c682f34e36aca57e118ce2309c5734ef0b383e9e72691991ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pinoytambayansteleserye.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 03:02:06 GMT
x-content-type-options
nosniff
age
445477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17540
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 04:36:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 03:02:06 GMT
ea8XadU7WuTxEubxNdU.woff2
fonts.gstatic.com/s/allan/v13/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/allan/v13/ea8XadU7WuTxEubxNdU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Allan:normal|Armata:normal&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
da0a763cb88419837ee68bec4fde133a4646df0b7ef8de75b953ee09f39c4f76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pinoytambayansteleserye.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 10:53:10 GMT
x-content-type-options
nosniff
age
158013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21104
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:44:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Mon, 24 Oct 2022 10:53:10 GMT
fontawesome-webfont.woff2
pinoytambayansteleserye.su/wp-content/themes/mts_magxp/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/fonts/fontawesome-webfont.woff2
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/mts_magxp/fonts/fontawesome-webfont.woff2
pragma
no-cache
origin
https://pinoytambayansteleserye.su
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
pinoytambayansteleserye.su
referer
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/css/font-awesome.min.css
Origin
https://pinoytambayansteleserye.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Jul 2018 05:46:39 GMT
server
nginx
content-type
font/woff2
expires
Sat, 25 Dec 2021 06:46:43 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
71896
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
video.php
tvking.net/ Frame B7AB 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=bFR2enpnQnpaK3BJcDJ1dFpyV2dqdz09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
ba79d2e52b5472b20bb52b1e16d8f9177872c2da393d1b14288c1849c65fd111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=bFR2enpnQnpaK3BJcDJ1dFpyV2dqdz09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=573c16b23883eb74d313893b6f31d971; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
video.php
tvking.net/ Frame 5EAB 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=RWlpUG8xQW5mZzJUTG9aYS9TWWpWUT09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
14bc679d644ad69cf1510ecfb6ec3b27ef1d40c452900edbeeeb4658f761fa1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=RWlpUG8xQW5mZzJUTG9aYS9TWWpWUT09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=6152dc45bd188984491099f1fc79fda6; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
video.php
tvking.net/ Frame 64F6 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=U3VqU0srTlhSRk5obUNURjBaWllMUT09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
7178e1edceeb8e6ec028888acfcb8b3f8f9678911d0d0239d201992d17541fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=U3VqU0srTlhSRk5obUNURjBaWllMUT09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=9ea130be927863853c5264e79f1672d3; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
video.php
tvking.net/ Frame 25CE 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=eGNKcDRES3FLSzRISDVYM0FEZDVvUT09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
5a9ae4b724d5e6483a536bd17b1e73d75eb4f98cc0579e810c4f9d6c2a2c346f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=eGNKcDRES3FLSzRISDVYM0FEZDVvUT09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=9413c5afa31520ffd329d34bf0259ac0; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
video.php
tvking.net/ Frame C4F3 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=Tlg3T3ZkUWRFY01PUXBNWlRVNWNNUT09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
a2897118847c53328ba44d989951bd92a8af19ee5f47cc5f41d585946eb143ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=Tlg3T3ZkUWRFY01PUXBNWlRVNWNNUT09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=413c2ff1d67f5c6771c24d6737029283; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
video.php
tvking.net/ Frame F691 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=K2x0M2Q3aXVnR1AyRTVPdDBCL2VxUT09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
8f5b01eea41b3e6c77b9291ef782277c6a8c6fd511ddd898bb960539b9afc1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=K2x0M2Q3aXVnR1AyRTVPdDBCL2VxUT09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=5b00a28cee77a9e0a301530247f8e1cc; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
video.php
tvking.net/ Frame 8B23 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=QXF6WVZGMlFPWWNFeDZST1VlUXpKQT09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
eacf7ceb775728a12507eabf5e1d345412c992c8e8eea84eeb7ccdce7c192686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=QXF6WVZGMlFPWWNFeDZST1VlUXpKQT09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=0962c4dc3f48cf3c706a7bb1213f29a1; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
video.php
tvking.net/ Frame 6B52 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=a2FyNEFoYUJZQVRzaGZuNlpRMU5DZz09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
ec34a090e12214c0b4bab7b052961a1ba19abe7d586e9e061956539b58593af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=a2FyNEFoYUJZQVRzaGZuNlpRMU5DZz09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=bb9a8aac5782de16b4fa0d91ab56c009; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
video.php
tvking.net/ Frame 32BB 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=N0xnVHdiVkl5VVN0VVpCMS9HQk8wUT09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
c982ffd815bb6a9254d1b2a1c538e0c006254edb4576a34b72a7f1b33a229dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=N0xnVHdiVkl5VVN0VVpCMS9HQk8wUT09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=d6561a980eca20d966ba95e1cbb83ec1; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
video.php
tvking.net/ Frame 095F 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=K3RlL2IvdmIycW5sQk1IRzZwQVpYZz09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
98dd71dde731c6b493dce39a77e2e605f5dce3e84411f1f48c5cfcc97cf594c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=K3RlL2IvdmIycW5sQk1IRzZwQVpYZz09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=e1deaa657557ec8a408006c5d01fda89; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
video.php
tvking.net/ Frame AB4B 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tvking.net/video.php?id=WURPNVFzeU5QQUtsTk5yT1dQWVIwdz09
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
205ae2737b9cbdab75942d268e6b2d988f2cee77174897449814dc205b67ef31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tvking.net
:scheme
https
:path
/video.php?id=WURPNVFzeU5QQUtsTk5yT1dQWVIwdz09
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

server
nginx
date
Tue, 26 Oct 2021 06:46:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=ecbb9884b33bb76d82dca1dfbf568002; path=/
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
content-encoding
gzip
admin-ajax.php
pinoytambayansteleserye.su/wp-admin/ 		1 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pinoytambayansteleserye.su/wp-admin/admin-ajax.php?postviews_id=2116&action=postviews&_=1635230803280
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-admin/admin-ajax.php?postviews_id=2116&action=postviews&_=1635230803280
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
pinoytambayansteleserye.su
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
:method
GET
Accept
*/*
Referer
https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
expires
Wed, 11 Jan 1984 05:00:00 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
no-cache, must-revalidate, max-age=0
x-server-powered-by
Engintron
x-robots-tag
noindex
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-nginx-upstream-cache-status
BYPASS
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/customscript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
6f199810c89f705977342b9320f75b9bc35ee84b3bb7d1f59da15bd100d4f2b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Cq1o2AHjpJhonAO/cDdbgw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
0dtGVBMYuYUdX3APrt+sBWDWBULIiSmxyOxiagrVWShVLBkCbg5kM5Wgrp0Yc4DeKN+NJikug14cmxlPJ7Ge2Q==
x-fb-trip-id
686109401
x-fb-content-md5
5f9354bb050c2d2ff2573fde3da6cffe
x-frame-options
DENY
date
Tue, 26 Oct 2021 06:46:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"b6a762cef62e4d03a86eb2d91c6ced47"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 26 Oct 2021 07:00:11 GMT
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/customscript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iwVO6cIpdQSyD6NhKvn58g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"4e89e82f0eeb0512bfb2d7642aaf4840"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-iwVO6cIpdQSyD6NhKvn58g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Tue, 26 Oct 2021 06:46:43 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/customscript.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 06:46:43 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
327
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
29104
x-tw-cdn
VZ
Last-Modified
Mon, 18 Oct 2021 18:33:56 GMT
Server
ECS (frb/6796)
Etag
"a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
pinit.js
assets.pinterest.com/js/ 		361 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/wp-content/themes/mts_magxp/js/customscript.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.141.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=130
accept-ranges
bytes
content-length
203
access-control-expose-headers
X-CDN
all.js
connect.facebook.net/en_US/ 		271 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=eb7a1b58af56597f0a304c15b1326500
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
7ea6fac3a627c2f31b049af49f0cd8ebb384cfc5a91efa4dc3c6e1ea0af67419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pinoytambayansteleserye.su/
Origin
https://pinoytambayansteleserye.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
cBbqbhc1v03nI6QiDXCP6Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
78036
x-fb-rlafr
0
x-fb-debug
uXoAUKfJ1Ten/1voIfSCeuZuQZa3ylt5skiMczhWFkq7XHF0aMqiz65d341i97gdN3KvBLHUKYrtz+i+o6b9zA==
x-fb-content-md5
f3a6d67825beff18cc35f4e5b3f2a489
x-frame-options
DENY
date
Tue, 26 Oct 2021 06:46:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"2e65db56c2665a49916404aa70145a7a"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 26 Oct 2022 04:05:00 GMT
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame 2098 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fpinoytambayansteleserye.su
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pinoytambayansteleserye.su/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
354675
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 26 Oct 2021 06:46:43 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 18 Oct 2021 18:32:00 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6725)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
pinit_main.js
assets.pinterest.com/js/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.17131269759823264
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.141.169 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
75ad585dd9aeca2614593614f6fd317e98b267e6595ffc18e9675e1c744b7a03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding
br
x-cdn
akamai
etag
"0c6c6fa4aaa25b5091d9f0d1fe79700b"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=261
accept-ranges
bytes
content-length
18683
access-control-expose-headers
X-CDN
count.json
widgets.pinterest.com/v1/urls/ 		140 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fpinoytambayansteleserye.su%2Fits-showtime-september-16-2021-today-hd-episode.html&callback=PIN_1635230803451.f.callback[0]
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit_main.js?0.17131269759823264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d3705e2472c9be9870e7b28e512582e796b006cc3025bec72c94427210a0b5c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
3
accept-ranges
none
x-pinterest-rid
1391015162938803
expires
Tue, 26 Oct 2021 07:01:43 GMT
settings
syndication.twitter.com/ Frame 2098 		232 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=ee5d89ab78c73efd88eb1bc022154803da435a61
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fpinoytambayansteleserye.su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-response-time
105
date
Tue, 26 Oct 2021 06:46:43 GMT
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 06:46:43 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
a5ad3ae59cc360cf375ef7136d811bc7df91f175d158e11508456740c265ced2
content-length
166
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 09:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51558
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Fri, 21 Oct 2022 09:03:17 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
e55db8c8216170be34f4055ae640d88e27ece72c5483453bcfe05cc31dccc6d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 03:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33943
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Sat, 22 Oct 2022 03:04:32 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 59CF 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fpinoytambayansteleserye.su&url=https%3A%2F%2Fpinoytambayansteleserye.su%2Fits-showtime-september-16-2021-today-hd-episode.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
/
Resource Hash
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fpinoytambayansteleserye.su&url=https%3A%2F%2Fpinoytambayansteleserye.su%2Fits-showtime-september-16-2021-today-hd-episode.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
content-length
1585
date
Tue, 26 Oct 2021 06:46:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
postmessageRelay
accounts.google.com/o/oauth2/ Frame 7869 		566 B
829 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpinoytambayansteleserye.su&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.141 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f13.1e100.net
Software
ESF /
Resource Hash
f39b3d6563b376a1a313c71860bf85556fd27cdc932388f9b40a8c511ca05dfe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-61BsvK7E7gHCmV1cWHG1Cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpinoytambayansteleserye.su&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pinoytambayansteleserye.su/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-61BsvK7E7gHCmV1cWHG1Cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.0d6aa7fd095b2a9dd19cc66c7c2ed64b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 06:46:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:31:51 GMT
Server
ECS (frb/6796)
Age
377091
Etag
"e8090d17c9828f5a217bebb39dd3e689+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
jquery.min.js
tvking.net/js/ Frame C4F3 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=Tlg3T3ZkUWRFY01PUXBNWlRVNWNNUT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=Tlg3T3ZkUWRFY01PUXBNWlRVNWNNUT09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:44 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame C4F3
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=Tlg3T3ZkUWRFY01PUXBNWlRVNWNNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415316
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:39 GMT
server
cloudflare
etag
W/"5d1ad7d7-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJa%2B2Ns1FzZhPB6Or4p4PjLmC3631Tt0zUSERDEeHjYxN3iaUxJSg9tyFMvoZ6MbGqQ%2FIYQlic0uy1o5TMthnJxi7OiLYkdVebqeochpS68%2FbJ2tDmWXMZkf3u63ZOEI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a41baaf0a8e0b2f-AMS
expires
Sat, 20 Nov 2021 11:24:48 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHn6fYp0sWXynRVpGwOuZOZ1RToQ2yk9S6b%2FNGlv%2Bm2Wezil4fg%2BW58W0feqoMb2YaEBs%2FnTayDUjO8TGcZvITPnCNv98qXrYhOwyXAsTY%2FFey9UcOBQTbSnSuy5tRUNNvW1MH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a41baae6c2f0b84-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
tvking.net/js/ Frame B7AB 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=bFR2enpnQnpaK3BJcDJ1dFpyV2dqdz09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=bFR2enpnQnpaK3BJcDJ1dFpyV2dqdz09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:44 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame B7AB
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=bFR2enpnQnpaK3BJcDJ1dFpyV2dqdz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415316
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:39 GMT
server
cloudflare
etag
W/"5d1ad7d7-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfZTLSAox%2BGc1s3vFopqHS2W08ZT%2BCO5PIFumlKZMcoQL9UlJkmMnw9MoEP3LMT40biDShQYglZWFhSbhAn6CanLDO6416yXAe%2FpzAuXV%2Bs%2FOsq%2Fv%2BxhbQxYMEQ99dXK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a41baaeea600b2f-AMS
expires
Sat, 20 Nov 2021 11:24:48 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTbwoY0eLcQv2Po54UFN56UnTMIsPIyLUhwEPCiG3Mn4rTvzcpeg7L9Rx9vl5x7ypbmvpGB8wulu0gnidYrBSa51%2B0uYLQiHgQV2inLpWSe8D2gMaHA5j4%2ByYuJvTBfaXQ7kVp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a41baae6c310b84-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
tvking.net/js/ Frame 64F6 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=U3VqU0srTlhSRk5obUNURjBaWllMUT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=U3VqU0srTlhSRk5obUNURjBaWllMUT09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:44 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame 64F6
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=U3VqU0srTlhSRk5obUNURjBaWllMUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415316
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:39 GMT
server
cloudflare
etag
W/"5d1ad7d7-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cB3x8lOxxBEMGElXmGZLHpBL5RSl9F8rre5IafsUoyDMen4GISIAEhw00y66o9kILbYsgNUJcXskMQNCbuXBNUGKH%2BgCp7bQiXRTIp%2FHZSPPsK5KPb1oKoKIzRjXu9df"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a41baaf0a8f0b2f-AMS
expires
Sat, 20 Nov 2021 11:24:48 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDkjinuFjvNuY7if%2BkDKKUMOBsSzE6CXm1zNBimBOW3ohmmXnFWQbCiDzvahbG3koz36pUNQgEn7Ww%2BDIhJ9%2F0VxHlNsaTbdlL1C%2B53F7V12ASqvrOO552s%2BKMDj3uxpuumtcz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a41baae6c330b84-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
tvking.net/js/ Frame 5EAB 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=RWlpUG8xQW5mZzJUTG9aYS9TWWpWUT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=RWlpUG8xQW5mZzJUTG9aYS9TWWpWUT09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:44 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame 5EAB
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=RWlpUG8xQW5mZzJUTG9aYS9TWWpWUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415316
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:39 GMT
server
cloudflare
etag
W/"5d1ad7d7-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a87UqW%2F6BX3Pd%2FSrYUrz%2BNEUa4%2BYZpode15t6zjnS2CSJ8e%2Ftd%2BxHVcS9r12QK9LWPYsWHUKO3Ii6nigTS3oQ2FK1A4vzSSBtoEUBWSrZgKe%2ByZPpi9OFUhJb8gvfwMr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a41baaf0a8c0b2f-AMS
expires
Sat, 20 Nov 2021 11:24:48 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePKPixTVv2r54%2BRDYJ4NugtvFdk5HtIrnyiM5lNPTsY%2B18O%2FrZOwfAiVOWOjOoSUe3VDG9LVN4i5yqGpGTsCGVUEIZ94M6q5tEKHeSbC5CSLuwYq3Md01SmkE13i8TSMR0UUAkM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a41baae6c340b84-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
tvking.net/js/ Frame F691 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=K2x0M2Q3aXVnR1AyRTVPdDBCL2VxUT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=K2x0M2Q3aXVnR1AyRTVPdDBCL2VxUT09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:44 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame F691
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=K2x0M2Q3aXVnR1AyRTVPdDBCL2VxUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415316
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:39 GMT
server
cloudflare
etag
W/"5d1ad7d7-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmgKUZ6sEFEM734Q5zmorGyQvHqp8rRB1OyvuWFNT7BEbxf8smhw1Z2jLT7QSJMaM4402%2Bke4wKPUf8kfl6cQi9KPrLrkR%2FweJZA2ojwMfSOjaysmUcuRNE1UF23byD5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a41baaeea5b0b2f-AMS
expires
Sat, 20 Nov 2021 11:24:48 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOtENtNyLqt6pg3w%2FOSBZlQRZ42kpmnX1vIRFwzSm71xDW6UxAM3TXZ%2BGxbOTMG0wr3%2BeKRCygDJxS%2BZkRAWj885ELBkjCl9Wy0t2WFMNZWfmCEPgunBkGfB2ZEySZtNHSLVyQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a41baae6c350b84-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
tvking.net/js/ Frame AB4B 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=WURPNVFzeU5QQUtsTk5yT1dQWVIwdz09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=WURPNVFzeU5QQUtsTk5yT1dQWVIwdz09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:44 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame AB4B
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=WURPNVFzeU5QQUtsTk5yT1dQWVIwdz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415316
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:39 GMT
server
cloudflare
etag
W/"5d1ad7d7-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bO9z%2F1jygkvtagrSZD1i4Xw0uhbjmwY02XnS2I50Eq%2FonFeWYcEMoNuGUxu3FW8ELT6aEwEq9OAo9E3UrIGuZDpILw%2BxICyGzyOHp2QqyQwUam0wXZOCLMGjwpOZWcDF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a41baaeea570b2f-AMS
expires
Sat, 20 Nov 2021 11:24:48 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OegCg6%2By53ccXoQe5pK%2Fz9bC%2BSH84xO5wBbCANG3tnpwm2q6BAPXS1%2BaQB37llvV4lavPoNDP7S%2FTaZATbv4Fiy5MCSqACLv0VL3r7PpWkepyyM52cSHhQHlBiPKezvYICFyMg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a41baae6c370b84-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
tvking.net/js/ Frame 6B52 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=a2FyNEFoYUJZQVRzaGZuNlpRMU5DZz09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=a2FyNEFoYUJZQVRzaGZuNlpRMU5DZz09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:44 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame 6B52
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=a2FyNEFoYUJZQVRzaGZuNlpRMU5DZz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415316
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:39 GMT
server
cloudflare
etag
W/"5d1ad7d7-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDNeXjcBaY3Oql8mFD9tKE3eHuoWa7KVv0E%2FcWcyjJaKQGFo9neWvZTaJKJ1Rmr7HfHe%2F%2Fq4t1R8r8MmleR51%2BJNZ9qxGrS7ZEVegdTsQuImv9t8XFo9itYccHgdHQhQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a41baaeea630b2f-AMS
expires
Sat, 20 Nov 2021 11:24:48 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ren60kh7a%2F7yCpL4isejnfP2h3oHDlxGUGS%2BewuTGSMnpm14rEzDHnl9PBnTVGBXPjV6pJfFaEWD57kSqKyugPESjhAZb%2FeV9U3Pk0QfJg3bj%2BjcpY%2FCNI3MSgEtlcxAfUSX68%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a41baae7c740b84-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
tvking.net/js/ Frame 25CE 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=eGNKcDRES3FLSzRISDVYM0FEZDVvUT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=eGNKcDRES3FLSzRISDVYM0FEZDVvUT09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:44 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame 25CE
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=eGNKcDRES3FLSzRISDVYM0FEZDVvUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415316
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:39 GMT
server
cloudflare
etag
W/"5d1ad7d7-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAwPrhgphSejuYE%2B2g43f3lsZMpP%2Bx0QoQ0iMa9DrPhzR1PqNsdQPHHASLRpMJY%2FajzAZpYEiAJDpsbOBEw6PjDfGO1nR5fxG3Toz%2B36w4dCNi0Ti9QB236ZI4GXrYkh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a41baaeea590b2f-AMS
expires
Sat, 20 Nov 2021 11:24:48 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySigNMb5855L8vMBjAe3ZCq%2BlnTemDcd6vP2e6nRID6LK8bA9muiipkrNABk%2Bh%2Ba7zoObnmCkvZn17F6O55rMF%2F%2BHx0RHZxnMm8T5rdszuZ1VqK%2BVqp0wpOp%2BPP1qx6aMpO7Kp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a41baae6c3a0b84-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
tvking.net/js/ Frame 095F 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=K3RlL2IvdmIycW5sQk1IRzZwQVpYZz09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=K3RlL2IvdmIycW5sQk1IRzZwQVpYZz09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:44 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame 095F
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=K3RlL2IvdmIycW5sQk1IRzZwQVpYZz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415316
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:39 GMT
server
cloudflare
etag
W/"5d1ad7d7-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RdUHIPt%2Fijf0VDJVGrxJn0HCA4YbDPs8nBUCizx5IWf1TRqltG%2FnDvF%2BcY6dLj48V9W6vhZVKDRJgP5bhVmARV67nXroYrKJziiLmCLae24A8dvSUMm854YzyPKMKqn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a41baaeea620b2f-AMS
expires
Sat, 20 Nov 2021 11:24:48 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FS2cTzjQI76l%2FTe5MgdV%2FBPOMvc%2F6aWDHox%2FkZW2IoB5yXj4AD27X41j65GcdqfpSjtHO23Rm8cSCUCUMVk2IDJuFgGJ%2BUFfzb4p0ynsqi%2FT%2BkXqvadW8ZqTay5YZYUrSFcu%2BTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a41baae7c780b84-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.min.js
tvking.net/js/ Frame 32BB 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=N0xnVHdiVkl5VVN0VVpCMS9HQk8wUT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=N0xnVHdiVkl5VVN0VVpCMS9HQk8wUT09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:44 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame 32BB
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=N0xnVHdiVkl5VVN0VVpCMS9HQk8wUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415316
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:39 GMT
server
cloudflare
etag
W/"5d1ad7d7-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckUsRj6AiQrLU4MATcSYiP0w1lSAHVbN5zhpaQTca0VWzmNXam0aZV%2FfwuGXJ5EXsYA3KNnCi3S59Pa8%2BalmfPI7VTywoYftIYBeh%2BrLL2konXJlHr5mOMYptLYg4qd5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a41baaeea610b2f-AMS
expires
Sat, 20 Nov 2021 11:24:48 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vT6N3F3PQpBy3pB88Yr%2F3xAokn8JpVfrSZuF7XKosnVZa2QpHjUdg0GilKVtNXZ%2BI9WcOcUN0krQPdk6NZlNQCpr0lBl4x6pqtKi1x6vh0QErP17oTBnLoM3yKYwDYpOOw1LsJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a41baae7c7a0b84-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
platform.twitter.com/widgets/ Frame 0D4F 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.a53eecb4584348a2ad32ec2ae21f6eae.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) /
Resource Hash
d94cce9ec0cffd5417657d26aa1741a7e3b2b0a5f4232a80d789c1a254c4e2ef

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://pinoytambayansteleserye.su/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
377091
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 26 Oct 2021 06:46:44 GMT
Etag
"89e8ce4106e3294685b0af818d97b80c+gzip"
Last-Modified
Mon, 18 Oct 2021 18:31:56 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6796)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12235
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 59CF 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fpinoytambayansteleserye.su&url=https%3A%2F%2Fpinoytambayansteleserye.su%2Fits-showtime-september-16-2021-today-hd-episode.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apis.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3170
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.min.js
tvking.net/js/ Frame 8B23 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tvking.net/js/jquery.min.js
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=QXF6WVZGMlFPWWNFeDZST1VlUXpKQT09
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.154.207.225 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-207-225.rev.poneytelecom.eu
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tvking.net/video.php?id=QXF6WVZGMlFPWWNFeDZST1VlUXpKQT09
Origin
https://tvking.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Jan 2021 19:20:35 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Thu, 25 Nov 2021 06:46:44 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jwplayer.js
asianembed.com/js/jw8.9/ Frame 8B23
Redirect Chain
  • https://embed.dramacool.so/js/jw8.9/jwplayer.js?v=8.1
  • https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
107 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=QXF6WVZGMlFPWWNFeDZST1VlUXpKQT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
415316
pragma
public
last-modified
Tue, 02 Jul 2019 04:04:39 GMT
server
cloudflare
etag
W/"5d1ad7d7-1aa99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JltexpmftJkOvRcdl5vOssLzi1KKte83mXeelW8UlANs%2F2Y9%2B19XY3dFpWkbH08QRCChvnBGRHOZRQT%2B7e7idd7FomaKUQbP%2BSqsHlbyc9G03NWlb7jMvZa0NGyaHPc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
6a41baaeea5f0b2f-AMS
expires
Sat, 20 Nov 2021 11:24:48 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAr7pxXKLxuvOfy9q4O8hEUxCwBxcCbU%2FtqSgp4jkEnTB0Q7HABWF82F%2FWHEQXDGODzwkwze3OCZ3ss%2BlKF5VqiLXPToDJZ0oBu3UhJRVdU8ILgoWbeoUlzFoi66jq6SeZf%2Btfw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://asianembed.com/js/jw8.9/jwplayer.js?v=8.1
cf-ray
6a41baae6c380b84-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
2759057950-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 7869 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2759057950-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpinoytambayansteleserye.su&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4293
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 00:07:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Sat, 22 Oct 2022 04:07:39 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 7869 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fpinoytambayansteleserye.su&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
ESF /
Resource Hash
7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nHEdrzZhTNfK8phRO0avqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"998951b1d5405dad0418a425bf80cab9"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-nHEdrzZhTNfK8phRO0avqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Tue, 26 Oct 2021 06:46:44 GMT
truncated
/ Frame 0D4F 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/ Frame 7869 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.9OTyQk26M2k.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 03:39:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
443240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18151
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 17:21:04 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Fri, 21 Oct 2022 03:39:24 GMT
jot
syndication.twitter.com/i/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fpinoytambayansteleserye.su%2Fits-showtime-september-16-2021-today-hd-episode.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1635230804331%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22f001879%3A1634581029404%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
108
pragma
no-cache
last-modified
Tue, 26 Oct 2021 06:46:44 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
a5ad3ae59cc360cf375ef7136d811bc7df91f175d158e11508456740c265ced2
x-transaction
6025d39f5b93abff
expires
Tue, 31 Mar 1981 05:00:00 GMT
newbottom.php
sorrelma.com/ Frame 60A8 		496 B
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=K2x0M2Q3aXVnR1AyRTVPdDBCL2VxUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
EXPIRED
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irzJD9PYVJF%2BYqvM9ACSwj8RKuwIB%2F33FxBJimu32y2%2BISJn2KbODwyY2UyvA1uNq2H9uNKrnJUy8kmTCaUGZt3SVttXi%2BDeduijmzmW%2BKlUR4zYJOFa1HE%2Bz8YQLi8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41baaf8a60048f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
video.g
www.blogger.com/ Frame 5D51 		819 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/video.g?token=AD6v5dyWvTOnbljcDUDvVtPVxVN9ku_DvfH5tDuBf74sOPJ9qfWD5WpUXWtKmaV2viU0ERzyLSVZ1BfVf5Dq7Fm7MMeV0xW7wd77CJ75a4NN_sEBPfW-dDSGOU5WYmS06Dt91XV4j8ZD
Requested by
Host: tvking.net
URL: https://tvking.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/video.g?token=AD6v5dyWvTOnbljcDUDvVtPVxVN9ku_DvfH5tDuBf74sOPJ9qfWD5WpUXWtKmaV2viU0ERzyLSVZ1BfVf5Dq7Fm7MMeV0xW7wd77CJ75a4NN_sEBPfW-dDSGOU5WYmS06Dt91XV4j8ZD
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
436
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
newbottom.php
sorrelma.com/ Frame 3226 		496 B
542 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=WURPNVFzeU5QQUtsTk5yT1dQWVIwdz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
HIT
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cy8uj3Oj5iUWvacMPwU7t5jI%2FGUvu%2B%2BQbqyrmztkwIz8GGX2Pd%2F8sLSSq2oLsnOd7VDmHWlo8Wwl2aj1Omw3p%2Bt2pC78VZFs61a9Db6MAnVKpHI6Vi8RTtxihj%2BMhmk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41baaf8a64048f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
video.g
www.blogger.com/ Frame 4F9D 		819 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/video.g?token=AD6v5dwbo6WmQHoWlTRjvl8xjhThARiuHjrJTFnLvW401gQGqo5l-v_mvyxalZNXxqrK1tEiCeIA7setQvHHCv6yjgIaYYVK03C5tQU7SdUm7MtyjRyyfU-WtWZY7sfwNLyTApvOZk0
Requested by
Host: tvking.net
URL: https://tvking.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/video.g?token=AD6v5dwbo6WmQHoWlTRjvl8xjhThARiuHjrJTFnLvW401gQGqo5l-v_mvyxalZNXxqrK1tEiCeIA7setQvHHCv6yjgIaYYVK03C5tQU7SdUm7MtyjRyyfU-WtWZY7sfwNLyTApvOZk0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
436
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
newbottom.php
sorrelma.com/ Frame 103F 		496 B
935 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=eGNKcDRES3FLSzRISDVYM0FEZDVvUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5E4xqYQ26HVT5MszWTy7lMY%2FVPhYrv2wJnnBKBFsJ%2FDYsSfr7G2X0%2BDuNo2gABP%2FEsTVb00Yfc6fgudZUzceoOSJ7XG03DH71Zi%2FukyJNfE0YOfqr5eki2yKdByEIw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41baaf8a66048f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
video.g
www.blogger.com/ Frame 7A34 		819 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/video.g?token=AD6v5dy2V4Pr2u83-ANpjVMPvEGUg44Aoq_OUnsTzL9ty_Ypqnetmu8E2zCDBiwQQo1MkrHzsLsaOn2Df0MCHzeSA1HxC1USc55RnkLYU_HWjNKELvVZ9w3-EOZ3hS5TXmMAPayNRNkw
Requested by
Host: tvking.net
URL: https://tvking.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/video.g?token=AD6v5dy2V4Pr2u83-ANpjVMPvEGUg44Aoq_OUnsTzL9ty_Ypqnetmu8E2zCDBiwQQo1MkrHzsLsaOn2Df0MCHzeSA1HxC1USc55RnkLYU_HWjNKELvVZ9w3-EOZ3hS5TXmMAPayNRNkw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
436
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
newbottom.php
sorrelma.com/ Frame C9ED 		496 B
539 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=QXF6WVZGMlFPWWNFeDZST1VlUXpKQT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAO%2BLremmg0%2Fzh%2Bq6QPqoZ9Wk9dIc51QwOZJBGx0jaAXbsM%2BOzYgishD%2F4FGsrKjW2zR2s0vBFpy4Dzo0nTT9fn4%2Bt07gXl0xvOu%2FwDjg0dOU2yshzJ1pjh61AMSLqE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41baaf9a76048f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
newbottom.php
sorrelma.com/ Frame 413A 		496 B
538 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=bFR2enpnQnpaK3BJcDJ1dFpyV2dqdz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
HIT
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCQjMK1%2FoeQmOh4kfEtPb8AjW2q4r62L4IZ88OmccFUGyk2HB6XV%2B5%2FZSv9UrAOtmb%2FGxho%2FvB0dA7pUtrj1gQeygfTYD%2FCx4qeQNgPxesdqwbGw4CUnC0YMprQp8oc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41baaf9a7b048f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
newbottom.php
sorrelma.com/ Frame A6CD 		496 B
541 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=N0xnVHdiVkl5VVN0VVpCMS9HQk8wUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
HIT
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMnKT47fHDkeSD5DhbF20vgxo%2FA%2BagJGYHY%2FT%2BZ4kP%2F8b9ELxNoR3v9KIT5yRrOa8%2FiPrEMz4cREV0l96Eb7AV0VGEu7TJ%2BXFMrArj6zLypcg5Ho0glr%2BRPohXe8Dng%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41baafaa86048f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
newbottom.php
sorrelma.com/ Frame 94E6 		496 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=a2FyNEFoYUJZQVRzaGZuNlpRMU5DZz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
HIT
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1vt5K%2FtheVCWb0RpOvKpbnZN8ZlOYSjVTOD%2F0uO9LJsB7FjOeo0CyzLOPfBEsR6fDr9ghaQKux3SJkeM2pUvUoOIb%2FIaWazFzf2t6ulLvVwn0hVpmZHgjJE22UD68Y%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41baafcab8048f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
newbottom.php
sorrelma.com/ Frame DCEA 		496 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=RWlpUG8xQW5mZzJUTG9aYS9TWWpWUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
HIT
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41jUDX5yjNkUBvIncO0J57xPuUM3bEBNd%2FufqP7cBUIGiPFTsoX224mRrEW7LWVS0%2FE1cLjsmnhwoPb2JjjOFGD4tgTQT3Hm5Ai2GURQFDli%2F6zioWF8JhVoyt9tHTU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41baafcaba048f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
newbottom.php
sorrelma.com/ Frame DF8A 		496 B
852 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=K3RlL2IvdmIycW5sQk1IRzZwQVpYZz09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
HIT
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMKzyBiRukPTR8hhM24i2fWeVTaickO%2BqLLsJyh0J%2BdgnuRq08bQL7K%2BVNBM20sU8nEB1PTC5pZHWBTo1hREFRW%2FRL2a%2F4ndv1Ii%2BAdZJt2xfpG4AAMqipHHzJvwCto%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41baafe86a409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
newbottom.php
sorrelma.com/ Frame 7B36 		496 B
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=Tlg3T3ZkUWRFY01PUXBNWlRVNWNNUT09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
HIT
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnfjNb%2FI2U8ylHcY2InjPyCYYxe6cgflfvHtlIMhE5Dnqxqh6npQV14tkJXq%2FqYq%2BfwSLUszlabE6ZR0wNdZF7%2FywhpuJjNDJUNdNlzUlD4TLIMBGuvRjo%2FAy4It8Hs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41baafe868409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
video.g
www.blogger.com/ Frame F8EA 		819 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/video.g?token=AD6v5dwxP2r0VzVZJOiHaYWOT5pF7hV52_dbHqHy9vN6mbVgYQUfGwlDe4hTClZuL6AKr1UmECAGRl6UZ3Hh9FrbY6HOjSs_TOChMvEfR0ll9nRYrWFSXgLknoDBsf2CtcqMy9hBVL4i
Requested by
Host: tvking.net
URL: https://tvking.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/video.g?token=AD6v5dwxP2r0VzVZJOiHaYWOT5pF7hV52_dbHqHy9vN6mbVgYQUfGwlDe4hTClZuL6AKr1UmECAGRl6UZ3Hh9FrbY6HOjSs_TOChMvEfR0ll9nRYrWFSXgLknoDBsf2CtcqMy9hBVL4i
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
436
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
video.g
www.blogger.com/ Frame FAEC 		819 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/video.g?token=AD6v5dwA0HvO9ySrTA4AtnTmz6rg7pDmVi49eCSMfoAiCYVq5bGD4MrdyazUj1pySxr15OFEIQBmLCD8GWGqrbD78iUY9dC7YJRRkIyh_SkWhXS-g_C8C_at_CN8wiofN_tUj5R4KdM
Requested by
Host: tvking.net
URL: https://tvking.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/video.g?token=AD6v5dwA0HvO9ySrTA4AtnTmz6rg7pDmVi49eCSMfoAiCYVq5bGD4MrdyazUj1pySxr15OFEIQBmLCD8GWGqrbD78iUY9dC7YJRRkIyh_SkWhXS-g_C8C_at_CN8wiofN_tUj5R4KdM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
436
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
video.g
www.blogger.com/ Frame 6270 		819 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/video.g?token=AD6v5dyu-KDYiQjmrzsOv5XKYtVCe8iyczSnjMGwhCVgBCRQWv8Mt4EJlQuFtZHNmH_UpGZ3YfqXI8wSf1qD0EnaVbFp_V5XW8BVbE9FAIXTGBSgwT7pSedo4jIMNkVP735lFcSx9r0
Requested by
Host: tvking.net
URL: https://tvking.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/video.g?token=AD6v5dyu-KDYiQjmrzsOv5XKYtVCe8iyczSnjMGwhCVgBCRQWv8Mt4EJlQuFtZHNmH_UpGZ3YfqXI8wSf1qD0EnaVbFp_V5XW8BVbE9FAIXTGBSgwT7pSedo4jIMNkVP735lFcSx9r0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
436
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
video.g
www.blogger.com/ Frame F817 		819 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/video.g?token=AD6v5dxOziquq0qY23ht3patikEdWb-M4mcdu5vwv_9MvMME7iLKK229_DmigxG4BnRjjLWDdftCAlLeIaNMLHIf7Fj26cKz4w1KDxVLf4xTHEp9J25i9Rh72nnBQBwgmKNa-rKM0G3V
Requested by
Host: tvking.net
URL: https://tvking.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/video.g?token=AD6v5dxOziquq0qY23ht3patikEdWb-M4mcdu5vwv_9MvMME7iLKK229_DmigxG4BnRjjLWDdftCAlLeIaNMLHIf7Fj26cKz4w1KDxVLf4xTHEp9J25i9Rh72nnBQBwgmKNa-rKM0G3V
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
436
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
video.g
www.blogger.com/ Frame F3F3 		819 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/video.g?token=AD6v5dzYtFM2KnRS7vtOZwJx9JW3NsSuamg-_-8CX2zBB8atVqL-f4Fj3dBj0cQ7kg8bfkvOmZl_zU50azldLUxv0UYOiMN8nq6az46LJCYwLbXyIXXsFqCdDT0Cna7RtiMAFq9b7UaS
Requested by
Host: tvking.net
URL: https://tvking.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/video.g?token=AD6v5dzYtFM2KnRS7vtOZwJx9JW3NsSuamg-_-8CX2zBB8atVqL-f4Fj3dBj0cQ7kg8bfkvOmZl_zU50azldLUxv0UYOiMN8nq6az46LJCYwLbXyIXXsFqCdDT0Cna7RtiMAFq9b7UaS
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
436
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
newbottom.php
sorrelma.com/ Frame A03A 		496 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: tvking.net
URL: https://tvking.net/video.php?id=U3VqU0srTlhSRk5obUNURjBaWllMUT09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
HIT
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xwlg9qYDNhGcSDuT5nHOVAzOY2loiHN2FNPxFNzTicAvADOiI2ZJn7YYW6VofR4TFh9zVO6HCHlMT74%2BPvOUfnzROUgyxChOKFHZfHiVp0sH%2Fs4ztOPXK7xXM7GG0Zw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41baafe866409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
video.g
www.blogger.com/ Frame FD65 		819 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/video.g?token=AD6v5dwO3cqciAyv5mT48Kc-GWghHqQxkL24ngctktDhTIHV-JJFmxYbzf40dAybudLmbkD1h3Cj-R9D71fC19ROhNfaV-GsebFWi2D8EnCGMR-DVMxDxDDoL5gTbh09xQJKM8Jfers
Requested by
Host: tvking.net
URL: https://tvking.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/video.g?token=AD6v5dwO3cqciAyv5mT48Kc-GWghHqQxkL24ngctktDhTIHV-JJFmxYbzf40dAybudLmbkD1h3Cj-R9D71fC19ROhNfaV-GsebFWi2D8EnCGMR-DVMxDxDDoL5gTbh09xQJKM8Jfers
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
436
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
video.g
www.blogger.com/ Frame D9B6 		819 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/video.g?token=AD6v5dzFToud6eOwF6DDN_USuHvgzQ7lyQayXzWoZpEr_XMHSdVgBch07eiHeEvB49bNeIMoH-UhY5HrVRYjv6MKhjyTKTV5EM-WZyosM3tUQyIWVoY9yLNmzfkZM1fmfwzNuGsa4akb
Requested by
Host: tvking.net
URL: https://tvking.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/video.g?token=AD6v5dzFToud6eOwF6DDN_USuHvgzQ7lyQayXzWoZpEr_XMHSdVgBch07eiHeEvB49bNeIMoH-UhY5HrVRYjv6MKhjyTKTV5EM-WZyosM3tUQyIWVoY9yLNmzfkZM1fmfwzNuGsa4akb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
436
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
video.g
www.blogger.com/ Frame B0E9 		819 B
501 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/video.g?token=AD6v5dxqy7I0uiLMlz2vz-5QJwBFvf2BaDqL80icaKCXOxLU9GQSt7p91CVfkjF8DIbzsSoAJid-U5nxdBBe14M7Ycwgwn0Twp80t4QtC4nrSf8sjL-TESfe1nFG1Q0RKVNIk9_4P_Bf
Requested by
Host: tvking.net
URL: https://tvking.net/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f9.1e100.net
Software
GSE /
Resource Hash
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/video.g?token=AD6v5dxqy7I0uiLMlz2vz-5QJwBFvf2BaDqL80icaKCXOxLU9GQSt7p91CVfkjF8DIbzsSoAJid-U5nxdBBe14M7Ycwgwn0Twp80t4QtC4nrSf8sjL-TESfe1nFG1Q0RKVNIk9_4P_Bf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tvking.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tvking.net/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
436
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
log.pinterest.com/ 		0
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=G6dLpsuvY8gR&tv=2021082501&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fpinoytambayansteleserye.su%2Fits-showtime-september-16-2021-today-hd-episode.html&viaSrc=canonical
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pinoytambayansteleserye.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
1
x-cache-hits
0
content-length
0
x-served-by
cache-hhn4082-HHN
pragma
no-cache
server
envoy
x-timer
S1635230804.491627,VS0,VE93
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid
7825653603092931
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
sorrelma.com/geometric-tattoos/ Frame ACD6 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
EXPIRED
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDbMyFcZeIisIvZdq6uDAZrS5ypjSQs9Eg264fIMefJfoZU4tHmVY4Z7lgiFs3PHW3g5aqSTRNb19kgul9rkYU4VsUWd0MEm%2F6w9kQ6q5VuZK8FPi7QB219FIbfB3tU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bab0597b409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
sorrelma.com/geometric-tattoos/ Frame 8EA1 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1crlnJumh9YvIi%2F5vPRZb%2Bweuz0Vs0s8T5hB6HGHef0ZMG7w7%2F%2BK3St9vIpPh6aN%2FfZTiy4DA8dnxnYd7oidt9U94SIZdyCY0QNFnhz8bb1E6RIMx3cKfEfR%2B41eRM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bab05984409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
sorrelma.com/geometric-tattoos/ Frame 11E4 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ec%2FQ4ySk3OQzaccYX1VmHkfMteAtOj%2F3pXVKMpbCNZIrqfVLBjLSE8TcfYRLKaFOb54P6sTj3HFkOkP2GaHry%2FoJIeyK35S4Cw79jr5qvdpBNcHYCT0v%2BOrAETRuG48%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bab05986409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
sorrelma.com/geometric-tattoos/ Frame 2E73 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULrBw5eY5H86KzeTeDePR1o8xHnmt55GAJNDyEmb2odc1N1fK7k5Ajng4igdJv8ZbqhydcRwtnaODiere%2FAGlQJJpfNPQJj0GMeGhhL5HEZ0CqsMH2XUTdrOOr4%2BbmE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bab05988409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
sorrelma.com/geometric-tattoos/ Frame 9940 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0AFjoy9YkvMHQsgjgpKAiaCDOSXDOTesmDBSNd0Nj9m4NdQ4hUrVNwzsNc4z%2BZN6SgY5OBOOMdGAKckdpIPVhpGH3ZGfTwThiGN9snDHJ2UgxbklEwG%2BZ1dI%2BHqq18%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bab05992409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
sorrelma.com/geometric-tattoos/ Frame 7893 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBBkV%2FbAIwEP7hfLJ%2F%2FXaBucFoWPGs7b7Ezr9c6piMnaRt0xatTPUsQXxaoNYYQICZUse5FbXBqXDrSwSPvBCEXOSNn2tbbolWmGr5AEpxK77QGnFu%2BBQTqoVMgdaz8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bab06999409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
sorrelma.com/geometric-tattoos/ Frame 9C7C 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blD9Wj2zxZUuHTMRwZIY%2B0mRTS26lccrYi9WjKwpLpHAkC4nqTwd5tdylETkT0yQsCqihbO1f6ggjtkaIs%2BXN4eH7HbhkpR8r48yXqV0TKymaDM8X8AsvNW3Y2y3kS4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bab0699e409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
sorrelma.com/geometric-tattoos/ Frame C4DC 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmEyuyijGoN9%2FrebZRZZ%2FJ815Xz133lw%2FSadLuUqLKHjqJKSFktUzrVn0bamh5nO2NgWv6K5ZAK%2B84%2FdM8UzpTu7CfVDDr9uGcBBzoLcnRX3Vi67up9fmi5QCZ9mAn4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bab069a5409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
sorrelma.com/geometric-tattoos/ Frame BAB5 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aG1GODkExQUb%2FCeUM0tDiRHDOR75U%2FcIDnbT8mzM2%2FoV1tnvsGAsErAEA%2FphJJiLBNVjwapy4dlhDlLwunvPbuDD8r2aK3kqZBYRUUwbsI0Oa5%2BUZA0NAqpeFX7MxM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bab069b7409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
sorrelma.com/geometric-tattoos/ Frame 7260 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoKSYbFXR81lmEXpAwQifc56PxBkjO817VhOqQK52v7JKA5gGcGY0klqbL1mSO7cGDF%2FcqyJrM3VrK6pFA2cSXHEN5jlKNl6V8uDV9KvDMZB06VWTt1RCUY5Ow%2BTPr8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bab079c5409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
sorrelma.com/geometric-tattoos/ Frame C14A 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sorrelma.com
:scheme
https
:path
/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/newbottom.php?utm_source=facebook&utm_medium=Social&utm_campaign=remarketing

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-pingback
https://sorrelma.com/xmlrpc.php
link
<https://sorrelma.com/wp-json/>; rel="https://api.w.org/", <https://sorrelma.com/?p=1056>; rel=shortlink
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-cache-status
UPDATING
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfynBNullk8dUFX%2FQFFz%2F8UVPFW8zS%2BQoxWj1H3b%2BzNH6jJK0fxJEIeRP3aOCThn25Xcrx%2BTenbEPwzoGEqaT%2FTEGTnEQao3L%2FKUQh0xrNelilHyK8%2BGLIe9%2BwNSXfI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bab079cb409f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame 2E73 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ur4%2BwBZTrf9ebP0ps0QTsyUSXkPM00zmESMOxbDPggKTRFtNaXAJ0tyZke%2BcNB2TXPNzR5B9rPqqv1viXw7nUbSlSGCIMjHbln7Tee%2F1WDBsYyqrxNZIfP7rY9m0r9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab0ba66409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame 2E73 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjOLhrBPhhiK99fHbPasj1wvyOx%2FA7MpEEOjU%2BLc%2FOSC%2BByCBu%2F6MFsPWkNu5%2Fk5IKJO09FCq2HIhp%2FpdkPrH2paXEXwwh%2BuR%2FYacEdhUC4sluy92u3%2B9JPeEh5pHGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab0ca71409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame 2E73 		600 B
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfmC5kgZkpW%2FY9SBuCq3wCXCikTR6Zc%2B2rLEkB713nhVaVwlvvv%2BHeVn1%2BC5PU9ieK%2FhIsG7HA045YAwqIkhfwtpnSQL4LkaK6ZMGOx0WoXqGawv0IDQrth7V2%2BdFt0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab0ca72409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame 2E73 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVeNlrgPVt0KW8DF0kP2i8VrmGLlutUjn1szJS0ZJcZYUJj%2F78QlMxV3E1mwdbM4CLoXaXCM9iMY4JH4l5%2F9KPiDi%2Brnyax3AE%2FpVRPWfZ4Mn3a77sYK%2BZED9J7Yo1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab0ca73409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame 2E73 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wXUXmdCafCuZctifRH8T%2FJBSEhRpUUzMvh%2B80rdhRamv7KegGmQhKHTkw9Well9YIxpBWcZyjqRLiDN5N8D3WAKRnLUPApj15orBNMhnE5fuu%2FNHYgsgklblFm%2Fxls%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab0ca74409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
css
fonts.googleapis.com/ Frame 2E73 		754 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 04:54:08 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame 2E73 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oqqIo4oTw3b7UynsLo1cjC5dqwkU4ylswkoaG2UQ1aRXNFECZtxcIRo4nCYsOVfFH%2B3gb218DK%2B3UsPdL0cBmkOnwruHWfSJrKy6j835iqdeL%2FVR7%2BkLz4A2b%2Bn4%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab0ca75409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame 2E73 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOt2sIUBU9X1CVLguCclGgW3W7GXnuYP0GJa%2FMQFU8MhfJqacRdE2JAziQwP3SrgJkzmv%2FR5AN4HXq8eUl6C6oz8%2BF2wSkjcKK162WEQD7sYAxcmTQHLEGZga1BVsP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab0ca76409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 2E73 		692 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6OMzLIax2DGpBfYgkZQUkiryCImu6f9tcI8HM0sz4xqxwHS4%2BimAD9N6MV%2B9NQHEpU2vIr%2FTc2UdCk2kh5epX8vUBnpsIzfs4BHEJUHNEMvEYrcw28skpDuL31pnR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab0ca77409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 2E73 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAtQRngzbuIi5Twl%2FHZLoqg2D3MxC7PEdlOLdHwrUU2qfZrOhJfOIIskVaAhMR0WlFZfDPVOS8l1T0w1GTUB7bPt%2BlFPxx%2FyiurIX0FXN%2BSdYsqj%2FbmnnKijrM3uWuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab0ca79409f-CDG
expires
Wed, 27 Oct 2021 09:13:37 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame 2E73 		18 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQgDPsk4eFgR8WhaotUOGg6lhE5ScSkQGnD6hdpDf9Sc0C2CGHrDCNothM92MEHRw5Fwi1WoJ12E8Jxwy4GEqE9kBMgIlc8fetl%2BvBmzqaZa875P5AuHMJ%2B2jImJDUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a41bab0ca7a409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 2E73 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190645
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wH4GapSYEFdpuagAi5lbUQmswl5bHkkWBXxOIEA31uLXH2eWGlpSRO44Kbl97HnygCNAnaIO4S4D4wggTPHhwqp9TGqx1ifv1psIniYDwPhJrplrYoE1OlaP89gBFYyyLzw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab25accfaea-DUS
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2886207
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7z0i%2BDLtqbllOWin8fsIa358zxbToBahkdJLM8hpu7pVpfsJMQZl5lkuhptDjrcsy9SO2E%2BxjBUZdIoUnKMLcnG2s1SGOmLLGP4DIPEo6MhpNZy9VSxX0gLvrDreK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20d99409f-CDG
expires
Sun, 21 Nov 2021 21:03:17 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWdFqQbS2%2BahPz2tYme2uilX7vs1j9egDlGDG0FkbbEG303NXlbnsEbEaIJ61HvJZt%2FCizPsRza%2FDwwSwfO%2FxZc%2FGKdr1JXkczuPxRiYrdT5rZVupPezyLPmd%2BJunGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20d9d409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ec2PB6h%2BaVwbhAXEZWKZim6fV5m6JgiS2eujgPu6BsAV9bTPjwgxZI7gvhvY3YvKKIZtoaVjnjtbeqFJ4J7u9TGPg%2BPr%2BsJGijpF2WJGKRzi5qbRLyN1WSKw8KmfXpA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20d9f409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC74P9Oql2IsjBe6A%2B51kmsVfBzbSfTpTRgwC%2FNtg7GWKMEIHryXxQkEvDAZCHN32BEtxc3i%2BTkWDB3uiVEpHEqW4qrJRiVbMcZ8DAoLnZBPkTuLraLzSvnPI0ztOPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20da0409f-CDG
expires
Sun, 19 Dec 2021 14:10:21 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FqEweIenZPsAOVsy8TUgjA311a9Cllm%2FC%2F8hPf0%2FjLatK7ytZ7RjBCGgrRmUoVgY3tK8FB4LJ49eZibgY2ZYwrfnhgujSfmJY7gzudkxDlmNpzwDOkX0Y2Tchp%2BB5w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20da1409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vklgfdUbT8auBXRnB2U0M8%2BZLlpCVICzD95nYbTkSf%2F40L94toHoiIOTGeDHnyAR7ZR0SWqUPNl1ZpdMr%2Fdlp72yEGISoGkeNSmDx2xkWxDF7rLHt9ZGCUuVs9%2BlJo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20da2409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1c9%2BXIUOyKIfwC3ytuKkM0TVWV6R2R9n%2FADFD4PGXysh62OnRl9YiwKA5Bn3VDknenQhTsqs8qQBA8CTKb0IniIIQky4QO%2Fue9W47yxJhM2bBX787ZhVi0QoX3xtfw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20da3409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLz%2BZTQnK0O0DNDG7k6mxToESZ0hHVRVTiw3RC1hHf%2BRKqsEbx8G%2FOu85Zg8aXfnDLvcGeCLDXzbiyGALF8NbkSZWYUc6gcJ5DFdwFgrsSLZkYu2IdAWiowL6Bgiz%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20da5409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame 2E73 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116043
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgjm1boL4AEg0A0o0%2F8Oux6Fsth1kUhLM%2FvDqFRVlmUn7lILHwIE8ayVcKVXcOWNvSHPTs6bULn0LzBQTItj1A6LEtE7YU%2BM6yKH9E2ODx7HyKmw%2B506M2%2BOKpx65Ww%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab20da6409f-CDG
expires
Sun, 31 Oct 2021 18:59:21 GMT
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame 8EA1 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjDDADdD8q6mZpEjLLOjJKr5%2BKvpboirm6eBF46nDFkQ96u136Ogkd5PL5KOkaz8SRG54E3zCpN2xLtPGhIZekqAxLetL%2B4zv73xO5xwngJ7Z%2F4KSD%2F1zgFMusRGxbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab0ca86409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame 8EA1 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmLsvadFueIiWjUR9eKxei5ZOvOGBaiKau8nE%2BVY0q3BsugCc4DuMQGdRLLqUN6EdGril4itP7MQ45dDRjLKHoXO64nKSP53l9%2FWnV1voERi%2BuMyPOJMK1BhOzMnRbw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab0ca87409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame 8EA1 		600 B
828 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTd2GN4kr%2BReT%2Fn6pSCdKjpqQxZolzRHJidelfAV626se1czMBiD3wB0%2Bd7B8Vo1gFIASmFxJiAtA8eMSkKXG668J5QT2r94u3d3CxR%2BrD1g6EO5A9Bfsr38RJzzyuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab0ca8a409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame 8EA1 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AjIdE4WtMPYbwHloTpvt12QA98HOm0eZsdg41v13Ensh1%2FTHjCeOhdkzEkAABNZdK8Li8HVAJJ%2BfRWhZ2jtxvpLnzgkgecXFgqVx6ixJ9UpvsNOdetDlYyCTVbK3iE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab0ca8b409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame 8EA1 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3S%2FWvjZTIp4PRUMVYxWL5z3D7vs2Ol3vL0rbDiMjaawKyBtho%2FdBfFiCTMqWMFt6KxNDBiM1%2FCn4jGp2kW2gR4PGLppBnbLtWfeKuJWmrYki1KLNVBGlpYWKCtkTX%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab0ca8c409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
css
fonts.googleapis.com/ Frame 8EA1 		754 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:46:59 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame 8EA1 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OI1ggWmznDQon1SMTAdyeZW%2B4i7F%2BrzX5h7FyGzJcvFHuhnXadlDRdNu0LBsSQsnh3WpeDG6aKz8cxqB%2Fx3zGTpTKUUTRgq9DrgCNR4wbSjqA0bO4VOkr5pbcHtC%2B6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab0ca8e409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame 8EA1 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGuFMdSR%2F%2FoQU%2FIFtBhjK5CsCdOTSEvA7yoltSeE1RR1uADQ%2Bb4FzZvkz0KrJt7wfTezRfzy4pZhFeAiguC%2BCvAUkYJRuiFryjRgEg12JaK9T4CH72VJELntqg5sFMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab0ca90409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 8EA1 		692 B
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvdhbskQuIxC0b2i7yFyM6dg2TOY3QBDvxEN7EzRJzyFr4R1XhHzYcLYjIzgfQ7DZSjuyQDJ3IjLZ9oXP6qMa3tBBBoAmr%2B5RwrqgatXzyAWRqprPk0Y%2FzmNNZNdjL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab0ca91409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 8EA1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtA5bTLyLIzmXin%2FrFloPqHWti46l5rUYPk2mP0yFUp8girlz0KBOEXmTR9Q%2Brobk6kpTW5SqxGLQF367913eqK8Qum2AfAZ5hMqjkNf8j7%2BaS3amLGrxlf0Hr66%2FhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab0ca92409f-CDG
expires
Wed, 27 Oct 2021 09:13:37 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame 8EA1 		18 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGRLZkjtvGTuOPt2bPisHw6IBzzYu7T9ZB%2BKXmnSOJx4%2F4vtxHOOS5dz2zR%2FAtpaGOMmWtJf6HksU5lqROPoxu9BlWIbm%2BdjObf17hGE9QmyA4uBa794VU8nczHF%2BRo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a41bab0ca94409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame 8EA1 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116043
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6k%2BM0j5lLSofAmM1Bcxg8zQChGBjsRA1FAoHYAVPsezz4%2FiSAeP95jsqL%2BloeseW6e6uTBXwwYUZcaqXncw8HOxNkZmcg7acDNBKPEJcY44pqT3atNffWj0bwRlq1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab23df9409f-CDG
expires
Sun, 31 Oct 2021 18:59:21 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 8EA1 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190645
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySnNd9iymqfn0oH0NtiwqAxAnlNgu5NUOoAx6jQpl%2FMLAIwBqSQ22O9M5gvXE3ru8t9EgQUCePjYwWSdmvkOSKQUypqXENz%2FmmrtoviwCFh%2BUuYJGxUZWFOsgACDqRRo4KE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab25acdfaea-DUS
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2886207
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfZ5NwFmeWXlGeau2cid4bvYezA%2FbnaHmaL%2BUArXi8qp23fdiwBIq9p%2BZ5X10kMwvL4XGSWK%2B%2Fmw3cxGhWnxUK2YnN8uMESASDfwsAnLEwYFzCiv%2FnLSSJjwZOKD%2F5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23dfa409f-CDG
expires
Sun, 21 Nov 2021 21:03:17 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZnP8qbPNgPboZdtz8x8dXcUPMmsgQ4tA9iVTImwExm8BGnoQ2BrBsUj6HbQWvL5Elv8WQM2h2hQYgoKZlnHYeUKCsUDr6exDcFQFgGnuIkvzMLdDKzQC1BDwwgM%2BnU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23dfb409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gydHdOUhejNaU4uOJR0lQvyQd3GR3g%2FouLqKgeqNR5%2BL0%2BPnsbYFMCe6rqUHYTQyod70xR0S6y19fgb1RNlNnTWF7NJ54K6%2BCzStFrsRTWugJOqS84DNTEzTmEy1Io%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23dfc409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4G3HOW8bkt7ujE1LlnMCzOS6u0FxvFGLGQJElnkQ0CmHka3MEbn%2BnYB5AWYlnfFPoXZqFNWQKa0poEvM57owwNXU5uc3MocC6dDZCaKblMDgloOgT0CgOIBIfCPPsY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23dfe409f-CDG
expires
Sun, 19 Dec 2021 14:10:21 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BlVkaOvJFMtlKtPnGQ%2FDPi7HvEviZn8zvrA0C60e8tZpK%2B1woDC5YcX5ja0vM2st7e1Gkn4njl6iMSD8UcvxYZFmDj30g%2FiIjpGvpWHL%2BLdBN8BUptZaAWty3w1ilZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23e09409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2F%2Bx9oNO0zWBltekPMgAJzGEFAQ2Pca%2FOHs4TiNHQp8XGRGySiZ8Hc%2FNqk6SUUklaPHEHrqJDaczJUSFygxY%2B6hbAMhaGKgMwCy%2FcMG5kK393M4L2QKuxvB6U0YnHXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23e0c409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r43pehfRqhy%2B9j5jV9RwqM8m6tIOZ8p%2B8DI0fuw6VhAYj3xFLIEgeXmfzBEPYyG3DrYBgkm8tP3R1U3l1IHnJV5oZhp5ZWIXysMO4TlaY2vp3UJJ0BWCTzE%2Fdcx8eUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23e0d409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKFZ6Xv0B94VIQZDtdJQBXUjnMdFmhoJcURmWKwq57CNqhxpaqH7q8cSCXmVSVCJf0abC8iIv8R4oqVzxKpsfZcv2yxUJXkpwM7AA7HoFE60k2fqLWYBipQJWHK%2F70s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23e11409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPvQ9gDJj0L86EDojehe0Yao3jDvmrGMCtJTtM5LktcgGK6sg%2BiSTWOjRRafuyaa1SabsFS38tUeQ5X7ZxvRfIm%2FsyxuZYnOby9o508WaCxcnwMLFbjF4WF43sUZiG4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23e12409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBpKt90sSE1qg9VelsgEFhnysTQxXdIiMFGJMhe1p6Hg6YH2akZEduVWoJz%2BNOjVM4QxGrdc7NPTVx3GX2gUjg4d04f2SdRDkLLa75wc0YMRn%2B54EAhgdlCJIZIx3xI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23e13409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FhMNayyuQrLM%2FO7K3cPALAhLYVPr6b7JjMEeNViWSDlE5nKm3TTKYLdtml2SR8O5YfPucAfcQ3reBAgQpA7GJSDAJiUNglXRsvZHbkmhe6s0i5a9a9tXQf94lUIPfk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23e15409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIs5PuGI8w%2F5SgmycF2a9UbmPOvwbotj4Cb8i58gJHVpQwBX%2BSRYNwJiStZMlhOTStBV3U6G4jY2oX300Er0AIHAghhh5t9LEZh8R7OOmZOK%2B0D9XjQrFqHs%2BmxX7nc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23e16409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QT%2B3wTB8m9tk226q2%2FgfM1x%2F%2FRqu0pqamOSmmbTWrLYLF4my%2But76%2FITm4aFjM2IMODaIFCRNHpc19wGzlIeOXDGs1bzLnBA3mcqSxOh0X6avCmDvlgzyCbcQ3CxgW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23e18409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 8EA1 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAM%2BIBTW7sqVi6Nb8hiPO8r8yqGlFLpfUjXGbxYNm3vUkYcyNZFIFROA4W%2BZNf9%2BCyeySAhu%2FqlaFHrVPDi6FTIB5Y1BzUEpiLF3mW4EtU9qC9uIi%2BJahjMFxg8ruco%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab23e1b409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 8EA1 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d4f7712ca2d31ecf8056bfde29f31bc69ed86ff1388c5c14e134c211ec7a66bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51341
x-xss-protection
0
server
cafe
etag
5376547957962546843
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:44 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame 8EA1 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGdyzbTiGkiVxf8KSsYIp%2BdJ4wANHFaKt9NBzJtobt0ObDahaJo%2FHIVIMX1YscFBsCa%2BeEfwzwm6HCqoX%2FMqGpurPyez82crVagqZHvG1OCqNrufpdf45ve74MQB%2Ff8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab17c16409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame 8EA1 		48 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lI2LPAP%2BkGmE2fk4YUzPCz1ws30fM9shk%2FmvShj5Og%2BpFF%2FBkfj%2FSiAA06GvGOmLj0ZoIp2ne0byWkxcoYnCkhf4VkjtfFsED1lLYILBCoS%2BAZmKP5bZpaxE8P7opPA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1bcac409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 8EA1 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjE9EGb1H065b%2FjHkCntcNmTAU07as5dcLqElQnCiBwqUJaoJzB3Qcn8tv%2FBgRwWAQSMzqoZGx1UiUR33Zunxwfey0AWl5OgHku2reYGATLyvNkl5y0xUzGPXPc4bT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab22dd5409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 8EA1 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbzYiF3LUiijK%2BMML4fLkOvnwijHvm6%2BRG%2BBFZKS%2F58O5ZJJg9dJI%2BsjkdKbXCE8Pdr4Jym%2FhPGKQucPkf3L1%2FhIB%2BwK2g3Rc4qCykYvXri4Yp%2FKadutnYeTR2cBG8U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab23def409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame 8EA1 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3fKYGqDncigUxS%2BdZZTizxkcwMp4GO86YGE9dEhFMRzcUC%2BnsoNNffA%2BIwkDZ7Y6uif9MrFfYLqBWsV9YFRmy%2BVX9lh8R5oZ8vwr2Pn%2FLR0piq6cH0OCNjT0nf811k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab23df7409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame 8EA1 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiKwWoNvf0pzWDXUdDPSABTW2OKgMw8atXTCoWlKgSXURv75LIlD9T3yBeyuyLXvmOUvOk6uEMtvDSZo7Ywdj36c7k3xHVg%2Balst49TB4CjlepCj0d84uPLFPE5b4sM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab23df8409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQmVJiroxy725UytyF4IUztUdbM3j%2BWAmB2%2FQeAPqPRtLixL8sf0lcaqWcgD1%2BDWmeJvxItvbMLjDrx8G4MtB%2Fjgc4eDWfxY1PLy4dQr4C9KVLexm%2B7egINRKPYn7XI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20da8409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYoGWQVbbTW4t9Lb%2BoyxcT6Biriw0mtHSh5h0LQXK2msIkA5z63QVfiDX5T9ln0eh1WkdU%2FsIkdkpGoxl5H7C%2Bo4m6syxZ%2FRbc2DJpNi%2FrtFjeKCK%2BGIp0P%2F%2BYeHUPc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20daa409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSrjTbUhN3FhWHSM0BdLJOCtqp0pQAj6kLFoMjk5hXrLx%2F0nQsoWo9yFr6J7SOQt%2FcypWITE1%2BAnMSCAgBPdW3nJtTerZkUdEvW%2BcTwufqAQukRZVT31qzMcW4bcJ7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20dab409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0m1xAyyF%2FT7cGxBeANY9vmWhbUSDjRxyXnQ%2BxMSngNmG2aWdCmSrHuazp2DNXLRBz%2FWKp88%2BO4OUqMRU5GpLUnqV4DBuB9jSEr%2FBvfBDgYcVH%2FnY31DVcgO%2Fyohzr9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20dad409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENaUMiAOsksVRNqpgBAzAvqFdMbJl9NBq%2F1komT6MTY%2BTXU7y1I4cEXdp4A1TS83cXO5vZxiawy3y5RJ1WdlJDldSKa4bf%2Bg8lo%2FT%2FpbFEBVrMNAdUTKmYJuY60M5A8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20db1409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 2E73 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywk1P%2FiuRGLbJUmDr1UI7heE7y9AGhFOm8u%2BWI%2FKigCEiGf3pooaA0YP13oxcbBUA%2BifIo4SySqe%2BLZUepfGgbNbAZuh%2FlsTVe44OOC7FO1DvmumOwDH5n5Y2wzamQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab20db3409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2E73 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d4f7712ca2d31ecf8056bfde29f31bc69ed86ff1388c5c14e134c211ec7a66bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51341
x-xss-protection
0
server
cafe
etag
5376547957962546843
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:44 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame 2E73 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COuvvfvr6KwqpNlSOThKOB6V%2F3BnIYRQ0evcY2PrT1zn48ini9PeRSpOrLv%2FCCpo%2FYMJ4SFLO9pBgqOIeo1A5P0lsbJtjQh2uaqp4Kq0l0RfNRtGJJHkzlxoce%2Fl2tY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab17c14409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame 2E73 		48 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjH9i7YAlo23yV%2FSq4AI0QQmce%2B0rR3yomJJhFEhxY3A76hg5fGVPudJv4c73jSJfgikW706jaLzTxxbvF99HY8Sgl2EwSoj6Vgx3BGCHKHk3Ajz58uFcZAvVIP8aSc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab19c5a409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 2E73 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2Bnz61cmsS1IPQBSMgaGxC49dJBqJtyuw%2B2ZCzVq2eXzlTyGINFNXPfK9pf5hLQqvubQhg1%2BW%2FKXeoM%2B4N8zYz8nKUIt1iHSqPwfH6mqt64zKJ77%2F6hBpwPhY%2FfIzA0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab20d7c409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 2E73 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KM%2F%2BjVVvD1WFyaIkYO5KAcLIkhwkz0ZgpC3lHOMW7uAb11xeP8EeqGW1vusRAFcBnpjzm9GO%2BSZYxhKxM38RrbK2Tn8SOdpjREFjCgkTTaezDzEICiDqWGwl2qsc4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab20d93409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame 2E73 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrbtUlBsIdH5iFPV6oZVvutYgdAoo3a6un93XpPQhCW7kzLKsdVcJEUvQpAX9B56DgtXU2zQvAo%2BrMUguLcV6ZNi9DhRVJMLCRiOqvWdf1yT3ZV98siwu7mBTC8uZyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab20d95409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame 2E73 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRLfe09zbPv3EwMGdxNZiJD1POCIHlfEQ1dLvkqybKJqW2rFcF7CjCV6rw3Rf3hwLId5h%2Be4UxJ2EjfPvMPbKOQCZ5%2Bj%2FqKq%2BXBbgLuaHROLl3Z%2BW54CAkxLaH1aFp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab20d98409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame C4DC 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0OMn5Nqgxhpg6dPbyaPaDqb3rJitchkaWBYHZpb7889GK6joNPgcr7ny3%2Fcob35qy7NiYr3uoCS%2FsUk%2FDiANqdNi3pNe4j95v8GO5yVy9x6DOqliH5hGPT%2Fug1Ypwc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab10b24409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame C4DC 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NY3FNTJRruGH2pVJXAXPzaNoO3NPTPZlQ6JRo%2BprAOsT10PFbCgfaJyGU0g3GtzefTWMGdMoqi%2FnKCwpdBVboc0O5lxSSupn%2FAX8kzc8OxM%2ByQgvBl%2FyI%2B0La2przR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab10b29409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame C4DC 		600 B
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiimR8lmVhUMF4TQRJnrLSJ%2Bi4Ehemdg2mJsrfy0pwNPY0loD8nn8ebeB3phUvj5oxYYcv7VWXumMjzF5OpOj%2BMf45JvvlgTpMMY9MePnCyEti70w3pafJlwux6ayow%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab10b2c409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame C4DC 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DIYd0%2F9QiFm1eq5QORD0tQdYaL2EeB2SYvrPfmDBKEef1uwuz%2BtJV6r5NUVWWr8LHKmvIvP9MDBrIP%2BtlaXDJA4%2FILdIMsx1nmKsQRWmQvAqF8pW6WXq9Gwq8i0xWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab10b2d409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame C4DC 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hV0DgnJua77%2BY4R4iIG5kK7fBjWjKkuEoKBpUWN1DzAZchx5GHIdGWk9iRNPKf5jg0Rc%2F60zOD%2BNMbxS2NdtxcMbxrAzYbaQ523aF2V1c6y6Xui7tgDJc53FP3MVzsg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab10b30409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
css
fonts.googleapis.com/ Frame C4DC 		754 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 06:36:54 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame C4DC 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vecBrs1fjisZgaZ4c3Zk0VV1U7JTwd9RMlZip4oX%2Bofp0n9onzxn9dsZy7lAs6tPisTcdvrQK1fEEpk36O7dFetd%2BkpxiQUZFH%2BDkRG6PlHBhNDJ0Hs5Qnpbs8z7Ob4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab10b31409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame C4DC 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytn%2B06JR%2FH02OOxMWHZLZBEmOrkkvfW3O27TFmlWbWb7e%2F9a%2FpQ2Si7ywUGFfEOx3aoKT4Nknq%2BAPtwc0AkF6lLtIyR97bXoi3J1pnWP%2FTKBLXPo2FOHDXPbX5qVA3U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab10b32409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame C4DC 		692 B
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdszEd%2FNihcKzNZr%2Fwvq1q5kdrSnx%2FjAFah7C5NWstAQLi5frpDeR30jtpBmJ4YKCo4tAc8XT4Ef5u26yy1IDOkzG6oZ51GhHZaMfA%2BWUst3gAi6%2FCrCO5FK%2ByCUJQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab10b33409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame C4DC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOIaUnWu1XIp8lQrG2lYAkmV7f5VbtJwlaY43Q1RFk3jZRygmVYk4yY1QwQvSphoM71ojh9W8Khzuxx5kevtbZub3QfeWGpTuCJw0Gl2V%2FJbUbqt%2BrR0xpCVVwQYBXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab10b34409f-CDG
expires
Wed, 27 Oct 2021 09:13:37 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame C4DC 		18 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJ1Uq0uo4ePQGTioyXL%2F%2F8DgmdhTDRDuWNXZS%2FNvHf%2Fx%2B4w3p0uFEXa6mypsWrsT8hJ7C7CQzAbjZql2lWTiXEoKyexC4bNNaH6sb5v8YqlMDiRTrRt5pSYVxqY9SUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a41bab10b38409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame C4DC 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190645
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjT15KjKthULlP3%2BEdFGS5QsofPw15F6UbkLhvBWRsxa%2FTwbUQRO%2F%2FEQzOqQqb366nYy%2BfQs%2FTiigv%2BYhLy%2FqUE795603AQycDO3tZbSPE4Ue%2FoYqOjP3gACl00Wrc2Li4M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab26ad5faea-DUS
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2886207
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg8ssoh2jj9avCQ5dNgGMqS%2Bjv%2F%2BrEUnSl9u7CR2FMMbTl%2BsTAIxCgTS8VZtWL1BToSEQy2t8GuhdaYyxhWe%2Bh6YVHQmZnQdFSD5orrQ1rzQcuDWLtilTq%2F5ECUb%2Bc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e53409f-CDG
expires
Sun, 21 Nov 2021 21:03:17 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIer4KtB4OzTre9WSF15H1WiWzrpGmfvexg4PJTDRz088ixohzv%2BEICQjlGTD7EK4lf%2F%2Bs9w1OTZ6VGtYiXdvmCCZTkiFCObNZNxGasfuxeZg70K8DAdK5pK0i4MHz0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e56409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEP9%2FvewazJ517nSe2lqE%2BhBXagre7BYmlIY8mdzVWUmLFrkn0g60SowIfW1Q8%2BmoZxwuLN3uAnPZJxY%2BXFE8rn3TfEvtFxzUE50BwdIXFgNdChXKrbnObyGUYzRuHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e57409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJ2isEDIJCgXUZ2FMODYLJXsGvWL1UFMbYoe23HW%2BIh6O8e4ZN7Mk7SWDa38%2BDxrbUUipBJOeQBDJR%2F%2F7KaIK9j8cUqZwXCl6EqGSqm0SF0tbjhEeGwt1X3fo%2Blu26U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e5a409f-CDG
expires
Sun, 19 Dec 2021 14:10:21 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncpTSFgD7Udse4NUx4%2FQsi2Qltvs2a6kSV1ei6DpJPcLxdc7xlU1Z7jyAl2nE3PY9tcSS%2FMLjdGuYelHaJVhDKfnXhibQeLdKEDCKjRXe8ts8Yq28fZN8%2BYMxPJZmVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e5c409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2Fls8xAvOpzvLzbDRnNlzf4rZuBOgyrXIgUKwyQ5w8hpdw6W%2B1H7yUX9%2Fia20%2Fuk4V3qNkWEf%2Fi%2BHpd90IHLBDherYUNyew17B45nkjnPSqSpd3XH9QYYyGyxiPQ1cw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e5f409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCDQichyRAjcd96jyJ6%2FM9JvRkT2nyAKlCbe4nYiY5ONsGXF%2BRwLxWsFu83Yw4n%2BLbFRcltUmGCc28pb4K5vP13IPtUXbioVCTqe0%2BLpu1YkCAMGje7%2BCItV45bXoSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e61409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg0PhTBDjngtxrgJ%2B9E%2BDxB5AIthKbSzNlXdpZ3EOczgnG1Jm44yr4gir1Kb1HUtOa%2FM2Sln8TG3YQlioRx9NAXooMuAN64lTbTbDZQM%2FFu9XjfNo0HbEfSsFefRRjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e63409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame C4DC 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116043
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJcTZCExaolMX3IUbfFnhYHCtJZNT6nXiMv05EpYldlclG1sMaSeOcnokOvQALOS4fKIvR2vU5pQ17VeUE%2BoazrGk3SiapZFpOndJBj10eWmFrNIh9jXNaynafBBaeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab25e64409f-CDG
expires
Sun, 31 Oct 2021 18:59:21 GMT
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame 11E4 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQGW7Md3qhlrMPNlbMVMtxd3qjViNLywLyldLvWB9oRBDtcST1hIm%2FMO%2BkwQ4zxuVWlGPEf4d0qp4wpUWXG1Q3fhFfgW3CfLpCUgBMABE8aEM3ftjw%2Bi%2B9qCxjaDBWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab14b9c409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame 11E4 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqZ7AQByHIpub3YqbaX1mMsIZEEB2V%2BNnuZ3stZ1190DUlgFNjFKJBla24T72VuK1um3WLwBa8PkTfc7BbgvdteCAJk4TNpcM1UtgFRlyD7PEzZUFXp8KfBkYucYqpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab14b9d409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame 11E4 		600 B
829 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLHS7R%2BV%2BbiMl9P4cr91azmqGbEO2guXO4tmwio%2BGKBp9ruAoDXPT7iCd8mPBCiB2xJv6Q0b47Nb8P9es%2BCQv6AZS31Pu1Ik3CcSSnKS6dNVd49yoDyrrNZi71FHmIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab14b9f409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame 11E4 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwu0a%2B8e6T%2BC%2FFNsUmTw5gwNQO8DJMpnjGyqzrppTzYEADWOtzmNZw6c6RH3nzEfJ%2BVxA428ul2F%2FQqqAvHcZWiBqyr5lAs7kWvoLn0yE5DuLChXHZFMw3UtaGololw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab14ba1409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame 11E4 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUPO9QtCanT36dAqeM19ldkvVVIWL%2Bg%2BS3qvQHYuqSCUNFciqRn%2BUe3FkNTlhnt7Mh0%2FKer06sQmNrres8pMUqMzJKTGIsXLeVc7FglgamiDdMNyifrvRs4ZrihBLQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab14ba3409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
css
fonts.googleapis.com/ Frame 11E4 		754 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 04:56:38 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame 11E4 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i03m8X2zuL2hDUGfokeUKcqJ2g4nrP7NLQIuqR8NIj208ljfA%2FDufMiErXakjwLSmek7D9V6FFie2JP8PKoSPhdD5owVV7V61lgZJpoM2yV2rsTXZQhK7NmHLIeC5ng%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab14ba4409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame 11E4 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30Zup3Dk9pppSpMIwQN%2BwmjWiSuFLFjKDlz2LG8vJaHRj1IOBUvjFVFhjUSqv4wJsXCVMY0e3xlLDcoOITEYOf0Sp3eJL7bCA%2F9GtjXdXfZ2YIGUIqpNxk4LECGZGNg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab14ba6409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 11E4 		692 B
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5qNuZD75wTuHZvhJI4pFxZ%2F4SY4HGFbYlxCft7uv830aANGgIXXaDHMlCg%2BtCio%2BmRcYbrZ%2BJ%2F17gtPLt1ReXNblB0EE50cjwq4xoOZvnwADsjtt9l4VMtwVuWqDbs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab14ba8409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 11E4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bqkq7i2YHUzwcnEe0xiaf7qo4rzr4uFsCiquI173rB8jStPAZT4V81ike9wGDW73SWvwttCd%2BI%2FYRX4TYSojtPe%2B2nH9BL70uDJ9VIbZJNKP4jgpJhax1YUEp5%2FOKEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab14ba9409f-CDG
expires
Wed, 27 Oct 2021 09:13:37 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame 11E4 		18 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTjVCJY901If4ZjI%2B7%2FxEPGEfzxlO6AKO%2FAKNvt28y40qx45mBCi55xU07tzpfqKMkSfWfOyn6sMQB9%2B38mZXhEdF2qijOoLXF6obRlpeHzKzIzZ%2FnTLiwP3LP85R40%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a41bab14bab409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 11E4 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190645
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8klQQVg0egx%2B0VeWZlVzXyrcGm5hR8WgDr1EgDa05utfWJh89hs6%2B8k3OoAsaJApzE%2FsXctzadT2XNMsROLv6lRJe8JrY9KKbtKIp9XYhi9c6jk2313FuymsMGgQIlGEILc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab26ae0faea-DUS
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2886207
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRBHXevpKHTRoZjU9reUgSolRZq7BQcX7nyDzk87p64%2BflpirXwm1eOPND2KkV6LR%2FLwjB7fxHPdTq%2BPu2nNAYtev46eRzTePcLn4kUcJTMj8Zlvcja6ZUJSSKFK9hA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26e9a409f-CDG
expires
Sun, 21 Nov 2021 21:03:17 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UEBn8TGfnXb5mdn%2BpNLP5Rwg4JCKP%2FGCx77BrGClIKfQnIUnGRaqe79%2FY7dU599SImPupXFzh4yoPRu9ofl51OJBh0y4AgQ1j5lvRL0oguJieZQCjUQFN6wDAuOBXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26e9c409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmxDPsEWLexghKK02R3%2BfWBPOGJJB9mxsKDmgvYJgKnHx7672Q8gXuxfdMNZFaRV9tbmS%2BX6GijKiL39ciQES%2FV17Fhpd%2BszMJO3V9cf3q8N6kqouBkal5XrCvkP7ak%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26e9d409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAnWKgOXh08vnihMRtKDktrrlwJw%2BL26uRic9Gkx4DWrRQxEaG%2BHqlIkLMpZYCAtifUwKtWNCYd%2F0NUsqdxjRbrBw0DTNmDgYodcmXFdt7PMP24KyBMZO%2FUWo3Wry5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26e9f409f-CDG
expires
Sun, 19 Dec 2021 14:10:21 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VICE8wYQMRjaUceugDmdgGDHBUMPLmB%2FnC5BmpnTUk0BXi0pXkVLtmy3l%2B4v8rneXETKNaVlM%2B8bzLAObCwXYoJ7DuTUY76%2B8kIgYINs6JRgbHE4SlPrtVZ%2B%2FwfBQRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26ea0409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAEvsk0x0E6IVT0QXQnHPmBDIMTRIMeSzg%2FWjQ8Rr%2Fo6ZTjowHfMa%2FG1IOEBhtvMBTR3wC%2FZEVcXZGC3S0qpnic28QD2XTQigQT7vcAkVA8Skyn2mOm3UoFNCUYYaGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26ea3409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJ3i6BEwCacj6Ur77vxGes59k436zBRboATK1sPWBlYo73FpBAVSVSuKiVG7zPXzeeO7QmVuYZgfew1GbRG8FcvF1Cssm%2BaOF%2BITUiEFSbIhWzTYPx%2FS3ujA9OIVJ3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26ea5409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZljUdtWsGjsv3HvjLzJKQn7jPaeUzdZV7QTmzo9h%2FOa20oyNUjrSme6EwGsel6QA%2BD%2B1ULyJ%2B5rDU3XYK%2FuidfhdZI2d6DrKUTtdWITDfp9Cc3i79ArzBOEe8IWqbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26ea6409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrCkgW4YfaIIDuzJeu37w8NUebMBYPxO8j0s%2FP2EJJ6H1TNXejPwV5t1KJW2jOLkEZJ%2BJhgsWba0vtKaFOrU1L49cIyhTp0oxuti%2BkcfmMUv%2FkgbeWcXLYmjEeyy7X0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26eaa409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZej0ud4Ont2ClGBBoKjjfVSqc2bg4KzAkNgAT%2FUrVC%2Fq18pmSPJntNIWyLW10EL0%2FJyQpK4mcPICvQIzwiYvZW2Gu7oxIu%2FjhD722VEg1KE%2FcJReZQSS72RzIYN9Qs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26eab409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gR3DRCZ5%2Fu3Pgm1ZjpgceIRHUvzF9PZyOVW7sA%2BdF85UaEhXeiiQGhxMEtb16f8tHpCtBT8ybS9hQ9P7thuv4P6DdD4jJ18Lka4aXCTj3BDDaZGggXao6nKTOXcoE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26ead409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tkk5jX4U6CNJqmXpdCL9qoK4iqllum5Awso3lZ4fUc0y4Dw19exGLUFXLpxOg1k4EZGVyTqpXpac7A6YFU386ad7CrmcvVBJIXUPe3H%2FwwKDOWVkerGgQjQrO%2B5TNSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26eae409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jJx%2B3z2vnn9tlQiyX1Kg4Gw7Y%2BSC8siM1S%2B2rFsQ1DY8zRy2LuoJErttZVLM4rLe681pWxAh7mX1RdCq1BNQcnJtFwrOBuO4OJ2LPmYWEbZZX%2FJtGDmANNzJ6fTPZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26eaf409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 11E4 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXXZftmnKHtEpUoF%2F2taYiUT0NntYUx0addy7O%2FeSq2kv70yf2Bba%2F1TWfT3ayLVHA07xCPksbpe4SRY7rzEftT70aQmqV3Z53hN8Kr0X1d8n%2BvRBs61YUg5PRBJblA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab26eb0409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 11E4 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d4f7712ca2d31ecf8056bfde29f31bc69ed86ff1388c5c14e134c211ec7a66bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51341
x-xss-protection
0
server
cafe
etag
5376547957962546843
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:44 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame 11E4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAygjJdNUZqcpguLRR0tpP8ctbdIWrCPqyIZ29QLDOH2zjWRiye3MG0aXKwHaAlVb9ARCqURO46%2BxAk2KS45aS4PRPeKw9vr7sSYSqZ2yytziCwCBkVXW3c0Lv98sWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab24e21409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame 11E4 		48 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IESyJDuCXukg9DBDmirZgHDIypuDHGEmSwdEZ%2FUnvoJ06kw6GTiU7lAZCrS%2FI2fWpcr9MBTM1zPdArRMjUMYReX1hB4eeZwBRO90nQ9iUOe8rOjIl%2F7NR6ujr580ydQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab24e30409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 11E4 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xn2u9hZQyGZkzHdWTfPHnlTuI4MF65pQsHO3bdM3hBtY4azCwqAhRM69mCM8yRxTxJqVYZqV%2BFf7Dkx1tetAaZM67OwG6dirINqy699CurBHjEEOv1G1EmsoxZivHo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab26e85409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 11E4 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BN3lQg%2FOD6Bk4EbYonMse5XHGUpumo7tQOGB1zJM3fIqLQ0UCa0s2ESE1qpNVVxpXXy1Vewei4mcjHDqbC0hqBxzviUHMn5M70eKHeEymE5fSPcDWxazX1XiKBcNCw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab26e94409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame 11E4 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pogVFMu0aqDWqxK3O%2BSx0VwX3Ok2iWhD4W5JEsV9F8wJxgp0%2FYU06wHKRmHAZAP8duKGD4PcthzTeG2NKj4qjP1IqPtgItd4WgM1ez8NTP1jqM1NCg0DodqVSDymcXM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab26e97409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame 11E4 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2TTXFwMwbKJsFgy2%2BJr1BIfEuVrxzoLJ8LM58wftDe4Gaxyr4fMBY%2FLdAUP%2FBYLGrBiEXmd4WO03SDB1U8khm05rP6X61JYI9Ockefeg9%2FA7bqHF%2FRaZl9bt%2Fpzvs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab26e99409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame 11E4 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116043
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgB68TkR8pZqC77dy9ntfKuLUNR06fo9t4xqKaOO91RJfLX%2FLg5%2Bk7XI6fkvf%2Frb8n8TaM4yclY%2F%2BQBfOLqHGr%2Fr9WD2XP6%2FmnYg%2FtWEu5hwsR0vyWMDfbP%2BifD6TR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab26eb2409f-CDG
expires
Sun, 31 Oct 2021 18:59:21 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvB0hLRoh380fC0%2B%2Bd20WuJcPxnut6di9OC6CvAXp2KbkgbYMJe6Z1hr2CaixqIMECzwbn2Ja2pPMNfiuNqISYaFlry8DWCsMp7VV00UcZMWl7DGG0FFAL0CY8awM1E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e65409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TX8zA4SNy0kA9QrLznmUT26ywnlAmIfc2OkvUfy7E6kT4qpglTxa2vymYNpvs3QXgB1rLPdEQeQiEoyIXK9TUWfi0poNzteR1t1vqjKf0gNXWSOLgbFgIHkdMRTGQ%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e68409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrFNlPTzrOgqi46NH6%2BG0TNupw%2B0c6YureTm0Z0TYudorzRTg8XDNt41OBPEHheTPrGcG4Fnk6uKDIwruvlBkXEgy4SGB1cmSLE4zkCZ9OP%2BQPbAYywzXvXCwPLOk7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e69409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6B95hB0RsS6ZTRSo9JYDzvyDMrHddovvShlVIGK7ybHB87ATAehYyoztmEoxyhNIF0Bwnc7Df%2Fc%2FHJQLzXF8RiLg520Nou2jPxT1fe%2BQ4bHX3Lfu52Zv%2BbKDTotd%2BsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e6a409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URh1QLFmA44ccrGlFqROpSRcN0ByxwW%2BsQMSQrPEEUg7GOZSHe7VJxANOlSSwVKjsqYxhMDCKEbc%2Bytz%2FK%2BOwr3pWKLBlO08wRYb67n1PsvtkK2XajtD9PeNUxIUOLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e6e409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C4DC 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xvlq8W3dlXTo59zQqerfBs%2BNeeW%2BQ5muDtWtvVBZO%2BqEhtjTUIePlT77%2F%2BrmV6lVPR82ZRpHVHYqyU7kEHMeJU2wOKOL1EasDvsKNwNOoi9hOLigrZ1QiGPx2Bwpaas%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab25e72409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C4DC 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d4f7712ca2d31ecf8056bfde29f31bc69ed86ff1388c5c14e134c211ec7a66bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51341
x-xss-protection
0
server
cafe
etag
5376547957962546843
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:44 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame C4DC 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfYFYTDjNjtPQLasqolCCp6LQSkP8OcHbbZ5r7%2BbqKeSIEwmv3eSWelwtTstQYvv%2FqVhAxe8YSI04tVcW%2FsG2VoGw0XRhwGaxj4UkCpVpp73DOU5Et5D2lauXBKCyVg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ed39409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame C4DC 		48 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N673Hpvfe8tt7IteCsfB5xn8ahnRv%2F3eh0nLi4kVkbIEbEJHfE%2BsTHFk7XmWnUDAlnavJfuHvWoxqK0P%2BzTJJ0Jz5ePEWoJ%2BnzRQbTsHeS0dRBqpfML4cywFmYPkMYY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1fd5f409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame C4DC 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FED%2BxHWhwpCgeZXKr2QaMLU%2Bf%2F99hgXijtfJsNPlvHdWySunnVk2jsQvU1F53hETBDsWaSJXWInei9csTQ%2F3pDgblJWQ4enVH5mWvZC1iatPH10jjr0Cw6Xl7WYYU6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab24e2b409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame C4DC 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2D7lNqS%2BvV9zf%2BCZbXRhGsSokPo1rJLaYbRvjgidm9NHrlT%2FNkWW842qKzNrU8TXe6OuneZOPSrsTK4Q7bam2H4qL2b5nOng2djl7BHwS%2Fa1YhMGoqMmRT0vfkNot10%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab25e46409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame C4DC 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUYMV%2FP4px3z%2FlEfFmisHr7LK02fadyS0iUbUwIbcl7meMLqbpJSN3TTqtyOl%2FkuLrmhign4IinTZff%2Fad8qGkkzhjtAn5wlcINwtNIJiWQCKVl7bayr0kHsTsiuiHg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab25e4d409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame C4DC 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptT8v9V2%2F0e147g5Y3PCF7AVmmfu%2B5OEuBQqIYM4AnvyuPSbMK9f0BxK3cZgHmZbve%2ByavZ0YiLSMsQwCEn53hPtZqeJSaZ2%2BNamn%2F4a3DFdhnGc%2BLbe0h8C4DUMVKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab25e50409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame 9940 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJe%2F4bI9PXC7zBBNUpjCGPp6Ze%2BGGczwIZ5K60qGX7BoCJQyVIh96p82TEhaSsmdJsh6QqLhNRaHWZDUDCob%2BgGXKXuBOfnFTh6QtwjhKsPmuQcWrTyDZy8ERpOPFzc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab17c18409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame 9940 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWiIkYXzuHYjxfgP%2Fkz%2FigsDbZ1zBiDAhbwh1I640BYbuL8Opsrf8D7O7TBfaDh7feZ5s4r7gB5fG1B64borR8UzW0tylJwMvmwH0lbvw4T3MJy%2BavTmV10pycDQTQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab17c1a409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame 9940 		600 B
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBMdFlruh26EEJ3s0o0ZZzj273lxpvLwWuz5lvBqrMHtMF6CkswaP0wleUNrUg1Cf%2BgoPfWmvU208tU3VpruZPdofdFMTb2a%2B3ylK2ZaCD1DaOuoE6lhr0wpV5sGMa8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab18c20409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame 9940 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXjiaGF52vhgFr1oygxkn1AlM2eyGAgnNzsAVFtedOkYQOGIq7fvTH6eaNFnKuDiLMVelON%2FBeP76l6SqF%2BqsB%2FtlfS%2FmA2GpFLdY6bPBG1Y7fNejWPH0tNlF64EY7U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab18c22409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame 9940 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BzSCOREtPI8gKNGCVZujsa%2BfCAML%2B1RBi1msEKtEhBoRmlDCRiPeYf9Rq5TdbyeJJn8C%2Fxo3JWVqjv35rfkUB4Ja57iVAJXqAvc0p0joLNK2EN0jq4fmoGRsIzZVtM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab18c25409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
css
fonts.googleapis.com/ Frame 9940 		754 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 04:51:29 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame 9940 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSUv6QoIFNFyl0HfrKRA1XFnbTzyqo4vfxAdh%2FLl%2FM4fYlry5l8pHfKlrTLhBVgadlwf1mvW9cnae8XTp4fKsoYTXTg1fWaqaz%2B8TdOZqsd3zG1ws0%2B623Zvw3qfJJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab18c27409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame 9940 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7bNizeqcQ%2FwCgTMnkbgT9RRepUBXcaOH94ekCo7C5AON5fEydThVUzxKFKmJ8fOcDb271YeDM%2B6yNwMaVqyI%2F3NuQNTS8cSfuCWQ2%2BM6meGF9JQy0HSoQ%2FfCMOVSuo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab18c28409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 9940 		692 B
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0Ytbcqt2D2SHZrXZomZIyHrwF9VLcDv%2F52hEMAB6LUtyMNFUk9dM3UfB4dTxboDbdqSnC7SlTTQq57kdKVP80gk8uQggmSOl1cvhCISVYKBiYYkzcguv1%2Bem9oWWAU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab18c29409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 9940 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJTFN7d%2FTCD412bVvYq5s6bMicMMn9HYVZDVF7XDErwARa%2BeeTjdL8dyzScqE1c26nU4BP7CQ0N8iUHo9hEKhRIdqVCriknYnOaMPaRE0zDkdTAQ2DAHuzCh9s0V%2BoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab18c2b409f-CDG
expires
Wed, 27 Oct 2021 09:13:37 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame 9940 		18 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuWtsEjuOutaEV09GAQKZZ8MEhSADiqUioAkNFC0ztIIMQZaFBxzsQQ07wX8uxieVmpZLrWl1qsOsi2p9nSrEIsFTrvEA6j631j64gCKm60k%2Bzpi%2BzyRuaVkMLj4PAI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a41bab18c2e409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 9940 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190645
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BT7IrAIe2K9z4bt%2BBsl1jZDnzF1po32VbJuHwO3C6ILOOn1uDZpZS5AF1zRkl3TjDkYpB7Q0ghjdTZTCccWsUVIWiPw8VJzxmucaYVjsuwjAFkQBwomxSRv5msDpPoMJM4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab29afdfaea-DUS
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2886207
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YWh9g5IQspooSjCvFfJ8UwRiXu825kucPS3Gkk53Nmear%2B1bgGgbbzy697hVyfF1MFaXzdhuUQG%2BYWaNIN8JgYTN%2FDaJ2rQFgt22Cgh6bfxMA8zgGk%2FowBVnTHe3%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f10409f-CDG
expires
Sun, 21 Nov 2021 21:03:17 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igLpBeBEt2h%2BOUthGc%2BvgjZnmYIAl%2BXF7kavfBsb%2Bmzi%2Fm7y4kEoSIcNVZaALgufCXSxgU9VtP0yi7aKH8znax5vRHyu%2FRgp%2BtBECGJvyoWOz5V3iZCLOkc9zPdEqvI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f14409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeFv%2BlE%2FbmQAGo5wMUihrRXSRB0yEgNULZ5nd9BpKKVhAS8i86wR3Vrw1GcPVZiK4gvXPW6K7U54sX1stnvLFx9jp8WBue7xKXAJoDojzDaP%2B3G7aWYW1jUHt6Qovvo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f18409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPXc7dlPXPuxfAWzuxl%2Fl%2FLMvyLQ%2B8r4nTGdQ29%2BAEdgqBwjGq44GfKrJqXpb0XlP%2FGrpD%2F5SY%2BRA8jJflyG5IQBoQQ9DmEKCT0Rk2t4gnEorLwvGL%2F0Bh9%2B7RSojEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f19409f-CDG
expires
Sun, 19 Dec 2021 14:10:21 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ft94rrHWUzI9f86eQDqLWGA4JzSDXYIM7SMG9KkO6xJ35DSectGucaA%2FuY30lLggaQ7l0ryCQDciC5aiknaXqHbz9QH6u9Im2BIpvjKmRyRdCVO4NtGySXygA%2BSgebc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f1a409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2F3n%2Bfv2W9JuYSxltVNQ2akSY1jD3R%2FUet%2B%2FgQlOtuwW6nE4JV1t6IvtDQjYYUO2yaYMdJs8SbHcLSLB9HbIMxPxqf1yboTAsmD01wLl7nB1mQ4T38309l1Xt5MTOLE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f1c409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKyWB5YJ1TP6ZRrRJKQKnh9I0MIUQ9fUI19byw56r6KbClcuoHHrEQ0faZFpdk4d%2FkScIB4ofa2Mdc6gmse4U3JAcFTynxVK98tM48crVHgkgKHEBVjAyA1COQZHoOA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f21409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7hgyFPoI2c8ozk3XZ5VW%2BAUsFsgcScie2OJV06iBIvm7QGuzhy0vNKl7%2BxTRcC%2FR61QDPDSMtNvr%2B3YIoigCulVGSUHDjmAkzLULvUnoFoVG8%2F4htKb8OGJV9OydC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f23409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7IoXcv%2BSUYMmp2%2F7zLMKqtLSX1lnSnI75gVK0Advx6s9LMHWUTGCDDGrl%2FHEmjdGXKogkHA8fmU%2BOtsqL8bzxCXhQg3ExNYBaIER5SSj2Q%2BsQ35OErTS%2Bn5uyffZb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f26409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRl7uScj8UAhqzlxC2vl5i7LbZqAaGZ05HK9DhVhcF1vY6fm9o6q3fdB666ZX5DAwi1T4Zg3M%2FLnTikUri2o2T1vYOCYGEHdtjNrK%2FI3GC1TfVv%2Fbaq4f4j%2BYuSFzq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f27409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOIDdOMJAaysK1fNst6Tkpmw24f6Y22zqZoteHEqWJAdKiwZWMuatZwpJGwjS9MtcgPhh8s4gXt07DOajp%2Fdyl%2BSI4Wb25onbNTcDcUXRXXfzcAYcEYkUKJ8CTINt3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f2a409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2dx4fIbWT4pHfd28SBTJ4RyxLE1KY%2Bn4eb2dPu7KG21J9I6k66wjVnVW2ERJymblatJ3ipwyalt7Ih%2FdzbK7nhRJIHPHRYGDDpQKkFZ3Mf8PpP3Py0ilqGq1UJpY5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f2c409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMt3yAhKX7PK0gpKuBv8ozQCVnJ8eFzMp3JWgyweNfTvSkldkIimS%2BgvRnQFdVaIp63IbYLOrRcN4%2Fb5oCV91TpD4JJQ4haDQNpCM37b4d5lA2n86e5Ix3Qlcu6xPCU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f2f409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9940 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIEh7zJC6mmybSULR2Dr%2F7MaakxWj9gUX0Vu1Qo%2FnbEVKvozfEAr6UXyBQEcOMkoMHOOVpJ6Mv3IQu7FUJ7bJdaQhqwwWXwG3lOuNEZqv69dOLJGuBYivBhvMfNThFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab29f32409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9940 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
07f76a04a2ebe72a0e7c355ce7e4e7616b62258dc78885d74c6fe903b6f89304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51518
x-xss-protection
0
server
cafe
etag
14460401683887319037
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:44 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame 9940 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fqw8EOkisV3UgQ720yJNmubHfD0kmXGNCCalcm6D7gDSjZn5bWfSBMhmqUVMuhJrapotTZOC6PDDMyTp4uuPgMvUshZHfwlwUMqR7FDptLRn8Rs2A4X7LTn1FU3vK1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab26e8e409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame 9940 		48 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fASVH%2Frb2sM0EV7AD0VCJucHjBir%2FxGHDig8SpqJJefRQt2p6Ie9nADAVb%2FgIZcJKk795DJWGLulWdnNKUmOIgTgojD0YuWFd3z1xKlIbYEFl%2FarxQ%2FF61bW02LVPQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab26eb6409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 9940 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xESoG%2FDdYj69zrNLABDijhpnxI96QxQRZQ8wETt%2FJgOOob%2BJU6xGWkipRZqDncGIivK1Fk219S507kvx7ypW%2BbQsp%2BBHJyq%2BZQbZcblQYzZOHo397cTkeBfaqnoCvHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab28edf409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 9940 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QhtcnYc6b7jhITs4Xc8MfHcLMZM%2BhG6IxydQsBVG%2FaaZkC81WnrHa8bzmYwcwse5RgQvAsmskLbOKir1w5QKo6f3zOrEdNj6uwwgNfsG68GEBR1Wzfg93VAI0V9%2FPg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab29ef3409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame 9940 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqISqmwxD27i2hbI6BFRvD%2BHZDfkwSn6YhW47ZW52cg2ldAKRUuW3MaOIhol05qXu2kgTWe68vc9i%2BSATzNHn6TFDfeJCyz4oeVj4vxIJJrBqwNs5aPiPq42JV%2B23p4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab29ef5409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame 9940 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BwPYsX4%2BWGui88t5Py416VTVzj9Qk6kAU4%2BKf0r3LcGIYmjXLfN4Te%2BkY%2BNVRZrV16EqPvusnNPwbQbQgFVqaMwSomqx0xOJBFQoeNY3OQgk0JPU7KZ%2BuwpiYT6bAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab29ef8409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame 9940 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116043
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6p2MwbCbmPvK6maQumVwPZkbEgE9W2T9MJ8EoKgPApZLf8USXDbEkKomrwcigtNied%2BDCuBieN7cjlsx0T9MJcAb9B8NURO0gl11kvq%2FlGsTve6qNtMPGJF%2B7zUJjM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2af44409f-CDG
expires
Sun, 31 Oct 2021 18:59:21 GMT
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame 7893 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kW5CHWUeVSVEFotR6gUBYXZtB7kROCfztJ5WVEbhhMuwA%2BcH94zpdGKsux9hTyaoZJ%2FO%2BFIS5yG5id6dJMcqHAX6pgJ9T5nyq4hwZzMQjzI3zzOUjg32eyvaIamWqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab18c31409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame 7893 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLtGwuI2QIbU5se02bnXuIurqWO7ydJZE%2FN2wuvFPQSFax7Fj0CLQyUcrNPTVTfxE%2BJ7PUnP4O%2Fqwi0VHu1Zx1q78pm1vL5H809ehx%2BoTM4IJ1ofJLhWUgeknh1rNQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab18c33409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame 7893 		600 B
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z96lx3GAlSKI83GCZTbRkV%2BMS6YBJt2mikwHQFKoRMVSF1HImuUvS5SZINHVkgy4Ey7HbNk%2BaFThchAsL5cNPgJPaNh1SJeA7hbVKmSJ%2Bj%2BaI%2FwQ8PRVF8Dkx45ekU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab18c35409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame 7893 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrBToH%2BjFZbU%2FJVfzM5CL9VzA3XsraXu8hrpjCiW9YWMabYE309vErjvCYkxnPe8l%2FADR%2Fl3fngGQaxYRJq824zPbJGejjPj9WvGCWWmh8wAurhEQFAWP5717TygCjo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab18c37409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame 7893 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSeGdeeKzqa%2BdBXWybZau7UOjJp75p4EkjPqhIVkdV9q2V5tv7Y49AJu%2F0U%2FRh04wLqs2rF1RJcfdANbFnCYBXjEpurkadlKR2xyagIvpDFogBXcwfvhVUQiateBS2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab18c38409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
css
fonts.googleapis.com/ Frame 7893 		754 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 06:45:07 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame 7893 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8e9Bbx%2BRfVq2EKjWPDFlrrDCkSFEMU62JuBNSUij0SCbMLqltnM2Uv9%2BCoBiBqAVC7dik30a6CbarATaIzj%2B9WMnDUd486MMA5ulxgNf0svCzLwzkruDrlsPCG4UfM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab18c3a409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame 7893 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKgQ3HyuoqfeYpHw9GnDhx8wIwoE1h1lw%2Fbhv524HE2ocFrfZgwsaeeNHidGPNqTVsSzhFKL0N0w%2BBhdaXdLHPu8sEDZcts07519ChpbL3hqrejpuWjw3XDDaMx4Vfg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab18c3b409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 7893 		692 B
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GncJJUFO%2F%2FbiFbiqIv5LY60b%2FuXyc2ng8stgh4x3tNgn8wBKZuHpLXdLJe5iANrT0utqWm%2BJRP%2FShj5c9WUrBTSg0%2BzTgS79PSTxZdxlycTdndUpd6X%2Fdd3JkUvY9Ho%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab18c3c409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 7893 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2punoISoRUNgpACpM0%2FNuYVj6%2FCVVpgyr2HHGXrw%2BZOYFwn%2FgHS9sb3lYYbd1NW744ASU8WxPI5%2BFZeftM2iBIM9K0xbO2Lgl2dBAz4z7Li0AJSMxhQ%2B%2B4ry9kQqIaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab18c3d409f-CDG
expires
Wed, 27 Oct 2021 09:13:37 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame 7893 		18 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gew6zE2w18UUyso3iclKbpkttcIl6h3rU0BXoou51il0R3U%2BNW875AARMyQ7jNkc8wqAAR%2FtmVuvHEYqIK22T%2BdPChWwxTC80txm7Bx50ZLlpdkvzePjOrJTACD80gE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a41bab18c40409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 7893 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190645
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLsYmkl%2BuWs%2FcgEOiManQsHNaj4q%2B1bQHAPQYlGXzeGdf7gCkt1jTbVO1tS1b0Mt9FucuKpCZ9QLPgA9L%2FPqt91m%2BvLETrUUlpRrLIjG5FqI%2F%2F5CjyX6eN1ititLLoe6h0U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab2db23faea-DUS
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2886207
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FzVoh5U3FB%2BZvnRGjqSSrcubxfWV2BaAbFGozseMWAW4FVOyFnaj9bpWPPSH6ifZoWyd2PswtE4A15a57Txau2UV0Jra9sutWyy07pVZDSE4JQAjGPe6CpQX0Dl1fA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab2f804409f-CDG
expires
Sun, 21 Nov 2021 21:03:17 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIomcfrOZYbW7tMM7zVbcBIwAlfneIAFzVogvaKC4Zx59toKK8UltA2WnaQBM%2B7eY9dZXuZ%2FI5j9MXggPuL08X6uxIzOCswk0iC1n4YKneg5myOgsF2FlI4yFWxvNkw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab2f807409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hF6ysjRNrez6ehufktIUy5aw2XZ%2B34eRHmjPmRzHlaD8sTXM6As%2FcRS%2BO5FvlDZyuDGI7juzeCc5zK9Mgs8usJZHOGRqjyX1SAHmX9ZyzTZgWDLqJsOGK0lixKaaPK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab2f805409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491783
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKg%2FX8diQy70x6lqjnv9oiUYfJ%2FKJbX19weHRgxTYFOUs8arDHDLeZLrpvg0YrLjbcYE61HHiJoy7PU55Hzwa%2BcCRGELb0djLlNEIMHa5TQnxSiWUlHtp4ZXf5Yn9Rs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab2f808409f-CDG
expires
Sun, 19 Dec 2021 14:10:21 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUGBeEHfAcq6xq5cMsrJ3NkazdyS6tqQvGdOP6vb2wU04whypWpG8Df3yHow6BA6FfRChpMKqidRvxMAvSotL%2B4P1gtYw2YM90dDQjG06tK1yNmyavH%2Feh%2BEqxfFsB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab30820409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1Qa2oCwYxsKNXKlVKy8JjOkpTAwnvxfNWKh2%2BBf7A1IQ4PR9lSFDvQtEqmnmFePdNhHXfat4%2BYYl2fNsnEUF%2BlY7dw7Sox8CQHbIfcjyH2S35PdgT0RI%2FmZ1J4fhnw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab30825409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEbyBuhdl%2BCw1KtBDMjI3lSqFpUueFRpaXgu3Z%2BTzEOumo2Aqf1rhLL0GmrZzUMNawFK1PQZ2u%2B8k%2BP64u7gsU7DaeQZh%2FSTYZqi51%2F2NwzZE%2F0vhfQW1Ht0xqt63Jw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab30824409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkslzTaITPTymv3sHSEUHDhjVpW5DKXOHr7%2BO2J41%2F8bmpFE4zhIDI62e4%2BqP0SQ7HfwoFtcsalHxGIVnKZPysWQqSUHlqJ5Vixqc1f3yGpB4Jpkb%2BgRHAFxz5GYkzw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab30823409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCg5dWlYyR%2BcA8NpaBXov%2BwBFDeaY6n%2BNYrdy%2Fs%2FD9atwb%2FwcgdNdYqeQI620AHChwWqfkiX2RCGcpkebSzJuP3CTvKrHOeE6WLHaYG%2F%2FHz8H8sGw64ReCy%2BPz16CmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab30828409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNbedRTkey62mWg5CEItJNz6zCh5LePnrUoBGSwwCn9VDAteMWEwX2%2B5hn5%2BXZYcjTgK4M3BNhezZbgpQkBI3b3QbI4407K6shkqorEVqAgPQHS5rmd7KQ5xWpCvhig%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3082a409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wi9sS%2BFSoQh2a4ELhMuV6lIz833DeFG5L0Aq%2FO74ksAWbYZ04TncbmgGVUTyvu0Hd9YXeCCNMlpIp6MpSi0R%2FgwxDfz9pnCwDi6w4YTxxQadSpfQbTzjwuTVYoefMz8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3082b409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJKsLUgArLdKPwo3BmL6sdIoJ%2FORcKrN4dCarS23h1spS4O5azJtlvMiTQy3y0KkcHDLfOCnMjdIaAu662V%2FxzmdcegmDv73IKypmNkXOkv3QUGJxjIaGlPLenW4XJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab30832409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FipQDbUrO8ScagBSHioSXxF5kfuZXHo9ZwIyfl35LUzW0%2BFofgAjG8zn%2FyE9Jmc2uBuZ%2BCVMDfYdORv5aAbq5eIQ7HPeJKqdqX5Dcilgn6Ykevtv%2FltiOEaBcBPCRYY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3082f409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7893 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEmsN5uVaptWTPZ1755mcspIIO%2B8xHSE55vhf4E3U1jTJEe0s4AnQZvArOw9p7wK%2BrZH0uH5Z0up9GF5X4igNl3q2QgUnV%2BJyRq5JmYH5uezTwsXUjwleMTb5E6qU7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3082d409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7893 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d4f7712ca2d31ecf8056bfde29f31bc69ed86ff1388c5c14e134c211ec7a66bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51341
x-xss-protection
0
server
cafe
etag
5376547957962546843
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:44 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame 7893 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXL7EKSs8M9tD0w2jJlEJJnKifbtJoXTgwrha5DEZEgxUYujMhYKSzXkubVcdlEDKo1jWuzHv1zWhn%2FZZb5OQCGVFT2Ug6S8FrkCNaWEFQeAfx3FTu4TlPTW20R7CV4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab27ec1409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame 7893 		48 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aN%2FSJV%2BF9NaTZZ1ZAvUFnJEI963T1%2FCbQnWCsMjkGC59snLzzjk3YKxWaDvSdSOiIIvPNA0MCCJ88pjOSiVbi9uZvx%2BLB2%2BVWzw%2BldYXTMW79H3dUkbQxOe8KzWAkaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2af3f409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 7893 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQy%2FdkhIJ6U02%2FDgmXwZY8tk8NqOMAyhcIlJSLiAZYIIvH%2FIB1ywmgD7b%2BcYANheI5JeGUemAP9aXlZAfq0txO6EabW3s0ZoQScrCv1jyqot0jRtArN214Qi3NT4c08%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2dfab409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 7893 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIrK2a8%2FfAGqwS2E29AYwN7buf2SgTquck36kSulcgIZRFMnRLd4SX7QJLO4M2SJeHp1unolz%2BNe2FRuwsDHnRVEHraCqQJPgHHuyxjF%2FRWih1vCIB9YpchYuNiubMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2f801409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame 7893 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdSkWk2NSQYdnVDF5uT86HYE5LNxDdBhU0uUCA0uBAtyzczIevi9ceu8AOFiL2KEkBQeIiSnnd%2BuaqxpBaobhAqXNTZlvBiVJMHhGuV1%2Bwo1uMlGk82XuNUxq2WA3Yw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2f800409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame 7893 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHAhiQRBmMUh8wO5rYCYjMcBOBt42BVlVh6%2Bz7%2BcowNL5MBkRhG%2ByeKs3HvXSqkPzr1mxQTuwAbmYlREwdndR3luydo6vt2IsXTSfw0CfpmelyOJcxex21Dzha4ri0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2fffe409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame 7893 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116043
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5A2UBXVYuAXR396UCTk61iRoX80j5pqOfzdNwuh0IiM8ciPaKO9jspCj2KgKA1wb%2F2Gl%2B8mpbiigt27GtWQ%2FSOzOIYWwJUYxdGTx2r5X9qpd%2B710k92oR6%2Bs1cddSOw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab3082e409f-CDG
expires
Sun, 31 Oct 2021 18:59:21 GMT
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame 9C7C 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCt8rgGc%2B62EnYOnDTczkcTkodwGwk7LN44%2FWAmYI5xRONVhRdKKwZ5Zg%2BfktgCvJb6qFrnAhd73steCP9pSIqcConaSTjzvmqX7XcO6lRNKQz3%2BU9KquzEZAt64X4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ac84409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame 9C7C 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=so%2B3bj35Zhoylcd2cIQ%2BpOJTdDKFXSRd57ykrdg2ppkAJyu%2Bqwf1Ok3aEf0KUEBSLyKl7LWfVCEyPy5U44tpclygCtIKbyMFhBr0MIingWpClc3%2BO5UB5x0hwMODRMo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ac94409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame 9C7C 		600 B
826 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTybUjv7%2F7NGN4NygRFbYW0dLeYcSpNIFADDVDnreKx9WziVtsft1pyabOclqHRvXzlLEr7aw5r1461feq1QhbG6obkhP3kMUWUeWX5H7%2FbPQjuzHAY0GO2LPRoT344%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ac96409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame 9C7C 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipxv9qyUL9eqOqq5ezc%2Bvw%2FKKu3hMnHAn1YrC%2B4AwWdZdP3Duo8MskGpdQlbjf0QDZ%2FdM034SsX5sqavdcIu0iAPyYjuGloAgTJfpvJWAUizuOVOAi9J7L6V6izyXX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ac98409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame 9C7C 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELZyTWETpq6LORIpCy3rK8aW7fsgeDf8w5ry5GgBbOKD6Fj8Gl2pGXX3gQYz3Q6vw0XgUgenPwHUEAxnkxM17FccP1SlAxNARTXs0z4RTs%2B95iSWOifvtMagirjdbUo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ac9a409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
css
fonts.googleapis.com/ Frame 9C7C 		754 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:53:03 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame 9C7C 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8gMyds7O5AjMRuNSDi1ka2HtIVvodDjEfdTp8tHLffFvMFmoDTCqV4ROTuzCTEfXJEV2j9QkzyvHrxkXystP9nUp6v6MUkLiKaKWXaMBBJftbZSBsUacl%2B90cWGBSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ac9b409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame 9C7C 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZXF1JA27jX4oLl8TPD%2Bd6CqzAxJtSruNW39RoQkR7FUz%2FUnEhD5Hq2BnOOMIr13xUbDBkWDE0LeEdhFIoyGd56mgZKpg3MNzTyorAHcXTjoJPQdOCDgxGUXCrvQ4jQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ac9c409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 9C7C 		692 B
824 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2WTGe2Vn%2F6Xkgk1ywXDr0MeBsKcB5oMidqIer%2F36Jjkunh3vEof4n6cjcv2jHga%2Fd7%2FwBZsOWAnH9SgH9qeLyyxI3ZVEykGNRN2QxgYIOVWXkX1u4tlk4pRhBy5yg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ac9d409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 9C7C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E64n0vbC5hr9uyqvNyZcNmtmX4Y%2FkpPmDx%2BYMjzUiQfX20qG7sx4SioPxyup9H62nMyYvMntNeb6w6T4LSgV0I%2FeZJGwAopVa8OD7ymS9CVLZ%2F%2BYT5fhAuh0htQFN9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ac9e409f-CDG
expires
Wed, 27 Oct 2021 09:13:37 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame 9C7C 		18 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1t3LIFHQNPr0SbQucIWFWu95gXZxxagcn3DpG6y1zwtAEhzUa3kSAjURM38Kv2G5P4%2BTA0NpifptDN8OilUO2JHiin443Ov3n7Nw0vz3ujm7mb9rztbMTw7MRBy2uiE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a41bab1aca1409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 9C7C 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190646
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG3FfAM18GnzPp3F4ObLGyDRRfyso4%2Fb7Yph8hdiRZXmr2rB9NIsdx9IxySrpaFniXMq0cBThIe3sE5riTyskBpuURczqG6ZuBjIBiieldkzadqeXJ2%2FFVGYsZxmwRoGKIs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab33b6bfaea-DUS
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2886208
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vo4elSzyUjmHDt5PhPmLFHeeMPIY832Cdm8uAH%2BLzMahOp6p%2BnqEpt0IQGSP%2FFV3QvUFitZMKImLC%2BOrCrok5yBhtxgsi1bhFg4Xa1AkcX5ChXxEvypzUYv8REUmdfc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab328ea409f-CDG
expires
Sun, 21 Nov 2021 21:03:17 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vosEjMejaZxxlp7o0d1OFWKGQbZTxx41yOI2h9keDqtJey9AK81e56UlvTnPnhJPDMtkwnPuMz0qqgUApk6nH7Fg8mPNEBJ%2FuecYI9whh9HC8etAI%2FTTtGp8xTMiYk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab328ee409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCAr8qi%2Bx8ygsOAmKKKGBqQaoXCV%2BwYYX8WLdswelKao8pTYl52T%2FaBqkq2DqHoq4ThOH0oLnNjTmh%2FAhowSvTanE%2FTT0FjZFE3zym0%2BNPoh5sDuMFtdVp7U4QhZ4V0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab328ef409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491784
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLWcm3Qy8otXsBQoYyT2zuqvC78mAyfoaZQN8tSPE%2FxowzT0W19evzTE8XS1vNw%2B8gHbWxYGJJklvIQ9JFgqCMDamzKNh2XHHkrYQFA4ID2VpYjavsEiDcQuTqzS3LI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab328f2409f-CDG
expires
Sun, 19 Dec 2021 14:10:21 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTNqNo%2ByZLEnGP5UmVoxsqijL%2BAOOIbak6c8yPZItNofJETOAqK%2BMAcoD4R9mFFAtPQ7x48YN8UD1VFAoVudSKvqGt6XnEXVEKhyQws4RiaLug5bpsTlXhTQXjEG2z0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab328f6409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46fhSMBHpAJQc7bHlaMv486TlRAMp4js77D%2BDNbxDjwx2Yj59DxCfwjr5zUzUPQUnPXqV%2FAvf2JcunPPyXcpPyTPlObl1Pyg1aj2aY5oq8bdlnT6HP7hjDlWP%2BXbP1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab328f9409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMd7eaY75HXlQPFdySLMC7dTFmKtRboJJ8lraaznN%2B5yhpx4WMgNzRHcVNrJMVuv9FgwREsrHR76hHem4KriELJ9%2BqLtWxkXHhKhKx0Z%2B5JQ32HN%2BOCG5wLg6Jl%2BqZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab328fe409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sav3iu5MrhZkuu7dU2yXPHx%2FWgupjfimBnBNjJ%2BlRbNOXI2q%2Fpv8%2BxgaZP%2FEsFNOMzopYEWxH3IsAeTxquNWUPCgNWdEdzLntQQW8awgGZ75V%2FoBRPtBkpss%2FanFm3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab32900409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWOA8NgFC2UT6MJj4A8cfPJlauLMG2y9PCdPmYwmDaijdiFebnM%2B9FtQZWA8H8C0p7IsWnsgEm8tCo5QAjCFj8tYr55HFRgMkcJh761vwaLKkBL6EAA%2FqezinvDnJRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab32901409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwYx%2FmkIKuIjsfY5%2B%2BCXjwnyBlr0cXbWR6Xc1tggMNu8bz4bWp48g6Grb43hYI8l%2BLl6nMB9PbTLdiOig1TbdOzN4E%2FUcLEf%2B9eLB6ELV6b%2BpOY%2FPV4yWitnTzxMwBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab32905409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNgoOZzXP61Z2vwIFKa3xh9G7z1ZLZEyxNnKkJD3jcAEKiEb%2FEzcxCZ1ExZHtSDGSe5ZWbl61Pm%2Fc3px5%2F7ibnwRZki4lmv4vMd2sHVYShgIgm0J6jm46zUHajVoyCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab32909409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKicrriYWduGiAl2VK59dif5uWHjTuZWoW5PbZAkz52zbS0j9NtNriwGfV3T8JcPo5YfQvGC6sSUoNq6XQhWmIzHAQ%2BvUBB6K2IDzRxvBH4m0crFZtRMaN3ZUyA4TXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3290b409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7ISZMEaAZyKCHegsuVrWbH2CZ%2BS0EM9EZX%2FgtGOGkqXGHn%2FcUYZBmq%2FdxMBBxJAX63o7iQ7JQ81q%2BxOF%2FShmj2pbhxZGW3113n6Uyizzlo2HhvtbSxuKBur4ndN%2ByA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab32910409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 9C7C 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVLJgL81%2FRMRg%2BPq2nHm573bpltSWudvFGXqAgTI1dwOIhmUkjowaoA1KSteDgwszYw7sOXq%2BmfVHlHlpjXxuB67vSmZxnahO%2BWQGFPeRheY5x5ao2MyQvjlZY1MrI8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab32913409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9C7C 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ea7fcfb5eefafcfc03481fa3e3c9d6df3d2e2d4cd46a3d0152a520d651274fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51345
x-xss-protection
0
server
cafe
etag
444716028960992634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame 9C7C 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPlmrA5UJYMSTFYAHqWhZnMU4u02VGdMrcfCkinI4DseCKhTSNx5kgGczeoucJb4S%2BxG0RGOYPg9d2w%2FA%2F8MfQxDpPBK13OBc9oLx5Zdlyj7BvGETNRg6KuGrpyFUPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2af56409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame 9C7C 		48 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvxALXFzJrJjESvx8hTJd98DGuyIjqQPlmjj08f%2B3IiYePgZq0OZhC0lxhBMmJ5mM%2BKReK5OA7TgW9it6YmzCb8g%2Be6nd24vffJtPG5qJLC9p59pKiTpv8pf7C0yGaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2dfae409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 9C7C 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3koMP78iCWEsnup6qDNJ1LjzzN7C6NrhFooYA81FARqJbkX4JnTnTGld2J2yV8yIh%2B77ErcrVa%2B0bw9xBEebkJ%2Bi4UsdddamOCL4jnziImpySNwR8EvSeJ1Ank5eOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab328d7409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 9C7C 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kohyJ7dZHLNsVu%2FVIw8xPFCmVm6ZpGpYZDB6N%2FfK3M%2FpZCfx2zdserlPnOyp8%2FFJVhKSk9%2Bua7cQyvg91g8Zbt%2F9jQMJDRfAfzZcYExqsOypaawExVwezH5Xc8GEax8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab328db409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame 9C7C 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G59nYLm%2Fl2PHRWrv0ZQjS%2BXQEamg%2Ft%2FU7rOp4ex4xa3WjbWdfeep0O1%2FqGJwS%2BD2oQiwff8dtIobg2n9ZEtGWQa0j02wOU1F0g%2FVsT2LuvOeLuN2nmOJuiR6bbuOOHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab328df409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame 9C7C 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AtNBPi%2Fppy1QAe1KkDW9p61aJ7%2BPqZVI%2BV6WOYRExLafG4SOxHC92ZiAaz8%2FVsIFYS3%2BaKT6uys4FKFWsYcgTi8Pn9se8S8lG%2F0rvcGQS71BZoN5GUty1cgi9bSYpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab328e7409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame 9C7C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibIQVHZ9z71RVvUBZAmfD8Tv3VdqJvXeBphIvbAQcC670iHGnbrwGjYWnYKaHbMjCWMBv9iPVj4rwz856lGgS4eE506rNC0uBzlwsc9J5zDwgRfB%2F6S62OxyeolPgk0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab32914409f-CDG
expires
Sun, 31 Oct 2021 18:59:21 GMT
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame BAB5 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWrpU7pgU1fBVaet1djN7XiVqapcjtafRrfhuT%2Fypmv1B5%2FQ%2FhFTocPPCcCdALU7wfZV8msMVxnGRU%2FT0okCk9IS2ssiFrTUcWIx4my5S%2BWpULmaVFhrSGiyvvqQ82M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1cce8409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame BAB5 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FUGGLfgZa1btKZBJD9KqOYGhU6qwp0qHedlx7cszkVhtO2xBBha1F%2BfjeVOS3hjYIpV5TYI5T%2BaPPKclWD8zStttOSIKfXC%2FsR5Auc9%2FYMkgUVGZaw5hC71GnVVf4c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1dd01409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame BAB5 		600 B
828 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvZ8H6YgfUOPPgHVeE7j7VwJIn5VRK314wll70Qdh8L8UKPrDw1zjunD0JJNB4WLHCVZIRgNtNoob0DgEFFZY7QC5VZwFKZsI78tN9pHyOnd4NvPm0bMSN%2FeM5c%2F5oo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1dd03409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame BAB5 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAiSHXLIjnkTeT8CqV4MR1wKZ%2BaKEYo5rI41Nr7T64Z3Zk%2FXXUA6s%2Ft3ZKatN8hLl%2B1tfPiqykNxD6CKdADy3KTzLJftCfOVt80SbyOW1FDlXXT8rOZiAsUuh1rNGYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1dd05409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame BAB5 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfkefsHLVfYn9HkoxeOyFfTEDQyRclmahAdaa3JEvqTjzdndKXwA%2BnIlp5g1oGvUPzfO3XbCexoYWy0k2WQV7gJgxdFbjAE1j2wFKuBv3aT%2F8AD2q%2FDOX7S%2FRxMqf%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1dd06409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
css
fonts.googleapis.com/ Frame BAB5 		754 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:14:18 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame BAB5 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tx%2FX3k2EpQDWGSx%2FY2mg5vphOdsOV%2FUyl%2FtsKB2IsaiusFAOM1T%2B6RkJi66v1E53G8n62cs5hPvxSTrMqAiAcMKsTQyM%2Bka%2FlIDymyFA2zFjVSOSlccRreMmnS6awvw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1dd0a409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame BAB5 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqegXF1UZwRgE1KPn2h0slY%2BNPQg3jIPnXEEdy4rc51FTrvl%2B121X6b568HKVkXFn4f3pheshfpBI5HaeMugN2yT8F1K7pRfCo78E5jLSA7PgkTKLoueM5FJa%2FUgDSU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1dd0d409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame BAB5 		692 B
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqAkmTH3W0%2BtYV%2FAmYo9zaCbidjlWsV1Qy2zbvNm5Hto80LDN3sQQFpLiT87KrHjhu2Wazn8buP1EnQEK7ITIxcwOUGgMvO6hkzzrgCasO0i8O0E%2FnlDdsyj57Zz7OM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1dd0f409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame BAB5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhdXdB2dYlp8Oia2un%2FvncAxG%2Bs2FqBHEyHCvIL73xtRHdbDLdivNzkzOVEBa89c9XMhpT9%2Bb7dNFZrftTCvKzOtMJ6VD9NxeBJMCQfr1dNUch7uPGrS%2BCOiNCOiW5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1dd10409f-CDG
expires
Wed, 27 Oct 2021 09:13:37 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame BAB5 		18 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FFsz5DRHKMVWrZliiIHr2DaVY83lBIddSfAF7JYIGPL8QxbnjTPKhvfsYMQqv3aDBD%2BBdCfGdmNlL4H3kkwXSVqmTDqPbiyKhbw5AUojXyNiD6VzN%2B9C0UtsAFazDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a41bab1dd13409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame BAB5 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190646
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1E2Hgnf%2BKPTeW6C4iLBdaqQLMNFAc9qoPq8mUi0N25q4jRZbEJdcVjnXe4j8p%2BC9H7PTr5geXc7OUhfNeebZNJP2vbeCpQIyGr1XeyfK%2BvktZZiV7WzUiRZgvYn6AgqNDM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab38ba0faea-DUS
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2886208
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSbSJ%2FZyfKIY3h88jKgfIYy5nfIUhPEvAzsys1AW2nC94io%2FPtpZB7afRuOe6rBwPn2e2SdbbfpgCpyWuBZSSSB8EcGzS1zYBedTqLnlARswEjkKP8fqiAMQkAsgzZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389bd409f-CDG
expires
Sun, 21 Nov 2021 21:03:17 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YNQPgZ5mW3LF7LeCgFJyMmRJZ6n1TbNJdjzZLdJwxVmVPf6ASwQZEZIDE3MqJU4qgrqQoAddz1ZNxcXs2voBGRxLYhBFhIVRhX%2Fk1750jcnhcmbveBl1tYH0YUJ6sA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389c0409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D7YfSwxn0YLRb8qYQIu%2FbqoOwvlRt4TRojFe4iPoJv5n45NkEGD8aKRxHagDaHChiy6bvQBojfM30QvXlWcJqOxZ%2BPNsR%2F17si9mId2OhQYH8wAlYl6BVqOnrmTMU4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389c2409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491784
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SIq6VwwjltpzpuyLnHCKNuqHomWPyQInE30wQTZL5%2BMKSRcsSF5mNvmGt44XcUF7iDMymGMTVi%2FygryD0jkvliWJ6Txqc5CYa7syH97MazxNtfAdRfRkebf0GzqAt0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389c6409f-CDG
expires
Sun, 19 Dec 2021 14:10:21 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdQggry1xP2BR1%2BvfmeTU4boSv8Wr9LW7uOLdUQY2smGMIWBmdZbzwIORYRyzEdoJyAWm8rpXOv1sYANMWkIU7FNfkGTqR3QcostuEZMZkWRWOoJQPbscGsRsZi9%2BMM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389c9409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGYfOrKjias%2FCkJmq6rtLwgFIJWHRhByOya9Bw4G9gcXSkh%2BjUuWYQZjAUXMS0Zxee%2BAXtPp3z2sRadwCwO8F%2FydvDBen1SumS6%2FyDEfAmDgNxSndPInvjowJmvCFQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389cb409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0G1hixmb9I6Q5YF17uZAWCk%2Bc6CzTFQpMpEze8inq5n5aUJLpo2hngHC1IxMJB%2BcJ5hF39F9SiEkRnm741dV87rQHy33aVl07p8FFtTmE4mJtSZAQer8uJjVWbTqOGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389d0409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NmM3r0NBdi9P86ARHQ6EqbdwqopDP8rjtrLns20ZcF%2FnroIEqlyPfk0cEDVWiZup0uKDT4PBe%2FYdJ4vTpsbeub7qiMVk3GZeH64Bqrabsio1oseIqJbTlJ93aozVtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389d1409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qz9HT0YSx3cvhGT6fC2eZnylo4bPvr1ejiBCD4JOwh7XPY2RstyYwsmiKtyd82IkZT%2B2Ip4E5jGH94lZ9g%2FiVcV2RqJ4GtxvlkTPmhxrX9tbq5DWwA5QrCQzqGCqGfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389d3409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQ4AJNMdlt0o%2FgwSGRBYrqOSSBeuavjgj5gyA5VpvvSNa2jvBgDip2AKs8E%2BxvlFtQfJu1V3Xhd8U7%2FR3u1cWh1diIKeLjsrAkQMed%2BEeWHwFR%2FykoY2BoTaVNkSfpk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389d7409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOwjhh1BulydECsTdPRO9eUg9BikkvvKH0t7bsQVuo5bJwAnQ3z3tvZ5KITRrAYrjNBHes7EdVCCnKf8pxkWGO%2BDnGBPplR76efDA2eRTIAoU56bPMl1pNIQGFVFIZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389dd409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKpX4XHkxLjtJVv93PguE0v%2Fh%2FbSVVt6LCIi2rQ1tCLTbnkmVYFFnDebVmPbW4Ve60MPwU18Fr7ck%2FqScmueOvjE9kcFtQwMz6RfHEVjiGD2czIuir3ShK1ig0DtefA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389e0409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEwVLvdQj2IEXcjRp0t2NpZGUeuLD7bOt4Z3uxpz84L5IN81B%2FbaEvbRndiHHjhnq4Z3H0gTF55xJFeAdfqSE%2FJkJjT3iNxch2Vo5oZ35Ty83nfMo0Zu29qPNtu4%2FbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389e5409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame BAB5 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNuzUbGCm%2FhHeR9DmbB7NEi6NUqtExmNVvuKOADFB6zVDrcoeRC0Lk0dfsg%2FK%2BtJi%2FYFQh8rWfFkVCHDnZ873J9%2BnK%2Fn1IwqF9bOZEM500D%2BpJUNJaiOetFqsxfTeuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab389ea409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame BAB5 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
07f76a04a2ebe72a0e7c355ce7e4e7616b62258dc78885d74c6fe903b6f89304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51518
x-xss-protection
0
server
cafe
etag
14460401683887319037
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame BAB5 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ydMvDRCcEww9fhBUhEiYxNolfuBCIUQvXaihVgiZLcuZyc620%2BxVs%2BlNeA77upV9q2cPB0F%2FY5l5bLj3lLFh5ULvaqfVnrlLvZE%2F%2FQ8JNTjnSGDVMVofBx9PNqOqUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2bf63409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame BAB5 		48 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y06q1NrInTKpE%2BU%2FK%2BlPE6BECrxQ%2Bc%2BETuigKmafIynqTofOkHMmAjXHzaenZw3DZl7ezXFa7Ql3UEcD2rHUkdwRgTBZyQm%2F7l%2B7uwQ6LfP%2FQDDfxQa6I3ZR2LjiKPY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2fffc409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame BAB5 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaeNxPebLKHTEj49TsHzRzHFCLcl0xcjmW%2FLmijXL57gGSWmEGKxB3tCaZVBGSCnZ%2Bvtr5WZoqhwN4wbOeDuHA%2BqYLppCRAgzovq6H2UG7g%2Fj1ZBEEVC4834OPv%2BRBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab389ad409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame BAB5 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81GQlbkO6VqTcxYnpSZVd%2B0atXRTbmYxXGcdwoVozNU3BESt910f0%2BpY6sHdFGhESgSj3uLssIwQ%2FerNd%2FKX3vGhD%2FG49ia13rjYXYwOozAnXL%2FfDfNeIlXFwq2W6Mk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab389b8409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame BAB5 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzjsMHbM7gvehKam55XnKlAYuG4o0Zvz4TAIrNNh3LQ%2B48mDJVkEl1QuRBbZVNcciKqh9K2X5mQ1DN6mccBrBkyv1WE9oNLWkx44cNSvNajX6V62tn0DBkKqYP%2FIAqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab389bb409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame BAB5 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXmgvc1Q1M6Zwo5jI4IOIro9g%2Bp%2FMpbBpnQnBIZzga7dSyY5%2BGE2ZNmkVVyhpr32lVyGY%2BhYhFLBtvNCSaetnZK43UuSKr86oHXo8kww%2FzmVtpc0wZFqptrYrXi6urU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab389bc409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame BAB5 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uin2OZ09f72TGp7H9M9mKq0JvJ6y4cVEYqi%2F%2BQ1gnlXzaEbG%2FmrQWasjngTwBmPP7DzWUWs5l4d5lNTyZG08K7J32Iz46fPESQ2fgz7A%2BwzETRHicv%2FysZcklGKDP7c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab389f1409f-CDG
expires
Sun, 31 Oct 2021 18:59:21 GMT
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame 7260 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T629HR7CtIJnU16oZZrH2BesfptgPPl5Yz7Oql%2FnSkmVyNrVciWMLDi%2FMqfv6Ab2fd9S0EtZt3EaYHWHRc7qNKIsehLtzzpmiIsPtl7t3ewwkf%2FmbaKyXG666Td8UX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1dd16409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame 7260 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjVRfEkikj28cg3%2BIkZtXZYuMObvPPqtdGVnDkLqiaylKVDT7n8Aq51sOc2VGuM%2FkHjnSkGcKw9%2FWtKN5SKbMiElKdOG2IwlIxZxgaaPsuJHX6aO0tZl40c5Qrv%2FkTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ed3c409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame 7260 		600 B
831 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEBlgDTdgqyyPDcaYWqQajg%2B9VTfxB0wWmCkVueS%2Bj0QHkh4dHj%2F4lvpDaswY3lYbnvarmMul1xVh5k%2Bc%2B6ZQV6lyXS9ql9gVe7UHu9HiayqOFrT50gDxm2RlK8FIPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ed3e409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame 7260 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkEEydprC8rhuIXNTOfrXxCgWpKefXT9tf0rjswvuvqjQerozHMcvACNqP%2FOCGH4%2F0QQH42bgy%2BgFvxHuw2CcNScWEy%2Ftrdw5HHihaik1zFJpHemjIuiMXfjHJGgGbM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ed42409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame 7260 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FT0yFMlrrK2AGwEh2Y%2BiO80PQDT9ATSi8j4ewEO3oAqx0dRsZJHttqdpQ62MAISGDIWXz0x4ImS%2BgUGc74seVKfTHfZmWHPkHFqIcYLEQ0ZtXyZWr2KOV6Dd4m2gyMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ed44409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
css
fonts.googleapis.com/ Frame 7260 		754 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 06:43:25 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame 7260 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2Fs0kH1982ZWcCz1PgrhvLI4Y8LO1NfQ7KgmBmR24HqOV1IbZVhRgcd%2FaRv5ol51mWo91iQdsjYChL3DAIvsqdq4OpBtZDF5LRTHSprTo1N6LWq%2F3rUHBuvfHgqCPNc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ed48409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame 7260 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FCfHmvSLR6ESMjT%2FSwywIe3pEzhGvovta2fnWYi0In5VlQt%2B%2FnN9XwvyyKs5%2FuPk9nZVOmD4mOw%2FMPZ8hKWfsU34KO428n6aI3wuCNip90WLUmd0obs0f9qrQO6UzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ed49409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 7260 		692 B
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2Bo0FrcWsbNLaV2stMDISYuxZbS5Tj15J01hj2OYd1JshXCdLUha9G8HTi4xgc68hzBANh1W%2BxEmwU0eSyhvY2yHmNcClLD4wr8xU%2F6MgIgb1RXmeci094uO9Ja0THE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ed4b409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame 7260 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGQ38vSwTdHGtaK54GZCohMOcpYfmyCe88hTC6trve6t%2Bh%2B7g%2BYKkWFy9votYPp3xgi59daTb9mFWe4hpUImYJfOo6UR077mvjG%2F16map7uBOYGFlHZn%2FrgAVKZfTRg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ed4d409f-CDG
expires
Wed, 27 Oct 2021 09:13:37 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame 7260 		18 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rutprr%2FAPaoTPeM%2BQgw3Ss%2B8N1vLWIsd5yMJ%2B%2FsFJweR3lB%2BEFFKvB81c4eOD7YusM4BJo4YTdpEQt%2FKv1xc0%2BkqBzK9fcOKYa%2BjvtSLLUXHqWsfAhU6ZoySypnFFNU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a41bab1ed4e409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 7260 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190646
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1niHeeWyncaQi3AbhKQ2P73Q7nYCCgtysHaz22bBvzIy9DqX6kuePHUsZ4R5L4TyvVFd4y6faCY2f7nxdrV4IJ9jgKkyruB%2Fo2HM%2BR3I1%2B6gAvv6eyvpPYVRDSpaVB0DB0s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab39baffaea-DUS
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2886208
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNJdgEkNL4QwLLx2X8GmURoWMi4Fgs9LLtEzx1psy41B5nK4kKPaPNoOpcCeuWs9SdxpzL7B6HEEdMZ5zX0BUNw0YmYso3aBaPZ3qHXnQA4xSGf9iCnyiw8PF3RR9MM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a00409f-CDG
expires
Sun, 21 Nov 2021 21:03:17 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S56qrzdNfEr6nqKI5ywZyQheg2mBRstYm61qAASdNucvEZf0awNFtw02LLJStaUk%2BsZswHKh0WR4telkItfmcTb%2FfeR6HnyJHfUyH9YdgPFOh7YATeKDQSypS%2BBU5M8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a04409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bY4A2MJUTeohN%2FVETrfJN409k1qCosnPsJK0URjqUdH1HbdzgyK1B%2FKgrYf7gCM3Zs77whiJP7%2BmB%2BI2gEG7Pn5WBFoMl1bbOH57VYRN0hFkGsaTtPDCYyvnq0m99GU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a09409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491784
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzgKZW36wqgKDwht04VSYFakM298r%2Fbuy7D97bogJPfXIjcfGkyDHlMnS01%2B%2BFYSF0QzcdOHf%2B6sMWiRrtCIyVjRjfc2zQ6M07hM7%2FkF7FPSjNcWoBE0QEjtkUQYKPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a0e409f-CDG
expires
Sun, 19 Dec 2021 14:10:21 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzdplVqVb3RAOHbAHN2E1pqqvZFPW5RTSZEbx%2BUA7kJmETMRmVKX5n%2BoyJ%2Bz9Io7jARUpqarxvgaKhDgBTuGAXHTjiLFkfiwFE9gQsTveUmXvF3CXV8sZ8RK1fC8M3s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a12409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csChli%2B7eMWrhaNq0OgPyHdlgcUu8ZuliIXEIQc5EysxPhP75Ktc6j3%2BtmEr6SZJFWuSLujallY0NwuynBHhaS9YHLIciYQ%2BrVIDHL9M%2FEligdGCiU1YE2nnuw80COU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a18409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SnUkpj%2F%2BSwfagbel0qLSCyjtApSo3t5FK5qQNdyZAJjJfAmKtuNt9P5YCGW%2BYJRChOR7D1x%2BJNo%2FTxW3Qdo24bLJj8TVNppp46UlHCvuKOp0aRl5OqeX6AEaA213IQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a1a409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGltaGSH6igpZ4xLQPgpAg1Ail2g%2BLInVWYULiMGPS6MZSGZROF5e%2BCoy0O4TbO%2ByUIOzDgU7z%2BNOAkyqrieTv6hk%2BFnoGKzj718UQQQWTulvfxANtRqWaIyfND8CTU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a1d409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqimDIpLIPBSUE5Mv%2FoNg4tUMS%2FOm9rt9RCt2W%2FiyT%2BH%2BlElDg%2B0xshBB3AZLekup1Cj2tSdTaO9dfW07WfstrWxcJ%2BiE9m6rLFsdP5VYpoQyPj7L%2Fo7V8Utn7u5%2FPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a20409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7c4r1SxVeSHO%2BRmlR7nYczArz5LrLLTHxNcbvy1e6UrEpyKVT4kZTvfcncgB3I%2BdZHHhuqquWcGPkfYUG19y0JmuQbtsj0TpdEpbMOkHnwdA3WZNbfkP1XxWcs02Qc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a24409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIejVmgkQXyZKzIkiTLxVE8Vjt%2BJT00eWwQfUe5hi37rvblyNPzzCuh8O9nLtnNJom950dqYaJYii6LanQqEv3o3WmdeSafgPAdtWtxeyD5yakQbvg0MW%2BNKdPOvLtE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a26409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWAT%2Bsdotcx5zVpRfuVRCJJqJxTzPIPgoDUII4FQNGYWBNKgvxudHYzLpXU226%2BeUsC9ba93aL1MmQthKGU0vJChWLoPrT%2FrjAT%2B1RRKV8UqTBcxJxk%2B4wNrTXygq9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a2a409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsWejCslDBANLLq7x5J0s9S2%2FA8F8vUmcc7dhucySuIHs3wjO4ReBr0BbjirAhyVBLBJL%2FecnrifPGvdn2V1JvE9IYyh1r704A1A0vZxl03MSayOAgE6kFapuwPnw34%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a2e409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame 7260 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOikvBZoqYGOIhnIlEWe5Tkz1RRISxC2EErxVd2B6XQ%2B%2FLLR9iI1SYKR8%2BEKD0Eos73RAVggw5%2BzPRVqEu6PhZhMooL14BkFEriMzINhnMHptUYi9Q0uWVHVVRQeEsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab38a32409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7260 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
07f76a04a2ebe72a0e7c355ce7e4e7616b62258dc78885d74c6fe903b6f89304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51518
x-xss-protection
0
server
cafe
etag
14460401683887319037
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame 7260 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gcWaD1bUumBvCdXf0NgJZf6m27vigCXJIGS1gbUJSRs39z6CwiFhxOEzGVN7YXBKy0C6zXZz%2FdAxMzFYYUm%2F64VHK5RBy%2Fw6u0ADUmlVADub8UyUIz7bJYVGPGR8yo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2bf65409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame 7260 		48 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWHF3%2FT3AblbBmNgV0V2i8Scz5IBNw%2BUmbsswabm%2Bmrgq891TOOXDZQwpYMYb2FxxHnA5pcQwS7%2FvtF4%2FZtPfTtnyPjq9thZdhbeKr5Ps7O0FmK6e77IK4w9UmmLtfk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab328cd409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 7260 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piax7uPcGWVk0w4%2FPsMQP2MnpuXn5GRwpQ8CbnXljLADvFichzA9JTMPpwhF2B8mLy1geHq6LWBgkuAJNfIedM6uWgZmPzvQTesuKVxo84q%2FaRdfb42gr1g5QpLsqHY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab389f3409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame 7260 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBef5N7An3ICvq8GZNDb1m2OSU%2F84iWLfQHsj%2Fw9IMad%2BeK6k2P1hY4n4TEYjfVRZvQbx7G%2BfAwpQZ3%2FdFJ4USGv3H12XxBKJw37nDKq3dv76yzKjX4ey6A0FyTcW2A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab389f6409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame 7260 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPmTXSE7eK7de%2FqjBOvPWVb%2BWHXp9R6hcP2w9YHZRadsL6j2joGCUqvuEssquoCU%2BLjANwX49w40sztOz0jcEadn1ebti6n95aOvz94JlnrK5yfC1YW9n16vwZCI4Yc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab389fb409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame 7260 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcE0bMAWnaHre7wOd5sozOUK68lgWZBnNhIKZzdVus3rit%2Bd%2FEUV96HQlLrOKCMbpehPJ1cOinMUnZRgLtTm4by%2F8zsU4FRx6qTS4OG%2FZtfs86NFbPw16yzHYAnhUTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab389fd409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame 7260 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZiP4pGv%2BiLvj6eXF2s5miKDio%2FUpUlhJ%2FrehvVpewfMzz%2BbZbvs4wV35rv351Dhe7Dina8P4jcgZmUYBUryWd%2FWxEbeHl9Wl%2Fkld8FhHu18vzJFU7DxhU2ndxFVzdc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab3aa36409f-CDG
expires
Sun, 31 Oct 2021 18:59:21 GMT
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame C14A 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KXoYcB3wehPdBMF0pIN623xdRV%2BenvyVBa8CDU0hMlcG%2FPLlihxHKR81t1%2BL%2BIJpcyrvHV302Y3RqrLVdPip504q4Gjokfp4s%2F8Xdo%2F2fWPkqOniWxxKUD5ONZoiEs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ed50409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame C14A 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEfF6gEU1KXTBE6yijPOlx5mw82%2F9jRpKgPSIXXe%2BgJrkcDdfGeIPPEZIc8zEpzwWSlBhKqQvRIjiciHUWjbuGUC%2BuUqrjZOKkxWk%2Fk%2BoOrti%2B02oJyx0xXMeM0zlQw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ed52409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame C14A 		600 B
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o92FaDJqbNEbTwW5fy8tm3XceNpVxiSmemm1m8OOU4qs1k7kb62D6qn4OQeG7iP8AM%2Bx%2F4%2BNXi6x%2Fc4XIAz6A%2Fts8MQIrXG5Nb%2BE0q43mvJC1eMjmqLftJ9FvA9KXTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ed53409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame C14A 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wPh0lny0jTitjL%2F%2BsxPxAfrsLIch3K8fldZlG9Ga2zAyf4%2BfOtBUHf%2B%2BTbGqUOPdp%2FJ65C6r2toYFri7c3AoHg77lOcdfoL7KqcC%2BjbUI4oXxSm%2Fyx1XIu63xaH5WM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ed55409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame C14A 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJZXcfTxGTkk1QaRds5idzOjKgpSb2X7rGTFvxiayyijsTCC3c26Vj6U1y9Dput6lDAuO55mJU9X%2FMl5PULT%2Bj%2BDiJk26%2FCddN3YdH2HvmVP6UiepzHnCws1RO2ggac%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab1ed56409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
css
fonts.googleapis.com/ Frame C14A 		754 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:44:12 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame C14A 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVJ6TdfNnRQTsTfYrLZuO8cWdH1661X%2FNQbYZbXftx5m5f25cPJtWkV9J0GifXg5kcPwN%2FCBGJD22qB0sspPOkoUhziWJ29Przz4TMeMVEO9dfqNNXtrPRnvsmPHXwA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ed57409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame C14A 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOzShHVuCcyQNlZXk%2FEcaRyxg4YCUbrPzTaS52fhMEaD%2BrKSFwkmGc0nPW14uAyEoGan1LDIfAkpDhJ8cfzOrXwVVFLcrekXzOvpZDLsJBAX9MpB66ud3xSMm8qZJyA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ed58409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame C14A 		692 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHHmtns91YoLOxrJCPbz6Y%2Fqp3%2BY4FPGmK3g%2FVBXIvnNLFfgM27renk%2Bi4jnz%2Buy7ebQimK61vYLVaCplL8VQEhNJb9qToeVpl3Mzn%2FYGX%2FK0zrPAEvcgpfhFeaQSh0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ed59409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame C14A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496787
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZQTCOb4EUCBVHHuZOe5NlJwIQPcNwBdwI9FPr2A%2BGKKYSyUSDW58rjQsRZTEygEScHJZZkojt1BzdmUK4CtzWGB6sJrxj9hMZ%2FnLdPnlJXtWJ%2BEg0tggS1P1mSNfac%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab1ed5c409f-CDG
expires
Wed, 27 Oct 2021 09:13:37 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame C14A 		18 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPjeH8UVJmkie%2FYZQohrkQkKzgq1cDZ0yLF2iD9bdrCaa1AE2wC1n9hQ6ZbNglL2trjNdklTjCLkq%2BrR%2FkmFSRMOg7Pst1xbgFi27YMABDwNsLYWkw9xIfgYvxGAyZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a41bab1ed5d409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame C14A 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190646
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGj0C4Dpsx29lbpezHSu5fWLvaWrE%2FTgLGHWbzQyenJgkq52fE0IFz1UXU%2BHZxzd3CYQHkGCL%2BjWxNZCB%2Fi53vUdML%2BQNvrdNo2CPyLaiW0Eh%2FAcWYt0Z9sOB8rKCVi7iwM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab39bbcfaea-DUS
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2886208
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TQBoX%2BP8hOVZsW%2BTvfE68MQOxE%2BkQy%2B%2FSrpnzeIBpKS8JAej6mo5aw7vMPyA5%2FPCg85Hb6ULUWcxzgYi3Hxt7SCTwW6tfKTZT8r3O2gVaYi4V9lgGEAKpjYQlps45A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa47409f-CDG
expires
Sun, 21 Nov 2021 21:03:17 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=am9c7U8YS7avRV96mmsbMm2DEEQOz65lsQGa5jmoIL%2FnL%2FkSd%2BjHjYShgj36HKC5KCQlva%2F9cfwwz%2BQ%2FGdJ1kHRYGyBsGu36jyYeu1vxilRzDnKGNtAh4ZrPRv38sVI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa4a409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nx9XvWrP%2FwEHYFfr%2BcLRbMLDx78EidKzAjDCgjq0VODXlfJjGjRGqluKdhOWMWw%2B7hiXHOLu0jKpF8F36VBv0DRt%2FdJ43XtIVjgctoKhYlqk7rFBBh05zGzPx5skzek%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa50409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491784
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuLzzySKZUthrGkElG9YQWDfGDoGqRRNw%2B%2FthmHMwBOnxgDK%2BFF8iSfRyktjQzL26tfJGVi0PrEjShSOH0sgzAYjPHWrawuysGtME5PNluLzgZw7XONphN0DYcj4z9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa56409f-CDG
expires
Sun, 19 Dec 2021 14:10:21 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKBFpjZ6cyoybkoUqGrXIe4pO2MA6IfhtPbk2x0%2BM2qc%2F7wnG8pl9tDz9pEaPQv5D1ZKpRaEAvemSBdpDzSBxX7zymSo8j%2FqwoR9haJ7%2BFSsDWme%2F0Xu3pZCMbYRj50%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa5d409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLLza%2F%2FPGsKtHMf7GAhRxLwtMDz4keoiK08Hlk4LfGWAcC%2BS%2BiuZJhmQeST64QwlvOF%2BzSiBkTmplSKNny%2BoOOO%2FgC8uMZk6r1dIBwhnmutBrlKe%2BEVAnCCy4yeOnLg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa63409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lb5JbIHUWwlC5rZKiUfnchqPt0pIvqFHOYAFIcz5jL3o%2B9rNfoJT08JlenHORVpPXObEN6kn%2FuXjxLTIoCrrPV45cdYID4QmOIFtHk%2BApi3YUs2VybvFT7X1Kkp2mU0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa68409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGQ6Ucfn3p4fn62%2BaGLR8ZknuK9Tepg6JsysX4Q1XSJys%2FqWjzR10vT37iSiRTAG7NvsjQDBEtk9Igrf%2FYn20ka78l2uOHYLIRXbuTUGLRaUCJisKm3Otp2X07F%2Fhrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa6a409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtRHMR3A7f3BLoczyY2V3GjjiwUCJfxMQ1i4SQGmkNLB%2FbXABLm5pP0Gk5eHWu9T309ySdc2FSsoADXOJN0xuZLVtaBW%2B1o%2ByC0izdg6TOp9FfLbLypPUOEpcY0%2F97c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa6f409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4KOhGPF9k7mUyfR632nmf%2FjRVrvUP%2FbgBi8yed48NoZuCLeD23SGz9gh5vEFrjM2q8X6UU%2BQv%2FYrnc1Glp7wdVyWSmQGBII4HFI2zvD5kc0WBR2Fc5NX2B7MbPdnO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa73409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YArMmBgqbrc9BYHN%2BALWNvTf77fJ%2FItNovzaUMYmkoEr2DIS6sMiWwiZ5SYEzpQW20Gx6nC%2BmR2miIW2FgCGW4z026oaXLd%2FI30FFWi3t7qqIkKG48Hxq0P%2Bb8H8tEo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa76409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJEJrEGzGCWnZlz10aOhrkQkfyeY5to5ebBgbNAwN4SsiZXhQJR5kweMmytooI%2FnL7O4s6OWFqwRPTdrrtRBrddgzs9rJSk%2B1nQdwBXWaNkQ4D4aGdqdXLuwyZtBm6k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa7f409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htijyDsm36joIRe%2FejeMlNgmMxboDMkHrRJ2ntqxVdD83YOZAyN158vKRifHVFAoLgi%2BgUj1YWdDL42M0KTsO7jc9X4iI4hFPSapoR1FZXCyzTgUMNYHMRfQ4P90bOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa81409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame C14A 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VguykqLrTB6hqYjJhxa6ZAIY3hZxAMNAREwe8mPojEh0OZyHKOsNW9MiDCxOasME582%2ByAi8%2BECAWMVu3rpHm3RGxFkg3S%2FcxkTVazpbfkiHPzz0NY0%2BtLP8Y914bWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41bab3aa82409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C14A 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d4f7712ca2d31ecf8056bfde29f31bc69ed86ff1388c5c14e134c211ec7a66bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51341
x-xss-protection
0
server
cafe
etag
5376547957962546843
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame C14A 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38SmBwhk11GmXPf7VKJkie%2F2lZbO%2BSsNFT1sdTJ2fD7vbtV%2FSJ1tpnN73Y9pNFPqbL3vI%2F8CSTrY%2Bwxwmd8Y6upJK%2BYuioFe9kpK1Jf7wn%2B%2BuVfGRF58UYtJ5v3on0E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab2dfad409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame C14A 		48 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWgurZxZWOlVxAaDoJQMUfBw4FaiwYOUE7LNLYC5d7fuSGmcBVwX5DvA8dY5IVMuESaxNEo3Rxq%2FxxH379akIWcn8tfkz8xXWf9LL%2B%2FwPUSxj8A66SIOWVlnA%2BtuDP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab328d2409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame C14A 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJnslgerusWrMkDV5lHIsMs3pgakZc7cTrDMPq28wM4PN8xsrACvtEfqyr%2Fj6XDua65uz%2FqmoiOA%2Fh6OcddG4zAnJCpkqSFhw1M%2BgOA33S30xyM8kgRW4mAw%2FiX%2B2c4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab3aa38409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame C14A 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177039
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcS2WKL%2FVENCfoeRzJ%2FV416F1ytdFW5DLmArXWubnJORw949teef3RJlc%2FR9y%2BSdwoqYJLqLRSfM%2BA0SrYF8euHpEYJHJqBVj3OJjyR6v5idU7FTxo2hTXUprLA0wp8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab3aa3c409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame C14A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3GwkuElVltwFVxeE%2BMZ6j%2BKBzZUstd9oqUFHDJeT15yXXSgKH4n0yGjMNjANEAp2qKmn3uAaTsFwflnMiJUpZJro0XBaxjjwUI%2BavIODKqTEY7Pdq9%2B64sT7w0Fgas%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab3aa3f409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame C14A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gB9pNB9pQiPoQhwZ8WSAPc1jomp4nI%2FNxBwFRclzAFBbZmpG37gFYAzzIBZAOZ9cfZzVnJl9pqlCshMBNItAGYDz3uUd%2BjIjAqQppz7pDgqdyN8xaAOiK9NIzgDEPD4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab3aa43409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame C14A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tbu5Kauk8PbyAG23JIqDcm05UqYklN%2FUpBdIhP7r2oyET8XGWi03VC9iWEFHYXdl6IOSnMj1pr2LA1guQcujIxcxrsAd%2BFYha5c%2F3FX9u1nDuIeWIYBg%2F4BNRkRTMIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab3aa89409f-CDG
expires
Sun, 31 Oct 2021 18:59:21 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 2E73 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190645
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7s04VdoewCifj157abICIOIYO%2BsFvrEOjJRXI5uITZm61miit4PpLA3D8F3IO18FHfpJf1hsCRgmiLyLc%2B5nYhGr4GkRnK55OSS4IJ9xQhYHNV%2B3fPuXmS%2F7jKXc8x0pAdM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab26ad3faea-DUS
error_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5D51 		450 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/error_grey600_24dp.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/video.g?token=AD6v5dyWvTOnbljcDUDvVtPVxVN9ku_DvfH5tDuBf74sOPJ9qfWD5WpUXWtKmaV2viU0ERzyLSVZ1BfVf5Dq7Fm7MMeV0xW7wd77CJ75a4NN_sEBPfW-dDSGOU5WYmS06Dt91XV4j8ZD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:46:34 GMT
x-content-type-options
nosniff
age
406810
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
450
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 08:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 13:46:34 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 8EA1 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190645
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joFljwwfGafaLOxQTNhH5hPkHJYAENFh6p8c0P7xCh%2BVXC4oS2xBIXV%2FZU8YJ2HNfPkhLnATkMqP7pSkqH%2BaRxlixuiY%2BDYZ%2FPGnbvHSZ6QSJg7sYtHeTMpHKZT53uGVS58%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab25acffaea-DUS
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame C4DC 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190645
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TF69LruXfpx%2BvGW7hv0TWrpnPBQqtJdlptdQ6H%2BwfJi8fmUJMT5bPKoE4Xb7vPQmARzdztWXS5TwZUCWQaboBwghWYIWIfirZxv3YIs5aPmXVpsBnfRzaD3inZxsXN1loZg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab28af3faea-DUS
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 11E4 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190645
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RkkcpzuDLcp5quTqdKZZkxQg%2FIDe5re%2F5%2FhalmWxSwzALETSU2UvMh0Q3FSEQ6mmEtdCKvdyIrMoL978pfRLjxtBqfzHKeBdIO6ePrHYUjM0ul5BAV3%2BJOK2h2Ir4pHEAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab2db22faea-DUS
style.min.css
sorrelma.com/wp-includes/css/dist/block-library/ Frame ACD6 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 19 Feb 2019 07:15:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6CGZbc1%2FowEbKzpMvgZP3waCRsqMl65v%2Fz1HAobxm7rGeo%2FNumO4qwenlHBvMHe54s%2F2JmIzBcOB0R2a2vXUoCgBx54niP%2Fpl%2FzqDoWrb51NEExonHFeC872GRNXSo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab30834409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
styles.css
sorrelma.com/wp-content/plugins/contact-form-7/includes/css/ Frame ACD6 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6qlxpunp403IqdAHq%2B57UstmNfNAdUaFEmKVA%2F%2Bx6JWy0Dg3hS6cBgGAFFur6A2JBFpBZ3AXMd7xJdPcSAZcj4I0Ogr9JXp%2FtU58BFMC9XYc6pV%2FjhyHU4AqVPN3Ms%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab3185a409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
wp-fs-publisher-plugin-public.css
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/ Frame ACD6 		600 B
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/css/wp-fs-publisher-plugin-public.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRoF2UvqqzBCntSh4SAJr29aMuoOuFVgarL8tmKAaHokMNuTeKNOQ19H2ccrDqHjPey8OEH9pCcXi5EUne6nkwB3GGL%2BXOhOO6Qa5KdFjkpHyslKcpaKROOExljfmCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab32884409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
style.css
sorrelma.com/wp-content/themes/sahifa/ Frame ACD6 		194 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/style.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T26BshykieWj%2BSWFfaPL9VjBaxXFMNB3LTxTCqIkYuFsh2Tgnhtzl8SjdGBy9YlZsiz8oaNv4F60%2FJTjrBLJ6o7ZrIsskRpnVzIRdZU1dtBjYSbUAgFsw189yBdVcRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab32885409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
skin.css
sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/ Frame ACD6 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jc6s2gbYqtTmU4cvbV8XfqiAZ1OVBH8CsZRaEkDDK%2Bi8UZ5rZWDvoRCV%2Fa9heMPdhKNE5kbm2b1uJw9GHB3CeMrkGVewWplt1jgTPlhcc7UAzZrFh4Tl7UOkkVz9%2BcU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6a41bab32887409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
css
fonts.googleapis.com/ Frame ACD6 		754 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 06:43:52 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:44 GMT
jquery.js
sorrelma.com/wp-includes/js/jquery/ Frame ACD6 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116055
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Jun 2020 18:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6uZ4C0eoy11Q9t3umIZZky9pxwt7imh5%2FSJhs%2BlKLOnUfqB0lkzUQiV1pxAoskByFbAhEhgEneIzqyBLu6zhl3sSprJik193FEDLKlNFcULIzJuFWrhwhCiVeHhAzs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab3288c409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery-migrate.min.js
sorrelma.com/wp-includes/js/jquery/ Frame ACD6 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 20 May 2016 15:41:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BfoWCrM%2FVk5nKq4GdBfkVDhreV9svLXAzZtHn1bIrKmbOQz4CU6ERf%2FKV0w6VM39r6JGfO5ztiFv3ydyARIoDlY6X7GVN2%2FcKbGCzL8%2FzasrI0LPD%2BaSGvWGGwzBOY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab32891409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
sab_bar_script.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame ACD6 		692 B
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjFvC0cKh%2BHG8M9LcyUVcD60EyWE5NjA%2B316aL576fSuc%2BhfLe%2BDv54ETUYUgyUEHbKJR2q%2B0MGk6M4cNgFYoLF8l9Hpw6i0UBfj2NDn4nrXfqCYmukk53RY8LXChgo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab328c3409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
jquery.cookie.js
sorrelma.com/wp-content/plugins/sticky-ad-bar/js/ Frame ACD6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2496788
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 15 Apr 2019 16:59:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvLD0Xn%2F6i445y09W7Jvw2ehlMiAYSY4HtWJR%2F3zTFB%2FAeYf6oTJKwTOWMrFnl%2F5wy5LOa4GJN0RaHEwXHxbDwdjVmN7%2Bj3NrepcKjMoAV5mBOwmESWRs3Wax9FHLgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab328c7409f-CDG
expires
Wed, 27 Oct 2021 09:13:37 GMT
ai-jquery.js
sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ Frame ACD6 		18 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/ad-inserter/includes/js/ai-jquery.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116056
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18
pragma
public
last-modified
Wed, 26 Sep 2018 10:04:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6F3EJDnN3cmLGm4jD8tzRevFbi7gGvZEaYTpSpc4pju0FLoQ5%2FhPCewGSbDl%2Bdt3uKY2SdkEbD0DTcQmUSUT%2FzK4kC5TKRrnOuyGix8XqFADWmm8c8v9V6Np6Ey2ufE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a41bab328ca409f-CDG
expires
Sun, 31 Oct 2021 18:59:09 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame ACD6 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190647
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtRnlvJ%2FvYa56dmo%2FjYzfo2radIGBp9DcWTvBaQbgQrZng5wuVhlm9kXuECGNrDJIL7IDsKqjTbfF54HC438%2FoIl8ZzAZXQpENZRRkGCj3ugc4eXF1UlmSKDOjXXqBVHDpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41babc4a85faea-DUS
geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2886209
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41596
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6hHY9tx0lg5rOv%2FvUGdbaMTcKhgaQYxHATvd6uXIHqut%2FBvUQ0CLo0xApa8lK%2FdPWZ4Z1NQ5Rhe6Ps3LVm5Gcit%2B8SoFMdhy0tMPGOmr3ONZqcmCgbDjsldgy6py0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4e91409f-CDG
expires
Sun, 21 Nov 2021 21:03:17 GMT
1519250928_338_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_338_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53414
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vq1rqMky3bMHPdpslj1fF6IpGzIfy8M5j9W3SManxAwbAsAK34ytJyFwtQ%2BtHgd2HYsWYDS%2BkeWU8A3eQ0NzbzOn%2Bh2l85Y2qNs9wkoqBw8Hy29Suy4YNUGXpP4mrtE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4e95409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_833_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_833_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132464
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAYMM2tcVZtwgxXAP4G7XWno2ctC2bkM6b2%2BR3aCvgXxHc8G0JqY0xGXj0u6D2VMyxcdAG5%2F3SxHB5O68YW%2FTg%2BkBlMv8denIJ5Ag%2FdaFRuzai2LDEk90Lr2UYhmH60%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4e97409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_72_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_72_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
491785
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51854
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tb%2FTVU%2BeDXE6AF4Zlky7T0LEZ5IdbpJu0Mme5yVsXb0EMI97K7TvA3mr5V77DgjyUSQSLDxBuqdAv%2Bs6OvW%2BIjLeXLVgT3NGIZ%2BSPHRCe7zU%2F27jKk0LqeKbGEOsCHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4e99409f-CDG
expires
Sun, 19 Dec 2021 14:10:21 GMT
1519250928_78_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_78_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34721
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yA%2B1RBh0ktaTc7HgDrOTXP7IvHWtsdCSTNYJsPO5r0WpMYGLuUGLAn2SGPN7oq0%2BIczHIlcBxkR5SoBDOxjkEqhsyhm2XkjDiluYjz2uWd6vRDrK0mVmbkcNJuvK5bM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4e9b409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_579_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_579_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66290
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrDEQu%2BJQkMujbD1lj3tGFK8vqD%2BpGsj%2Bvnw%2B9T7dZeTK%2B%2B5ScmE1UQoF86umzGSUEgPTxMHhjEDOMLp8RCJ4rwvEcB1nWCOu726t%2BSoE%2Bj3RIYyWmyPOedGW5dtgUc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4e9d409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_550_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_550_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52987
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBdZDaDwT%2FQcqLVFjIBShXeXqUASf5clt5rBfyZc6zfFcx9HxvlNf4DZ0EAm3IkirrZbgDqV7HhQvBHLeX%2B9fuonc1MYcTecus1X4V3e5bOD8EhGdRj0M4qsDt6OKAc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4ea1409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_109_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_109_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68634
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNcdqPCrnJhhPfZ%2FcwcXDpYsZBjJkwWymgoaj4NMXBpc8K93Di1gDfP47wFBmLPYdhh9lOYaTgbmkh4SkNQyFs6qZz%2BVA05Fu7%2FDivcQLMfVibW%2B7bO6yNCDydR4O38%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4ea6409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_601_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_601_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50513
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3l0VEWLIGuizzQGLlOg0EhOiYIoEfvIm5xnnvMyfr1FYWDZpqyAAU0f7IeYlyRa9ShjArBCJG3XWHlxZfFuK9%2Ft3d6wdNz4JCoOXaQKiDiTjlq6jSpJn5IOryoLCvjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4ea8409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_640_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_640_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58074
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjrpU2fWPx3sAKyn2qHMbRSW5QAdww8md6uORfIVRdwEeSsOiLEAFSsgYDuXBFDSrFfSfHAw1nC4dAXSCQwKTBkDMtGfNwfV9qjFVAz2%2FwoheizovJM2WCDKvny1Wtg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4eaa409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_413_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_413_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39407
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaje4DH1uvFyyv%2BlQrzIkYs7DLjt62ZFPqk%2B%2FWVb%2BNJONQ1Rf6SmOD2JO3d4tUwKXhCot00BrKQsAT1GcM8W9rVrRFN3pd25W05bpjC4TqR6aBjG%2FrXnyNVBpx%2BAZ8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4eac409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_485_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_485_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
50338
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1FLEjHYMLyQV07N69jR%2Bs5S8Jas9B2rqb9MDTTM%2BH6hB3ALyxaLwQi2hWYuvK9rKrFDQAUy47DJOI9XzxzJehjUR0gcqNHnFanzRdyDXYXaRoSW0KeIolKtSzN%2BEVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4eae409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_592_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_592_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35682
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsL0XY8HoVW7IMFmOT74ekt6jfP8KT47dNb52LUbFqjhMmyVhehg%2FUf%2Fh8%2FlsXkTunsDjdnmkIOZFpIy3o1Rvw9%2F%2FdmVYbA%2BJ%2F3Alx7tsLAuY2wKe5XSdjAp7ox1zNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4eb0409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
1519250928_598_geometric-tattoos.jpg
sorrelma.com/wp-content/uploads/2018/02/ Frame ACD6 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sorrelma.com/wp-content/uploads/2018/02/1519250928_598_geometric-tattoos.jpg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116058
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49828
pragma
public
last-modified
Wed, 21 Feb 2018 22:08:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwzHEquw0gz4YjG7rFRCUSgHvdIByeBGO3bhhAQhtjlVDjtQEzxRmVuTr%2Fhb1WgD0cWqJaUzzO5Sm%2FSKMTMFm4jgLfdxvxEc18RzPwuA6Zb5gj9RVAADj1ci4pf6nZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
6a41babc4eb5409f-CDG
expires
Tue, 30 Nov 2021 18:59:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame ACD6 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d4f7712ca2d31ecf8056bfde29f31bc69ed86ff1388c5c14e134c211ec7a66bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51341
x-xss-protection
0
server
cafe
etag
5376547957962546843
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:46 GMT
scripts.js
sorrelma.com/wp-content/plugins/contact-form-7/includes/js/ Frame ACD6 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116046
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 18 Feb 2019 09:39:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mduWDf29pgmGStEt57mvZxVLKaTrOd9ASxgwuRcKD5Fwhtvsdj%2BF%2F2KyEkvSapRvshiOFaxZ3qEkXEfBqWHXDKWvoDjFbHoi7FkOVPKjGeDXrGCF5t1STcp4dydtvas%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41bab9b848409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-fs-publisher-plugin-public.js
sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/ Frame ACD6 		48 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/plugins/wp-fs-publisher-plugin-master/public/js/wp-fs-publisher-plugin-public.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116046
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 18 Jun 2020 19:14:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWyAZkUIf5tBxvz%2FqWPy7GYrwJ5Iai42AVfLCUbOjZHVCoOQBqFppfhmATUP%2F32InytZEq4mLm0tQ%2F92GcLewuXqi%2F7%2BzUTcRix0kY8OfQfLwjC7Gzpy4xsfqLCthU0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41babb7c3b409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
tie-scripts.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame ACD6 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177040
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IL5%2BWVa8E8C7WNKrSW1OzcG5TNzATU2KWAxmFAwiuUCE%2BlElKQRHYdyDUQ%2BN1Lr4KU0IoeIKkzjWZ%2F0M6tGjpe0SzHmGBgDoMKvqWjOhuxx34vSYDHbQepEBlHWNDF0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41babc4e75409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
ilightbox.packed.js
sorrelma.com/wp-content/themes/sahifa/js/ Frame ACD6 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
177040
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Tue, 05 Dec 2017 19:20:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2ZEhVgFZNwDw%2B6RWuRwP6Ve%2FoGcdSutotg7PRtK0FKKwJRbUPvoNmIypKjAaYHVTOlmgKIqrPe3aFwhV0OJc2amGnRlONbrf4HLqR%2B3kj4q63xueHlvew%2FA4kwSix0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41babc4e8b409f-CDG
expires
Tue, 23 Nov 2021 05:36:06 GMT
comment-reply.min.js
sorrelma.com/wp-includes/js/ Frame ACD6 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/comment-reply.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116046
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYmsEgVaWl0SF2%2Fidn2uUg%2Flj4VAFEd3zTpKoZ5iLcRasEBn8jHNOYjNYxPuPHQLbPCOCu9o6tpD0SkB9ilS83dpROjTOdt0HYCcshlikl7xlhbcbGkmQh2CRMQ30dA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41babc4e8e409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-embed.min.js
sorrelma.com/wp-includes/js/ Frame ACD6 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-embed.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116046
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdJV1CK2JOyrX94TxT9%2B%2BsKp8qXrl%2B6KwnvVGLgYc4XFUq%2Fc0yc%2BbiC7vo2i9AQwAKXPG17kFWGVy%2BuleX1U5cXxau2VN%2B1JCpmAajY83e8OaTkEfUigJqjs7QqqTZk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41babc4e8f409f-CDG
expires
Sun, 31 Oct 2021 18:59:20 GMT
wp-emoji-release.min.js
sorrelma.com/wp-includes/js/ Frame ACD6 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sorrelma.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2116045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Thu, 15 Apr 2021 03:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXfXteDqlHKi696l7WPWVkmQdhV3qEejoDMTFj%2FPxW6JUnbgGNQ5EZq7WHXeX%2B39eR7j8P1Gm1CxvYC99qwkRRbXqoZ%2F2RrptCywoUPzzGRb4avtFxWUUkNH%2FLe2CC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6a41babc4eb7409f-CDG
expires
Sun, 31 Oct 2021 18:59:21 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 9940 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190645
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBF0Vbv0r0MouY0p9L6w307U7AsRZgIEVt8dG8mhHM2EOrvARQQx1l9lXuifG1aRXIb73zVxhrlZCUa8v1VSOr2VxZ2BuABlG8bdzRfx9fC5XNDobBruOV1wrk6qgIB9aRg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab32b56faea-DUS
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 7893 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190646
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UP3K8VTHsfWXXrImlGB7UV530rxJDg5q0oSZJ5WTINx%2BQQqvfiif7XcwndZBr6OkqxQ%2FO07GPReYC4Xin8AO4xaDRero4RsUE%2F4GKfeNRCVUaV%2FeTc4ac89UyViLA9kR6%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab39baefaea-DUS
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2E73 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
fc7839ea7f4f4b3783abe6b75401d534ad60b3f96e1e54b1d05a3e61c516d8d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 226 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27202
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 2E73 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab3ee618741-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 2E73 		16 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyxvEWmDWgF1kg%2FmmmBa06p%2BMnYOFOJmyvpnRMg%2Bm4Jviqf5LCO2WMVUnn%2B3YuGf6%2BheA6kCebFhE5Kzw7yMpVAgG67VHZ0V4wusbraCtdiXbO9CNzBgk6qDasOs%2FgAsvKo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab3bbd5faea-DUS
prebid
ib.adnxs.com/ut/v3/ Frame 2E73 		18 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6ac8af5a62b0600dbe8262559a94429086a4bc2d762a165521d346c6d7e918d5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7e109e0b-265e-47a6-9e33-b756b0aeb3a0
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8EA1 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4b5ed269529aa40268044786c0d3936d6ace2a524dea3015dc75d498e585d199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 828 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27197
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 8EA1 		2 KB
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab3fe718741-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 8EA1 		16 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92WFNlI8nK58HGvixWDydw%2BdksyNM12BVAdN6Eso2UOuHuIMv1%2B4ATatmMIwtJfBA8L2tNHBcX1sLnIXQeKqHoFgnrVUyKfHCZTW550ib6Vn8AjY779k9Y9LXjcs4lsEFO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab3fc04faea-DUS
prebid
ib.adnxs.com/ut/v3/ Frame 8EA1 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
bbbc7d59d262467d2edcf1fa496f2ab3c5cf0ef9c419e949e4971a9652750601
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:45 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f9561822-07ed-4de0-bc65-cd77f0b2f1f5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 9C7C 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190646
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gO5x8Xj9FWe7uduy%2FK2RrfzoHaXiLoP4ErWMwAZF%2BTCdowLbvee3ZC9Qd%2BtHSeCG6p%2BUPR5a8wTgzx3mhM3o4Rs2ZF4YSXuqU4mF6hSVfhn2WjIs3p65O2PMJ7rh5VFXLyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab3fc07faea-DUS
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 8EA1 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab42dad7181-DUS
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2E73 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
b10f796cd4fd81dbb1a7d9c96e7e661dcc52019930b64f4e4da9c7e22646b823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 914 of 1000 / last-modified: 1635199591"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27204
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 2E73 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab43db07181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 2E73 		16 B
528 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCJXc1vcF%2FmS81tZO1ykcvkY3aRPDtySLn%2Bk73VvRs2fEhNTYHcnfsRf6j1w1LtZSQmlIyr53359WJHzzloh2ggocrfhohGghxlQv65TqF%2BDy5IG2Wp2gl0KJmfT6LrOSd4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab43c1efaea-DUS
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C4DC 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
749dde7ea65e311c5879e09460045893d0c034594441e21c78bdf42a02a59462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 754 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27193
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame C4DC 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab45dfd7181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame C4DC 		16 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlXYdWGEpEG8ydKqoaDvpGBVn3fdpSDRZW0mg9IDjfdFh3IEjDkZlbQOOk26yuOJp8eKtFvay%2FzpWFJIVZqYNegJPBqADBYko3E%2FSbluat5Vu60g6RlFD3HPFRJUJ%2Faw%2Bqg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab45c36faea-DUS
prebid
ib.adnxs.com/ut/v3/ Frame C4DC 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
82856fcf5dfcdf1a2cc684b7d6db55430e41d6d72f8ff7bffe06719c8dd41c21
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b50db786-a0bc-4800-93e1-7461f095328b
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ Frame 2E73 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99003
x-xss-protection
0
server
cafe
etag
2748601908783812869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 0A9C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211020/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 26 Oct 2021 04:50:41 GMT
expires
Tue, 09 Nov 2021 04:50:41 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
6964
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame BAB5 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190646
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mByhly2EY2%2B45FagfTyZQWsDRN3TjG5nu7EH8WGIZFL57pTKmMGugB3dUjazg3rHfXAT5ePv5XykAgf5Q0pBaYSxHuD%2FskbZ%2Bxtjhll3Dsm5SveoRaflwqZV29%2BQ%2Baa6vvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab50c9dfaea-DUS
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame 7260 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190646
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZlJy6%2FRmXFgOKt2L4MuPZY6AujeE4lr1FllC80QbMJ3G0zOm4SSy%2BGMYC8jETOrRaK3XZHjAeUuc32R%2BHx%2FioTR9b%2BENh10CBqsSBm14lNTS%2BMq4m8yauTqgx2WdF%2Flxb0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab50c9ffaea-DUS
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 11E4 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
c92ef7f4dee726ce16783eb291e298ebd77f5ffe00ddfbc3b82427600512f50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 562 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27198
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 11E4 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab52f287181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 11E4 		16 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=froTNrjRKsI5sfP6ExN01X614e6AICTRmsljn5ghXsrBUUoJBlnGXvB41oVzzwr8WwszdzRvR79VL29a44GeGs9qLzZ3WawkRccwAYq7QwMQRI%2BD20f54%2Bp6KlejKQJPgXc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab52ccefaea-DUS
prebid
ib.adnxs.com/ut/v3/ Frame 11E4 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5ccab48f1c3eca083d98eb28d02e0c904a278187bf061452b60700300f26b8fd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:45 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e1305e4b-bf8c-4ecb-b63e-da7069e7910b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C4DC 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4b5ed269529aa40268044786c0d3936d6ace2a524dea3015dc75d498e585d199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 848 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27197
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame C4DC 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab58fa77181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame C4DC 		16 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kd2VA8yhfrhwzGo%2FCAJVep2NuL%2Bse1y1grJLjd2r5lHtzFq6ws0MWGMkSo5VausUXVWrzKdvoqTyfm2VCPByOXaVggQeRJvIzqJHK6rqHQK%2FEdLkquZn8f1uMu%2FWQXll%2BTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab58d28faea-DUS
tag.min.js
api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/ Frame C14A 		386 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1190646
x-host
adinplay-1
last-modified
Wed, 21 Jul 2021 14:04:03 GMT
server
cloudflare
etag
W/"60f82953-608ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evJmGyc1IfLy6iSb49dcdfEivyMaihnw6Dy%2F2qeGPYen5S000QigfPaG8GqqP1U612ch4IvH0OLEaVOU0gZxF65J7cQInf4K6z3bhEoCytRZXsa%2F%2F5pLjEDs5f%2FRtK6z71Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
cf-ray
6a41bab58d27faea-DUS
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ Frame C4DC 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99003
x-xss-protection
0
server
cafe
etag
2748601908783812869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ Frame 11E4 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99003
x-xss-protection
0
server
cafe
etag
2748601908783812869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ Frame 8EA1 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99003
x-xss-protection
0
server
cafe
etag
2748601908783812869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9940 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4b5ed269529aa40268044786c0d3936d6ace2a524dea3015dc75d498e585d199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 840 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27197
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 9940 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab679a57181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 9940 		16 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zwTPnI66ZbdGVB5iy5S%2BA9ppufHy%2F2QLpvUGeAzTTs141RiPD4M0s50IewIlmtH7Cp7cpOSyrd3D8%2FauE0WrX1gWMkMUVIfXq1duZt%2BpOaQfq5OdV5AkfuXIoCkoPuEgE8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab67dbdfaea-DUS
prebid
ib.adnxs.com/ut/v3/ Frame 9940 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b54777126e9c740c61e9108b19f2e04dd8cbd15e9fd389842fb738828a1bee95
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:45 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d5e091ad-3d2d-426d-862f-01b2c914d3d9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/ Frame 9940 		269 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
50312b216f25ff012bcf3edc5df33b6a92a974b1dbd612cdfef9652a4e291e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
98559
x-xss-protection
0
server
cafe
etag
10690806773642453916
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 9940 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab6aa277181-DUS
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 11E4 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
b10f796cd4fd81dbb1a7d9c96e7e661dcc52019930b64f4e4da9c7e22646b823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 335 of 1000 / last-modified: 1635199591"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27204
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 11E4 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab6ba3d7181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 11E4 		16 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2PoWQCFgbV%2Bwyf1jI3%2BEzQeHiBPtt7GWm9waJPkz2ZOQbtZyrbsx1BR9wmUEY%2FqZ7cuu2qXVqPIbwj7FivAZnUGXj6R4a0lQGnoMHXcE6MUH2cP7iA1ALpEb3GSINc0bLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab6bde9faea-DUS
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ Frame 7893 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99003
x-xss-protection
0
server
cafe
etag
2748601908783812869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7893 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4b5ed269529aa40268044786c0d3936d6ace2a524dea3015dc75d498e585d199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 722 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27197
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 7893 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab6da7e7181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 7893 		16 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A81GB8qHenD%2B9ch0doTh76vIwVkqKzOR8eLPjK18iyxSK1nCjupg91HGmT3zcBw7hbizlW4nxd9Mjzupdbx52BgA6OgaIYxbW1AFtvaY5ovJIL2KEtkvF6A%2BkA%2F1xlrbG%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab6de06faea-DUS
prebid
ib.adnxs.com/ut/v3/ Frame 7893 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c863fc135c7af37eae40fb8d2ee824fcbdbf66bf49baa187f59cedac183e27e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:45 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3a0d4dd5-2d6e-4197-b827-30579fe3256e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ Frame 9C7C 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063260
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99003
x-xss-protection
0
server
cafe
etag
2748601908783812869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BAB5 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
1453bf9973d7a5f036de806193894a36df7296fac0c5b9c5ad0319bbdba87953
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 695 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27192
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame BAB5 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab71af87181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame BAB5 		16 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9n8l7FmJcBBX%2FLRdCCG04fUTNtB2FAGGP2dIpnVdMftVI%2FnX%2FDZyrdEc%2BzDvP7dsHhyqtxtqcD475v3pTKt2M33BhLPayAflqo3o9KfW970U%2FVnyFkeNh8XNX68MB93z1HA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab71e41faea-DUS
prebid
ib.adnxs.com/ut/v3/ Frame BAB5 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
cf64a1c5fe0a589f22663a9c5766281b24d4ce079a43e73e36e68f67e8a9fa43
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
376c2bb0-ad4e-42f4-b3af-a474a4cdad96
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7893 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
749dde7ea65e311c5879e09460045893d0c034594441e21c78bdf42a02a59462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 836 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27193
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 7893 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab72b0f7181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 7893 		16 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f47rUNeHvztlD7PWSmIkre8pH2Ea8%2BhXMhJYPFW0tM%2BDGgGzsNAfyzU5yJIDccGuqVlGHoBDepxj2mu8C9S7w25KgbqxqTFexrc4knuQiSAC3a4ftDivxDnCTty9LTN02gc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab72e4efaea-DUS
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/ Frame BAB5 		269 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
50312b216f25ff012bcf3edc5df33b6a92a974b1dbd612cdfef9652a4e291e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
98559
x-xss-protection
0
server
cafe
etag
10690806773642453916
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9C7C 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
90460476ece91e96a8c19c97102fd1425e7212ab787aeef3cf23892f1a18f999
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 589 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27196
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 9C7C 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab7bbe87181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 9C7C 		16 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIyYph53mu0k6Q52AKfGaC%2ByrbRPe7XqvATLQ%2BwyIxm6X2rgRP2G4QjLaBub2hiq%2FYfVWYKwGrADeBcNdjQS42WB7T8qNVDZ0Nm7EnMp93DQkLnoov4A8H5%2BNHTQEGXp7Os%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab7beb5faea-DUS
prebid
ib.adnxs.com/ut/v3/ Frame 9C7C 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ae6d27b8e68c71ab19353ed1ce29fbfbbd640c99d5e5fd854ce4932b111bc747
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:46 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
68211b06-b82e-4fea-b702-b08f251505dc
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1541 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIzYVEEAoYAyADKAMw1cjeiwY4A0ADSAMQ1cjeiwYYAg..; uuid2=62360758021387158
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:47 GMT
Date
Tue, 26 Oct 2021 06:46:45 GMT
Connection
keep-alive
Vary
Accept-Encoding
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/ Frame 7260 		269 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
50312b216f25ff012bcf3edc5df33b6a92a974b1dbd612cdfef9652a4e291e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
98559
x-xss-protection
0
server
cafe
etag
10690806773642453916
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ Frame C14A 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99003
x-xss-protection
0
server
cafe
etag
2748601908783812869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C14A 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
b10f796cd4fd81dbb1a7d9c96e7e661dcc52019930b64f4e4da9c7e22646b823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 905 of 1000 / last-modified: 1635199591"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27204
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame C14A 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab93eec7181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame C14A 		16 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1YTKyMYs3ler0SZNXnbVR%2FzSjHXU5fc4CEtBtWrvbmASokHDxuxZV1BvttKWSDlOiGqpkp6PhCGdhw8t%2FffFJw2Iao%2FcAUnr%2Bmvu0p3QAP7X1w5bnAzfMrHN221BfL636s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab93ff4faea-DUS
prebid
ib.adnxs.com/ut/v3/ Frame C14A 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
798ee3b11097ec24ec25ddaa5573702ebfeda1c3742133e8078a287176b75f02
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:46 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6219d357-014d-4df1-94fd-300e1e17dc54
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl_2021101901.js
securepubads.g.doubleclick.net/gpt/ Frame 2E73 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125444
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9C7C 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4b5ed269529aa40268044786c0d3936d6ace2a524dea3015dc75d498e585d199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 742 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27197
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 9C7C 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35995
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41bab95f107181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 9C7C 		16 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205512
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qB8TcDm69fR89l4UsBPmHHVFZJfuraiTV0tUo4rAyUWmS9D4RmkyNcLxhsuqunsLG1F%2BQ2pb015pJHpSq3SptJoA4ft1Bx%2FbXlThrgpLsYy8qENNzv1vEumhfhlU3EdmQho%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41bab9580bfaea-DUS
pubads_impl_2021102101.js
securepubads.g.doubleclick.net/gpt/ Frame 8EA1 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122596
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
pubads_impl_2021102101.js
securepubads.g.doubleclick.net/gpt/ Frame C4DC 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122596
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame E8A7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIzYVEEAoYAyADKAMw1sjeiwY4A0ADSAMQ1sjeiwYYAg..; uuid2=3976595427479291674
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:48 GMT
Date
Tue, 26 Oct 2021 06:46:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7260 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
b6233685afc11110e694e7ad31c8270c190a7cfdc7e6ec1f513b44b909822a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 190 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27206
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 7260 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35996
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41baba78a77181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 7260 		16 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205513
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4TTa95q4t0gVSkKv0H0%2Fqs2jhbGcNifYmW2tGy5g7oTEL92ZxbQdZwQ5Hbu5ZQJVnOj%2FzN1dgn%2B4UDlQe4n%2BdpOwAwCKLeRcxSeX1xMpvFrbms1FMR%2Fof4PDaS9zOCYIuw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41baba790dfaea-DUS
prebid
ib.adnxs.com/ut/v3/ Frame 7260 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
60a134814229e23aa2ed1da03a6c9bb606e5cf8d3f2cf4541ade9b0b8564accf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:46 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8f965bfc-e39a-40a5-b0d2-aca34bbd7c80
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl_2021102001.js
securepubads.g.doubleclick.net/gpt/ Frame 11E4 		357 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
b9919de95c42a17aa0277a1552e81c7940256876aec0a5f8332066e339fede92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122914
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BAB5 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
749dde7ea65e311c5879e09460045893d0c034594441e21c78bdf42a02a59462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 830 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27193
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame BAB5 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35996
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41babaa8e27181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame BAB5 		16 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205513
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RjHdLETAEOwlVpvRbH0%2BLcRasA29Q8l%2BG2Yd2skT75HvmfmukSwnLaKJJ7NAZP2PYxGlfX41EIxcv7BUgbV213Ak%2Bd6%2BkXrlzOs6rnNRXS1Cg1pNV%2B79GBGXJpT%2BfQ1pyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41babaa939faea-DUS
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 7260 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
c92ef7f4dee726ce16783eb291e298ebd77f5ffe00ddfbc3b82427600512f50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 630 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27198
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 7260 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35996
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41babab8f47181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame 7260 		16 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205513
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7Lblh9%2FQF2n1l%2FXoEfzIrUZbWr9Cc6%2BkpyyoNx4B17tW8Tx3cbAdwN4YNpJP2oYjvYRm1FMdW7AiY8h2FzhDG2YYe3V0LNiSbBJNea2dX%2BF48ICH44cd%2BCIPJh5H08mQpA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41babab955faea-DUS
async_usersync.html
acdn.adnxs.com/dmp/ Frame 63E9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIzYVEEAoYBCAEKAQw1sjeiwY4BEAESAQQ1sjeiwYYAw..; uuid2=62360758021387158
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:48 GMT
Date
Tue, 26 Oct 2021 06:46:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9E62 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIzYVEEAoYBCAEKAQw1sjeiwY4BEAESAQQ1sjeiwYYAw..; uuid2=62360758021387158
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:48 GMT
Date
Tue, 26 Oct 2021 06:46:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
pubads_impl_2021102101.js
securepubads.g.doubleclick.net/gpt/ Frame 9940 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122596
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
integrator.js
adservice.google.de/adsid/ Frame 2E73 		107 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2E73 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9C39 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223578&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805209&bpp=4&bdt=650&idt=1141&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=246032844071&frm=8&ife=1&pv=2&ga_vid=75252885.1635230806&ga_sid=1635230806&ga_hid=672280154&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062525%2C31062663%2C31063183&oid=2&pvsid=2261141832269456&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.7842lu6tkpf4&fsb=1&dtd=1154
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223578&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805209&bpp=4&bdt=650&idt=1141&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=246032844071&frm=8&ife=1&pv=2&ga_vid=75252885.1635230806&ga_sid=1635230806&ga_hid=672280154&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062525%2C31062663%2C31063183&oid=2&pvsid=2261141832269456&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.7842lu6tkpf4&fsb=1&dtd=1154
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:46:46 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 26-Oct-2021 07:01:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 26 Oct 2021 06:46:46 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/ Frame 8EA1 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8EA1 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B872 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223572&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805499&bpp=1&bdt=933&idt=869&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=2570955413733&frm=8&ife=1&pv=2&ga_vid=1341641798.1635230806&ga_sid=1635230806&ga_hid=276536048&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31063295%2C31062526%2C31063140&oid=2&pvsid=3355200543626438&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.tnakrv33pedt&fsb=1&dtd=874
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223572&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805499&bpp=1&bdt=933&idt=869&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=2570955413733&frm=8&ife=1&pv=2&ga_vid=1341641798.1635230806&ga_sid=1635230806&ga_hid=276536048&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31063295%2C31062526%2C31063140&oid=2&pvsid=3355200543626438&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.tnakrv33pedt&fsb=1&dtd=874
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:46:46 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 26-Oct-2021 07:01:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 26 Oct 2021 06:46:46 GMT
cache-control
private
error_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D9B6 		450 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/error_grey600_24dp.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/video.g?token=AD6v5dzFToud6eOwF6DDN_USuHvgzQ7lyQayXzWoZpEr_XMHSdVgBch07eiHeEvB49bNeIMoH-UhY5HrVRYjv6MKhjyTKTV5EM-WZyosM3tUQyIWVoY9yLNmzfkZM1fmfwzNuGsa4akb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:46:34 GMT
x-content-type-options
nosniff
age
406812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
450
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 08:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 13:46:34 GMT
error_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B0E9 		450 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/error_grey600_24dp.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/video.g?token=AD6v5dxqy7I0uiLMlz2vz-5QJwBFvf2BaDqL80icaKCXOxLU9GQSt7p91CVfkjF8DIbzsSoAJid-U5nxdBBe14M7Ycwgwn0Twp80t4QtC4nrSf8sjL-TESfe1nFG1Q0RKVNIk9_4P_Bf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:46:34 GMT
x-content-type-options
nosniff
age
406812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
450
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 08:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 13:46:34 GMT
error_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FD65 		450 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/error_grey600_24dp.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/video.g?token=AD6v5dwO3cqciAyv5mT48Kc-GWghHqQxkL24ngctktDhTIHV-JJFmxYbzf40dAybudLmbkD1h3Cj-R9D71fC19ROhNfaV-GsebFWi2D8EnCGMR-DVMxDxDDoL5gTbh09xQJKM8Jfers
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:46:34 GMT
x-content-type-options
nosniff
age
406812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
450
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 08:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 13:46:34 GMT
error_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FAEC 		450 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/error_grey600_24dp.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/video.g?token=AD6v5dwA0HvO9ySrTA4AtnTmz6rg7pDmVi49eCSMfoAiCYVq5bGD4MrdyazUj1pySxr15OFEIQBmLCD8GWGqrbD78iUY9dC7YJRRkIyh_SkWhXS-g_C8C_at_CN8wiofN_tUj5R4KdM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:46:34 GMT
x-content-type-options
nosniff
age
406812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
450
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 08:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 13:46:34 GMT
error_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7A34 		450 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/error_grey600_24dp.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/video.g?token=AD6v5dy2V4Pr2u83-ANpjVMPvEGUg44Aoq_OUnsTzL9ty_Ypqnetmu8E2zCDBiwQQo1MkrHzsLsaOn2Df0MCHzeSA1HxC1USc55RnkLYU_HWjNKELvVZ9w3-EOZ3hS5TXmMAPayNRNkw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:46:34 GMT
x-content-type-options
nosniff
age
406812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
450
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 08:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 13:46:34 GMT
error_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F3F3 		450 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/error_grey600_24dp.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/video.g?token=AD6v5dzYtFM2KnRS7vtOZwJx9JW3NsSuamg-_-8CX2zBB8atVqL-f4Fj3dBj0cQ7kg8bfkvOmZl_zU50azldLUxv0UYOiMN8nq6az46LJCYwLbXyIXXsFqCdDT0Cna7RtiMAFq9b7UaS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:46:34 GMT
x-content-type-options
nosniff
age
406812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
450
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 08:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 13:46:34 GMT
error_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6270 		450 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/error_grey600_24dp.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/video.g?token=AD6v5dyu-KDYiQjmrzsOv5XKYtVCe8iyczSnjMGwhCVgBCRQWv8Mt4EJlQuFtZHNmH_UpGZ3YfqXI8wSf1qD0EnaVbFp_V5XW8BVbE9FAIXTGBSgwT7pSedo4jIMNkVP735lFcSx9r0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:46:34 GMT
x-content-type-options
nosniff
age
406812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
450
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 08:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 13:46:34 GMT
error_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4F9D 		450 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/error_grey600_24dp.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/video.g?token=AD6v5dwbo6WmQHoWlTRjvl8xjhThARiuHjrJTFnLvW401gQGqo5l-v_mvyxalZNXxqrK1tEiCeIA7setQvHHCv6yjgIaYYVK03C5tQU7SdUm7MtyjRyyfU-WtWZY7sfwNLyTApvOZk0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:46:34 GMT
x-content-type-options
nosniff
age
406812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
450
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 08:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 13:46:34 GMT
error_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F8EA 		450 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/error_grey600_24dp.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/video.g?token=AD6v5dwxP2r0VzVZJOiHaYWOT5pF7hV52_dbHqHy9vN6mbVgYQUfGwlDe4hTClZuL6AKr1UmECAGRl6UZ3Hh9FrbY6HOjSs_TOChMvEfR0ll9nRYrWFSXgLknoDBsf2CtcqMy9hBVL4i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:46:34 GMT
x-content-type-options
nosniff
age
406812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
450
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 08:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 13:46:34 GMT
error_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F817 		450 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/error_grey600_24dp.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/video.g?token=AD6v5dxOziquq0qY23ht3patikEdWb-M4mcdu5vwv_9MvMME7iLKK229_DmigxG4BnRjjLWDdftCAlLeIaNMLHIf7Fj26cKz4w1KDxVLf4xTHEp9J25i9Rh72nnBQBwgmKNa-rKM0G3V
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:46:34 GMT
x-content-type-options
nosniff
age
406812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
450
x-xss-protection
0
last-modified
Fri, 08 Nov 2019 08:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 21 Oct 2022 13:46:34 GMT
integrator.js
adservice.google.de/adsid/ Frame 7893 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7893 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2C73 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223577&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805556&bpp=1&bdt=946&idt=829&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=2177627242792&frm=8&ife=1&pv=2&ga_vid=901358038.1635230806&ga_sid=1635230806&ga_hid=1652268948&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062422&oid=2&pvsid=2143231000418624&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.kkk5w0qsuaga&fsb=1&dtd=835
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223577&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805556&bpp=1&bdt=946&idt=829&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=2177627242792&frm=8&ife=1&pv=2&ga_vid=901358038.1635230806&ga_sid=1635230806&ga_hid=1652268948&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062422&oid=2&pvsid=2143231000418624&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.kkk5w0qsuaga&fsb=1&dtd=835
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:46:46 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 26-Oct-2021 07:01:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 26 Oct 2021 06:46:46 GMT
cache-control
private
pubads_impl_2021102101.js
securepubads.g.doubleclick.net/gpt/ Frame BAB5 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122596
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
integrator.js
adservice.google.de/adsid/ Frame 9C7C 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9C7C 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 944E 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=980219931&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805589&bpp=4&bdt=955&idt=820&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=2600376283715&frm=8&ife=1&pv=2&ga_vid=1399544675.1635230806&ga_sid=1635230806&ga_hid=135499769&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=44752094%2C31062944%2C31063260%2C31062524%2C31063139&oid=2&pvsid=2094331154805026&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.wnamiar7qjok&fsb=1&dtd=831
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=980219931&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805589&bpp=4&bdt=955&idt=820&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=2600376283715&frm=8&ife=1&pv=2&ga_vid=1399544675.1635230806&ga_sid=1635230806&ga_hid=135499769&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=44752094%2C31062944%2C31063260%2C31062524%2C31063139&oid=2&pvsid=2094331154805026&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.wnamiar7qjok&fsb=1&dtd=831
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:46:46 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 26-Oct-2021 07:01:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 26 Oct 2021 06:46:46 GMT
cache-control
private
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C14A 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
b10f796cd4fd81dbb1a7d9c96e7e661dcc52019930b64f4e4da9c7e22646b823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 946 of 1000 / last-modified: 1635199591"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27204
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame C14A 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35996
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41babc4b537181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame C14A 		16 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205513
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKFsoTSEklHt3LpyS3apa3aXqxJFAFHe2pbuB7IfPTXd9OIVINWlFgY1BRiBjHT46E8IoCPEISVJ4R3DoXTlJ1DHQ6DVwpbOHNUKp1JodDIp5aPqtLd94vJ33lgMeYI6vB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41babc4a88faea-DUS
async_usersync.html
acdn.adnxs.com/dmp/ Frame FE32 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIzYVEEAoYBCAEKAQw1sjeiwY4BEAESAQQ1sjeiwYYAw..; uuid2=3976595427479291674
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:48 GMT
Date
Tue, 26 Oct 2021 06:46:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A091 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIzYVEEAoYBCAEKAQw1sjeiwY4BEAESAQQ1sjeiwYYAw..; uuid2=3976595427479291674
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:48 GMT
Date
Tue, 26 Oct 2021 06:46:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8143 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIzYVEEAoYBCAEKAQw1sjeiwY4BEAESAQQ1sjeiwYYAw..; uuid2=3976595427479291674
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:48 GMT
Date
Tue, 26 Oct 2021 06:46:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2309 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIzYVEEAoYBCAEKAQw1sjeiwY4BEAESAQQ1sjeiwYYAw..; uuid2=3976595427479291674
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:48 GMT
Date
Tue, 26 Oct 2021 06:46:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/ Frame C4DC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C4DC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C8DB 		603 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223576&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805462&bpp=1&bdt=888&idt=1027&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=6996386346182&frm=8&ife=1&pv=2&ga_vid=210503027.1635230806&ga_sid=1635230806&ga_hid=809567159&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C31062525&oid=2&pvsid=2546505396439370&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.j3k40wr1ue8r&fsb=1&dtd=1032
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223576&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805462&bpp=1&bdt=888&idt=1027&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=6996386346182&frm=8&ife=1&pv=2&ga_vid=210503027.1635230806&ga_sid=1635230806&ga_hid=809567159&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=44752093%2C31062525&oid=2&pvsid=2546505396439370&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.j3k40wr1ue8r&fsb=1&dtd=1032
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:46:46 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
IDE=AHWqTUmnbIPk0Xxbd5lWkPqfqSxYu_JoV52WYua9XwsyToB5tL0VasaOxUceAKE7bwA; expires=Sun, 20-Nov-2022 06:46:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 26 Oct 2021 06:46:46 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/ Frame 7260 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7260 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CFCD 		603 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223581&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805926&bpp=1&bdt=1276&idt=580&shv=r20211020&mjsv=m202110210101&ptt=9&saldr=aa&nras=1&correlator=1544734014085&frm=8&ife=1&pv=2&ga_vid=1837983081.1635230807&ga_sid=1635230807&ga_hid=351039452&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31063261%2C31062525&oid=2&pvsid=3761144809957779&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.gtufp1rt4llv&fsb=1&dtd=599
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223581&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805926&bpp=1&bdt=1276&idt=580&shv=r20211020&mjsv=m202110210101&ptt=9&saldr=aa&nras=1&correlator=1544734014085&frm=8&ife=1&pv=2&ga_vid=1837983081.1635230807&ga_sid=1635230807&ga_hid=351039452&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31063261%2C31062525&oid=2&pvsid=3761144809957779&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.gtufp1rt4llv&fsb=1&dtd=599
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:46:46 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
IDE=AHWqTUnFdN5cjo8N6RUVtbz1ZaHLhdBmvIsa47F-CxfvOxLSJ1POw-FvK9jbni_bqYU; expires=Sun, 20-Nov-2022 06:46:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 26 Oct 2021 06:46:46 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/ Frame C14A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C14A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8E07 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223580&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805935&bpp=2&bdt=1279&idt=598&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=3102704846844&frm=8&ife=1&pv=2&ga_vid=939484896.1635230807&ga_sid=1635230807&ga_hid=1399399062&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062525%2C31063182&oid=2&pvsid=3528714001232785&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.q8th962m7ha6&fsb=1&dtd=604
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223580&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805935&bpp=2&bdt=1279&idt=598&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=3102704846844&frm=8&ife=1&pv=2&ga_vid=939484896.1635230807&ga_sid=1635230807&ga_hid=1399399062&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062525%2C31063182&oid=2&pvsid=3528714001232785&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.q8th962m7ha6&fsb=1&dtd=604
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmnbIPk0Xxbd5lWkPqfqSxYu_JoV52WYua9XwsyToB5tL0VasaOxUceAKE7bwA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:46:46 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
integrator.js
adservice.google.de/adsid/ Frame 11E4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 11E4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 03B1 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223579&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A148096%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805490&bpp=1&bdt=910&idt=1060&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=84907730175&frm=8&ife=1&pv=2&ga_vid=67234239.1635230807&ga_sid=1635230807&ga_hid=2096104949&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062937%2C31062524%2C31062931&oid=2&pvsid=507165796166891&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.lboa865wo4uz&fsb=1&dtd=1066
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223579&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A148096%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805490&bpp=1&bdt=910&idt=1060&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=84907730175&frm=8&ife=1&pv=2&ga_vid=67234239.1635230807&ga_sid=1635230807&ga_hid=2096104949&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062937%2C31062524%2C31062931&oid=2&pvsid=507165796166891&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.lboa865wo4uz&fsb=1&dtd=1066
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmnbIPk0Xxbd5lWkPqfqSxYu_JoV52WYua9XwsyToB5tL0VasaOxUceAKE7bwA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:46:46 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
pubads_impl_2021102101.js
securepubads.g.doubleclick.net/gpt/ Frame 7893 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122596
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
integrator.js
adservice.google.de/adsid/ Frame 9940 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9940 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FA33 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223582&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805531&bpp=3&bdt=927&idt=1036&shv=r20211020&mjsv=m202110210101&ptt=9&saldr=aa&nras=1&correlator=5287322814176&frm=8&ife=1&pv=2&ga_vid=619093451.1635230807&ga_sid=1635230807&ga_hid=219653584&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062937%2C31063261&oid=2&pvsid=1063323530164287&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.2isqynhavrkz&fsb=1&dtd=1040
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223582&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805531&bpp=3&bdt=927&idt=1036&shv=r20211020&mjsv=m202110210101&ptt=9&saldr=aa&nras=1&correlator=5287322814176&frm=8&ife=1&pv=2&ga_vid=619093451.1635230807&ga_sid=1635230807&ga_hid=219653584&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062937%2C31063261&oid=2&pvsid=1063323530164287&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.2isqynhavrkz&fsb=1&dtd=1040
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnFdN5cjo8N6RUVtbz1ZaHLhdBmvIsa47F-CxfvOxLSJ1POw-FvK9jbni_bqYU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:46:46 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 1541 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:46 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b120ab29-bfd5-4719-9df2-2026ded4736b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl_2021102101.js
securepubads.g.doubleclick.net/gpt/ Frame 9C7C 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122596
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 08:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 11E4 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e6b96fb9f35d81136afe0e19327c54a84adf30b48fad7c5ee9d910662c59fa30
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:46 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f2955f15-4d63-4abb-8293-ccda57060d39
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 11E4 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=507165796166891&correlator=2995610026768378&output=ldjh&impl=fif&eid=31063082%2C31063262%2C31062524%2C31062931&vrg=2021102001&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230806&dt=1635230806611&dlt=1635230804581&idt=2008&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=7t6t6roiuay3&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=67234239.1635230807&ga_sid=1635230807&ga_hid=2096104949&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c294981d52e77b4f57540d3cb6102146c37f100932605283af8feda953138a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10406
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7933 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ Frame C4DC 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
938ec77d8622c766bd53998877ba6826b9420ba614d7f9b95fd888e98c99edfa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:46 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
eb270bfd-d1d6-4eba-a798-681949df9ce5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C4DC 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2546505396439370&correlator=2818338748514276&output=ldjh&impl=fif&eid=31063213%2C31063272%2C44742768%2C31062525&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230806&dt=1635230806642&dlt=1635230804574&idt=2050&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=uigpkripbbvx&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=210503027.1635230806&ga_sid=1635230806&ga_hid=809567159&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8a04e75aa24f06678db6430dc7cd3008236db0553ba6d69bd0f9e365cdb84111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10178
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E6F9 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ Frame 8EA1 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
396cdddcf926c2ac943117991f190e50741a31d18f63de44b3234018d5a4c237
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:46 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c8ffd27c-be2f-4ec6-91e7-70f47e26469e
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 8EA1 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3355200543626438&correlator=2141582133060713&output=ldjh&impl=fif&eid=31063136%2C31063272%2C31062526%2C31063140&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230806&dt=1635230806665&dlt=1635230804566&idt=2089&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=ni0ow58rwl&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1341641798.1635230806&ga_sid=1635230806&ga_hid=276536048&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
31e4ae2c47a3d43e38baf5f07a5f27cdcc36c3f85c5d3ee31931979d6f0d875d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10475
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 071E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
integrator.js
adservice.google.de/adsid/ Frame BAB5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BAB5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 717A 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223587&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805697&bpp=1&bdt=1054&idt=977&shv=r20211020&mjsv=m202110210101&ptt=9&saldr=aa&nras=1&correlator=973025186595&frm=8&ife=1&pv=2&ga_vid=1035855769.1635230807&ga_sid=1635230807&ga_hid=582278695&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31063261%2C21065725%2C31062526%2C44748552&oid=2&pvsid=556060901943839&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.fy07vsj8nfkk&fsb=1&dtd=983
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223587&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230805697&bpp=1&bdt=1054&idt=977&shv=r20211020&mjsv=m202110210101&ptt=9&saldr=aa&nras=1&correlator=973025186595&frm=8&ife=1&pv=2&ga_vid=1035855769.1635230807&ga_sid=1635230807&ga_hid=582278695&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31063261%2C21065725%2C31062526%2C44748552&oid=2&pvsid=556060901943839&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.fy07vsj8nfkk&fsb=1&dtd=983
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnFdN5cjo8N6RUVtbz1ZaHLhdBmvIsa47F-CxfvOxLSJ1POw-FvK9jbni_bqYU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:46:46 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame E8A7 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:46 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
570d80f0-06d2-42f4-80cd-94675d664e78
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 70AD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIzYVEEAoYBCAEKAQw1sjeiwY4BEAESAQQ1sjeiwYYAw..; uuid2=3976595427479291674
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:48 GMT
Date
Tue, 26 Oct 2021 06:46:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 646F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
icu=ChgIzYVEEAoYBCAEKAQw1sjeiwY4BEAESAQQ1sjeiwYYAw..; uuid2=3976595427479291674
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:48 GMT
Date
Tue, 26 Oct 2021 06:46:46 GMT
Connection
keep-alive
Vary
Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame 2E73 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c7228e8c18366eb7a1a9fe2d4ec1406b40223f30ddc1de468b32237bf326e0f1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:46 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5e0b1c17-e86e-4ae6-9238-84c5077e065f
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl_2021101901.js
securepubads.g.doubleclick.net/gpt/ Frame 7260 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125444
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
pubads_impl_2021101901.js
securepubads.g.doubleclick.net/gpt/ Frame C14A 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125444
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
async_usersync
ib.adnxs.com/ Frame 63E9 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:46 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f2ce213e-3fa4-4b73-86e7-6739b5b71b2d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9940 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c4d7add0cab9dd1ba2dc9bc31591e9f7f1f1df9eff3a34ff1ffbf0b03359c6ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4c4923bf-7bd3-4458-860c-3daa57d738ad
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 9940 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1063323530164287&correlator=134423085400524&output=ldjh&impl=fif&eid=31063136%2C31063272%2C21068030%2C21068766&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230806&dt=1635230806790&dlt=1635230804605&idt=2176&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=k27z98h3olyp&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=619093451.1635230807&ga_sid=1635230807&ga_hid=219653584&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
2bee9a925452c1f4713bbf9b0e20a7b38f5bda0688a7251d40a7e521fd28f941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10761
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B08 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 9E62 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:46 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d4a98fe2-87cf-46b1-a84f-14e976979dc7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame ACD6 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
c92ef7f4dee726ce16783eb291e298ebd77f5ffe00ddfbc3b82427600512f50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1024 / 698 of 1000 / last-modified: 1635199642"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27198
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:46 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame ACD6 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35996
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41babe8eeb7181-DUS
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ Frame ACD6 		16 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.40.190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2205513
x-host
adinplay-2
content-length
16
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"5ac4f9a5-10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aS4A0f5ngvVwB666p4m6rUWOiAUlWU8ixzjckMl%2FBPJgPDBgRmzY9N%2BlpQRj3rLbcITDJsEliSBzcs9Ra9rlX%2Ff7lPs70HRTfUC02kn5ckidi1z1TSSKe3joWdRVPmdNCsY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6a41babe9c77faea-DUS
prebid
ib.adnxs.com/ut/v3/ Frame ACD6 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
15ed1dacbda492eb508ced36d2a0b0f7ba0c0ada7990e564b38e60fc16a852ae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:46 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e8090005-ffa9-4dc7-a196-2de380608237
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame BAB5 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ceb0e23a140ca8d615cccb1abdbc2bdad2ec66f96ad2ab32ba73aa981e560c67
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6d6fb2aa-be7c-4356-80b6-550b8ef91c2f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame BAB5 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=556060901943839&correlator=2514713291760367&output=ldjh&impl=fif&eid=31063263%2C21068110%2C21065725%2C31062526%2C44748552&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230806&dt=1635230806861&dlt=1635230804643&idt=2200&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=nrykcl6g968a&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1035855769.1635230807&ga_sid=1635230807&ga_hid=582278695&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
3c5e218316fa5c99201e30bdfe9c3e5044a45dcb060e14fa12d026a48a53d740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11534
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ADD0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame ACD6 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211026
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
35996
x-jsd-version
1.0.1141
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69c-IbAjCTPPADJ70cCO1b/fgs4OmD0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a41babf681a7181-DUS
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ Frame ACD6 		270 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99003
x-xss-protection
0
server
cafe
etag
2748601908783812869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 06:46:46 GMT
container.html
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1EE1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DAE0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame FE32 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
00c3b971-079e-4ccc-8090-df06c63cb54e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A091 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1bbd2612-6f56-4567-b453-0b758d6e4f99
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8143 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ef4cd4c4-538a-4c94-bd3d-75b5bb74ac38
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 2E73 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2E73 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2E73 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2261141832269456&correlator=3267448752367882&output=ldjh&impl=fif&eid=31063135%2C31063254%2C31062525%2C31062663%2C31063183&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26FC%3D1%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230807&dt=1635230807052&dlt=1635230804559&idt=2474&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=9aksqrevj2yy&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=75252885.1635230806&ga_sid=1635230806&ga_hid=672280154&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e1f3df0344bff995d8fac523f87240b8a08e8675925438d3f3ef785e414141cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10376
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F84 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 2309 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a4e0ad47-318e-4e07-be7e-07042a327189
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F72C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0BE9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYBiAGKAYw1sjeiwY4BkAGSAYQ1sjeiwYYBQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:49 GMT
Date
Tue, 26 Oct 2021 06:46:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame 7893 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
45fde59e6c3998939e2171898db21d8af9c7cdfd260bc38722595efffaca032c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3781aabc-d61c-4cea-a1bb-f3854453dd36
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 7893 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7893 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7893 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2143231000418624&correlator=4230062483369195&output=ldjh&impl=fif&eid=31063272&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230807&dt=1635230807109&dlt=1635230804611&idt=2489&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=2elmy55f0sq6&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=901358038.1635230806&ga_sid=1635230806&ga_hid=1652268948&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0d49a0aaa894d807789c575f995630a47178c2ffc42a02429356a3ced3a73b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10404
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 48C4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ Frame 9C7C 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9614f6a4d52eaa5bed3bf717516848ef92fb3dadc5290a3135d33cf13a596156
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fe5933c9-de32-4cc5-91ee-f50645d5fcc1
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 9C7C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9C7C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9C7C 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2094331154805026&correlator=290537149559525&output=ldjh&impl=fif&eid=31063136%2C31063214%2C31063263%2C31062524%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230807&dt=1635230807144&dlt=1635230804634&idt=2485&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=212t0ckpslhx&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1399544675.1635230806&ga_sid=1635230806&ga_hid=135499769&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
07f8f576c1548b90cfe75b37d60529274db1e2fa24158c2ebd7984945b66e70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10321
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B8B8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8901 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYBiAGKAYw1sjeiwY4BkAGSAYQ1sjeiwYYBQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:49 GMT
Date
Tue, 26 Oct 2021 06:46:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
pubads_impl_2021102001.js
securepubads.g.doubleclick.net/gpt/ Frame ACD6 		357 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
b9919de95c42a17aa0277a1552e81c7940256876aec0a5f8332066e339fede92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
122914
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Oct 2021 06:46:47 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4D1E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYBiAGKAYw18jeiwY4BkAGSAYQ18jeiwYYBQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:49 GMT
Date
Tue, 26 Oct 2021 06:46:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
container.html
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3C16 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 70AD 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a47d5bd3-2470-4394-a031-4fbb08888df3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 646F 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0cc7c840-bb20-46ba-b712-28e8abaaf969
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3729 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame E07A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYBiAGKAYw18jeiwY4BkAGSAYQ18jeiwYYBQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:49 GMT
Date
Tue, 26 Oct 2021 06:46:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7534 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYBiAGKAYw18jeiwY4BkAGSAYQ18jeiwYYBQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:49 GMT
Date
Tue, 26 Oct 2021 06:46:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C53E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYByAHKAcw18jeiwY4B0AHSAcQ18jeiwYYBg..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:49 GMT
Date
Tue, 26 Oct 2021 06:46:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame C14A 		19 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f1574cd3fb6f72dc56d5486ada7e7452397d5fa6410139fd04dcfc7210a63b55
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f9638d73-0403-404d-afef-436b1f2b7f0d
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame C14A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C14A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C14A 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3528714001232785&correlator=3220500911508796&output=ldjh&impl=fif&eid=31063136%2C31062525%2C31063182&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230807&dt=1635230807362&dlt=1635230804657&idt=2682&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=upezao7vdz4y&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=939484896.1635230807&ga_sid=1635230807&ga_hid=1399399062&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
96e7caa17c222a2ae2c3c02399c69e3017120cbf77f389d4e78b7142c062a985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9634
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5617 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ Frame 7260 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a905ccf5e6206eef0947abb5e92845a131418a008ec427eab88c8657d41886df
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e14f2bef-b5fb-4879-946b-0e19566d8d8a
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 7260 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7260 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7260 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3761144809957779&correlator=1025054788405212&output=ldjh&impl=fif&eid=31063254%2C31062525&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230807&dt=1635230807388&dlt=1635230804650&idt=2724&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=53xw8gmgxbob&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1837983081.1635230807&ga_sid=1635230807&ga_hid=351039452&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9b81223c9ae18f233d049b6653984c1a40d37574ffb18f3093faed9f89de3dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10162
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FC39 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A465 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DDF9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1021 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYByAHKAcw18jeiwY4B0AHSAcQ18jeiwYYBg..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:49 GMT
Date
Tue, 26 Oct 2021 06:46:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
container.html
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CAE3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
adview
securepubads.g.doubleclick.net/pagead/ Frame 1EE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVEWXVqR3YazQKP2i7_UP2vSh4AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBN8BT9CCV7OsUuoUoWL2L4fKmW6jLeLtVXfhLg6edSq2O2z6SVe7JnzZNoIy-e81dDKF4fzy6FBQ5a2dwFPtaLGwAkTUUQDq0pBYkKGQBDg4z7U-SgUdYnmbiaw36ubW1_fKzmX-lVxRZn7_g7B8VZi70fZLrTKH8gpAP9_CV3G2noBP8HbihRnfvsSzRawT5o6Ph9__keFLYuacpKKjZSSWhKi4ih3eY0v0-E4hgVYUP76EXtZvpJZ2Jd5r_RJ8Yvnw7_04HP6msQIC6rV7o6JZ_0O__edqqdJG_zH9f1Nw3OAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODiACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzI4MjU0NzExNDgwMDM0NxiQ_RI&sigh=IIMGg6jRAao&uach_m=[UACH]&cid=CAQSKQCNIrLMR7MwqASCz3Yx6DICaW2BxjJ5q5bP5wwAd7el8ajd9S5B4lPJGAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 1EE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1ja43ms7006dkm4jebwdqf45zms1hcv0daqbh3y7gmkq53e8skk861d9je6bvsbk9v65hsqqgdpq0mayk0mpyatck4pq9sj70bqev1rjgqt5sqc78f1s19adxmr388jknx2dnes0k7knmddjeh5cx0a1ke0htqjw29eef6y3m6jap5mmt7dh17vye30a0md1npgfr9g2t5v4hg0z9t2ebemq01nq0myarvf5272h7em4fvxwwztqk2v95bfh99bdzx3bybvq0derxaqhdxpvsn6fa1kfa426jrbna2p9b1mrwe13094d5jtz0q7c4qzznz31t8grxw32qc775dv3n915rmj42vq4vy9vahbh289sbpy1gk3sq7z4fcfn9de2hmxz5zp3hde1yfs3&b=YXekVgAKKCwIu9F9AAh6Wtpk4t9YSK_ToMTLJA
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 0A8D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jz13zh2xcmjryz5qmm1dwkxzb7e6ca1n6xjk78w134dyet66vg33ygv4yyq3e1ar7bsfqzgpjr3b7m0xw9ge8bjdzr1at434tyz1ckv27ar2yjs7s6z1gn2e2rmzzfvsqy4f2m6w0bvrgn07mmar683d29pvp5rnw4k003tm65nsm3w0hwvnrd084hvwjhf3tvhthhnak3zg6pweqzgccz0pdqtm20ksnk4qc732enzka7avyrq9y0hkqjmndwd7789nshva3dnyjrsarcvrs485xqmx9j38wpwee20w734vfd3r4kr4nyz6nexh0340b7cmzpcpgyhaamdwces1j7z655mxx3c71gd45cndk1j72hjp355ak99zj0n6dpt959csvrsje2v4wj4xw1vcr2ytztk2sp67bxp6yh5zjjradp564ka2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqGAOVqR3YazQKP2i7_UP2vSh4AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9CCV7OsUuoUoWL2L4fKmW6jLeLtVXfhLg6edSq2O2z6SVe7JnzZNoIy-e81dDKF4fzy6FBQ5a2dwFPtaLGwAkTUUQDq0pBYkKGQBDg4z7U-SgUdYnmbiaw36ubW1_fKzmX-lVxRZn7_g7B8VZi70fZLrTKH8gpAP9_CV3G2noBP8HbihRnfvsSzRawT5o6Ph9__keFLYuacpKKjZSSWhKi4ih3eY0v0-E4hgVYUP76EXtZvpJZ2Jd5r_RJ8Yvnw7_04HP6msQIC6rV7o-Bb8tFoKGAqYVUOaeu07aFJyISqSeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3z0_L-gk-2TBChM9Zv4oQxkqGCjA%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8517df26f4879185698dfce061af13f661f021721108590a3e3a68f234fcc3fe
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1jz13zh2xcmjryz5qmm1dwkxzb7e6ca1n6xjk78w134dyet66vg33ygv4yyq3e1ar7bsfqzgpjr3b7m0xw9ge8bjdzr1at434tyz1ckv27ar2yjs7s6z1gn2e2rmzzfvsqy4f2m6w0bvrgn07mmar683d29pvp5rnw4k003tm65nsm3w0hwvnrd084hvwjhf3tvhthhnak3zg6pweqzgccz0pdqtm20ksnk4qc732enzka7avyrq9y0hkqjmndwd7789nshva3dnyjrsarcvrs485xqmx9j38wpwee20w734vfd3r4kr4nyz6nexh0340b7cmzpcpgyhaamdwces1j7z655mxx3c71gd45cndk1j72hjp355ak99zj0n6dpt959csvrsje2v4wj4xw1vcr2ytztk2sp67bxp6yh5zjjradp564ka2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqGAOVqR3YazQKP2i7_UP2vSh4AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9CCV7OsUuoUoWL2L4fKmW6jLeLtVXfhLg6edSq2O2z6SVe7JnzZNoIy-e81dDKF4fzy6FBQ5a2dwFPtaLGwAkTUUQDq0pBYkKGQBDg4z7U-SgUdYnmbiaw36ubW1_fKzmX-lVxRZn7_g7B8VZi70fZLrTKH8gpAP9_CV3G2noBP8HbihRnfvsSzRawT5o6Ph9__keFLYuacpKKjZSSWhKi4ih3eY0v0-E4hgVYUP76EXtZvpJZ2Jd5r_RJ8Yvnw7_04HP6msQIC6rV7o-Bb8tFoKGAqYVUOaeu07aFJyISqSeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3z0_L-gk-2TBChM9Zv4oQxkqGCjA%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bac36b7d4c98-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 1EE1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BFFC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44406
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 1EE1 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame 1EE1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFtFH8KwzNLD_A-tilkizxlb66br5P8utAI8xoiBflTAEdX6spikBEup_N1vVilvezPNWojZ8pb_q9aVMdrElAkpRAYw
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1EE1 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1EE1 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:47 GMT
integrator.js
adservice.google.de/adsid/ Frame ACD6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame ACD6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 880B 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223583&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230806953&bpp=1&bdt=2167&idt=585&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=5831082390859&frm=8&ife=1&pv=2&ga_vid=897778963.1635230808&ga_sid=1635230808&ga_hid=1029041341&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062422%2C31062525&oid=2&pvsid=3264558835570243&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.ebhvylb4scx7&fsb=1&dtd=592
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3436491155956402&output=html&adk=3046330955&adf=3748223583&plat=1%3A147968%2C2%3A147968%2C3%3A32%2C4%3A32%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635230806953&bpp=1&bdt=2167&idt=585&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&nras=1&correlator=5831082390859&frm=8&ife=1&pv=2&ga_vid=897778963.1635230808&ga_sid=1635230808&ga_hid=1029041341&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1638611162&scr_x=-12245933&scr_y=-12245933&eid=31062422%2C31062525&oid=2&pvsid=3264558835570243&pem=550&top=https%3A%2F%2Fpinoytambayansteleserye.su&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.ebhvylb4scx7&fsb=1&dtd=592
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnFdN5cjo8N6RUVtbz1ZaHLhdBmvIsa47F-CxfvOxLSJ1POw-FvK9jbni_bqYU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Oct 2021 06:46:47 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
adview
securepubads.g.doubleclick.net/pagead/ Frame DAE0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C80-nVqR3YdSqKsGVrAS6ram4Canui-JknZmbuP8IwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDfIAQmpAidaX-tl8Xs-4AIAqAMBqgTgAU_Q76li_liNZdeKrZmHyJrX_ea5yCZA5LnbaRN_R-rIlk5skT3loXTeVX4eEGc2w7XnDpRVwq3IYtZsEb7E0h3Ri6psGmefErbTexCNsCfHkkAm6duKbCsGluUDSKdGUP91VvoVOSYdVr6J54UaeWvNuLaoGNJxOWJ-HuIRd_HXjcwHjBmutqnSIKS4RwG35jg9M0IC5QsrS7It5T4BCd82LfxwSdhD97hs4MZ9bZ5LPcgF8FfGY5ijSgJfjFHrQtRxK1h8TcaTOlAyAbsCTRmsyJZckvIBEL8QYuiJ1tue4AQBgAaqocajpIb08yOgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMjgyNTQ3MTE0ODAwMzQ3GJD9Eg&sigh=q5NAJIw05x0&uach_m=[UACH]&cid=CAQSKQCNIrLMhrrCcJowglxEFhjWyS_0Qrl7Ay3aNMMI-blhKuNtN3VYqAPaGAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame DAE0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DC38 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44406
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame DAE0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame DAE0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQleYvrHAEA3stJo1AB0f-VGn0nWOIpV2MGDUH5kw0Mzh-XdoxpN1oi78eT0dv4EDLFKFrYhRubEmHplGvPrLFJrnr8Lg
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DAE0 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DAE0 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:47 GMT
163334328714.05.jpg
cdn.theadx.com/winwords/671/56510/ Frame DAE0 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.theadx.com/winwords/671/56510/163334328714.05.jpg
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.186.14.221 -, , ASN (),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
43c8b22454fed63fab8f8b06a78f6c73cf1c25189fbbff27506f758d85191e8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
last-modified
Mon, 04 Oct 2021 10:28:05 GMT
server
nginx/1.12.2
etag
"615ad735-1b951"
content-type
image/jpeg
expires
Tue, 02 Nov 2021 06:46:47 GMT
cache-control
max-age=604800
accept-ranges
bytes
content-length
112977
x-proxy-cache
HIT
ixc
app.theadx.com/ Frame DAE0 		35 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.theadx.com/ixc?rid=7d2548f0-3628-11ec-9052-470924820934&time=1635230806784&sp=YXekVgAKlVQKiwrBAApWutKkwDf0RnmJM4BQLQ
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.207.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 06:46:47 GMT
Cache-Control
no-store, no-cache
X-XSS-Protection
1; mode=block
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame F72C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVys4VqR3YdbhK8vlgAfprqr4CpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE3wFP0JJkxZNEEF01oxKY9ORRd-HvIGJnLmA7VBrS55eDJZ1HZj1mxgThz-eZ-BH2k8dBk9_4oOK1HlPH_DLhX8E0Okb2P9ijH-bwe4hZQ05DygYh_-x9vT1lc8xqTS02cj39R5afAFTTox5LpFX7j2hWmkLwN69EEkRrjsda8oHcbJnNjQL_L7bxke-krz6chJ0-Y4nF5tkp8TAmfdp47zGrz1COqW0APka9uUH2j9ofKN10d5dTkp2EycRAg3mrzeaT6TOQcrq_G90XDqhb9_ag-f7yNpGQSHv2p9J1x1i84AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMjgyNTQ3MTE0ODAwMzQ3GJD9Eg&sigh=Ab4M_xdwzjs&uach_m=[UACH]&cid=CAQSKQCNIrLM8uI3nObi7bc0a0cIG3bgR1XIIuzuRKol8vrhOl4A6-khM2XvGAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame F72C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gr84h5v497r4yqb3bf8k4rpngq2h7gke4776wnqr7v6gjmhwhnfpv3bft4mvw3nbtyg7m29cp8fvzex8s1fa9p2vn98mj68pe60p47er7vaya7me2sqgs58jfxeqgkqbcsvd9gkqc1akn3k6vkn7v49mpbjzc9y513ws3kg7ees94njbcp6mnsz9p1g566n60fnevw94jcf4t9530j08zp06t53gfdtjjsj4xq850fx9rgczgd4ntxhkfpsgmfcjct8df8vy7gch2yt0atb6txrg9vj0px6y1sk6q37x6je2rg4v598j484vsr2s08nb5a389ee3dy1r5fxdb6txg7jx2z0r19sj3sp8w1c803n8tpnxx6hrt0880ya8a77d6bvqcyw3343swnt&b=YXekVgAK8NYK4DLLAAqXaWLZrCauUdTjmOVGwg
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame FCB7 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kqy7fz016egpbe9p2bk0fnzrjt65pyncnqmx4ey9rs0jck0eaavrrk58m0kekrth2gae6vta9n26tbkqgdh3mz2wr3jvqtsnaadv576ctv23n60mk1t9tr3y7hwrjr3mktzjnaqb74aejet6s9e5zphbhy32btet910fdpyxwpwkzd7c5vfesp48mwk1y7e319ab5fw9ejkjbaye1466q61kghqrhhkwf0wj2y512b0efw959yf56vynths2ve92zdngv20ehshes7t440b4d9d9ff8jsg9j4bz6396ytpkgnbekhnsh7xhj4en8cc3nafenz0n2bcwkbcw47gw87w80a0t7z5z485q5gxxsqbf0ehfv9gymy99hkv5975w5vsp508h8xt4cg7ay3cqhq89bxegryfapjmetqzxwxjf8kfnyy0kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy9zhVqR3YdbhK8vlgAfprqr4CpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0JJkxZNEEF01oxKY9ORRd-HvIGJnLmA7VBrS55eDJZ1HZj1mxgThz-eZ-BH2k8dBk9_4oOK1HlPH_DLhX8E0Okb2P9ijH-bwe4hZQ05DygYh_-x9vT1lc8xqTS02cj39R5afAFTTox5LpFX7j2hWmkLwN69EEkRrjsda8oHcbJnNjQL_L7bxke-krz6chJ0-Y4nF5tkp8TAmfdp47zGrz1COqW0APka9uUH2j9ofKN10d5dTkp2EycRAg3mrzeaT6TOQcrq_G90XDqhbtfStayknsdFYzzNgfZvnNWGoE2fB4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qq-pJMyRY3iK7ImfZoIkDdbeqJQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4685064dc487036d5f1604383df79768b73090e1d9d5a6d26a41c55b645c006f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1kqy7fz016egpbe9p2bk0fnzrjt65pyncnqmx4ey9rs0jck0eaavrrk58m0kekrth2gae6vta9n26tbkqgdh3mz2wr3jvqtsnaadv576ctv23n60mk1t9tr3y7hwrjr3mktzjnaqb74aejet6s9e5zphbhy32btet910fdpyxwpwkzd7c5vfesp48mwk1y7e319ab5fw9ejkjbaye1466q61kghqrhhkwf0wj2y512b0efw959yf56vynths2ve92zdngv20ehshes7t440b4d9d9ff8jsg9j4bz6396ytpkgnbekhnsh7xhj4en8cc3nafenz0n2bcwkbcw47gw87w80a0t7z5z485q5gxxsqbf0ehfv9gymy99hkv5975w5vsp508h8xt4cg7ay3cqhq89bxegryfapjmetqzxwxjf8kfnyy0kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy9zhVqR3YdbhK8vlgAfprqr4CpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0JJkxZNEEF01oxKY9ORRd-HvIGJnLmA7VBrS55eDJZ1HZj1mxgThz-eZ-BH2k8dBk9_4oOK1HlPH_DLhX8E0Okb2P9ijH-bwe4hZQ05DygYh_-x9vT1lc8xqTS02cj39R5afAFTTox5LpFX7j2hWmkLwN69EEkRrjsda8oHcbJnNjQL_L7bxke-krz6chJ0-Y4nF5tkp8TAmfdp47zGrz1COqW0APka9uUH2j9ofKN10d5dTkp2EycRAg3mrzeaT6TOQcrq_G90XDqhbtfStayknsdFYzzNgfZvnNWGoE2fB4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qq-pJMyRY3iK7ImfZoIkDdbeqJQ%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bac37ba64c98-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F72C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ACB5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44406
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame F72C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F72C 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F72C 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:47 GMT
prebid
ib.adnxs.com/ut/v3/ Frame ACD6 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
8aa724b4e1fee16d0907d9e600270c6d2c5b92b92fee9dfa86739427bb41145b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sorrelma.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Oct 2021 06:46:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
74edffb9-b327-4ec3-bb87-d4132af865e4
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sorrelma.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame ACD6 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3264558835570243&correlator=4288053218134207&output=ldjh&impl=fif&eid=31063082%2C31063213%2C31063262%2C31062525&vrg=2021102001&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=GS%3DYes%26OS%3DOther&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230807&dt=1635230807597&dlt=1635230804787&idt=2802&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=ntyaq8yaj148&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=897778963.1635230808&ga_sid=1635230808&ga_hid=1029041341&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
1f2a124b772e2d03edc7e430eeb89c6cdceb6c9a07f67790ffd179eeb01aa651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10946
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 085C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 0BE9 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
12e5dd85-8a22-407f-9d05-0f09a0b937d0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1190 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYCCAIKAgw18jeiwY4CEAISAgQ18jeiwYYBw..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:49 GMT
Date
Tue, 26 Oct 2021 06:46:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 4D1E 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fef8d26c-a672-4ccd-84fd-1ad7491e6e7d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1541 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c5256f30-b0a9-4709-9b20-0ddf46ef721c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame FC48 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYCCAIKAgw18jeiwY4CEAISAgQ18jeiwYYBw..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:49 GMT
Date
Tue, 26 Oct 2021 06:46:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 8901 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
cd377c9f-87c6-4539-a723-6dd744b829f0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3C16 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CE4keVqR3Yb-hM82rgQfRlJ7oC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE3wFP0Bm66OrP0VW8XsoFKpIu2ax3Oob-Kga1dp6pMe-mEiQHMHY9vj-os_oVtdN5n6VOscqA5gC18iLjFWAAiusKHGV_Go_nfI1zAaQcQHmiY0HYEOdcUkW8e0wgutj4XIwNmPdMzs6Wj3O_t287EMiMK1zg34cAOOAblXaewVh6XjK1W7Qa9zi4d6yBbxrpf6f0M92uO-e9xeXW1_Px178VtJ0gBAl95apLXYevFGL6ziTNPRh0qxKvUQNnzInkavdm_xs-yRQxllqXFUYUBBck2VP5G0FO2jov9DWSvK294AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMjgyNTQ3MTE0ODAwMzQ3GJD9Eg&sigh=nOAZIMamcME&uach_m=[UACH]&cid=CAQSKQCNIrLMbG85qOCVBhSdzXxr1xwQz_GBzlcvthmL1pK4HXxOg-DYB0u3GAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 3C16 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jkygd65307dmysawvf2zdzhjqmyq9chg9xgmk3bw8971g87ge7atxk17ngb2npwfbgp0br27j2kscnqep7t75yg1hxt1837avnnv799ywxde6qs0rdbv440602ys5sabe4q67r77hwntmx2fsvgcy0y8vg0m67c0xd4ch45m46v7aq18vmkw5wyka37ebggwve76v8ygvscy0b2eah0nf2fjkk0fsagc9rx8ry76es4gfgwt4k30zskrfyy6s0rr8y5xqvpkr7bkt6m8qgfx7prh1drvykngfyjmnvfm3vyzt9y5szkrxngs6qsks5jdeyz3t44jnykwngyy0wjmb0hgrh26r4d6j2m4q4b6grmhk04ypecqwt1hatrzkn72ae92337beer9d1p&b=YXekVgAM0L8K4FXNAAeKUS60dssi8rE9rTyqAQ
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 3436 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1k10vft8hdq14q9wkn98gcb4kjsh91vxprp87farzaayqhwkd806mgvan2j3q4mtzr9zvtrvv3qd2q1btjkz9wzyp9fwmwyztbegaqmkxcnnvx6a0n5xchztprq5b0sdzbdqfbda7bhchx9v9nkmhabrrrg2cnn0f44v4q8mfdztrtbz59019q8kst4ndncyaya96q5c53ztwxmkjhz6c67gp2bwbmzp84ez2rc138nekxn205b4kae2dk3e9ctwfazbcnw2zm50b38rwg0n1cey659ffaw8hxxpaq2fme2y64wr5yteysn74sstzdkdgtkwaegrfg0sj2fhdc2jhy5j4brvm4c12vvmrq988xcz5x7qrh2tz9kncv6fc0k25rg6k76wqxmkfe016jd2nm7wcwa7y07qwnk1qvr3tpynbc8fde2vr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2O_MVqR3Yb-hM82rgQfRlJ7oC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Bm66OrP0VW8XsoFKpIu2ax3Oob-Kga1dp6pMe-mEiQHMHY9vj-os_oVtdN5n6VOscqA5gC18iLjFWAAiusKHGV_Go_nfI1zAaQcQHmiY0HYEOdcUkW8e0wgutj4XIwNmPdMzs6Wj3O_t287EMiMK1zg34cAOOAblXaewVh6XjK1W7Qa9zi4d6yBbxrpf6f0M92uO-e9xeXW1_Px178VtJ0gBAl95apLXYevFGL6ziTNPRh0qxKvUQNnzInkavdm_xs-yRQxllqXFUYURhUpS4QsnAGGXXK5LnwATpSpkQ0H4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2CAula5xu4Iz4iCJtvBT2uo80Z0Q%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7957b0f9e5b5b44db55a2ba885dfceeddfae3655eaa533c09058424fab3feda7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1k10vft8hdq14q9wkn98gcb4kjsh91vxprp87farzaayqhwkd806mgvan2j3q4mtzr9zvtrvv3qd2q1btjkz9wzyp9fwmwyztbegaqmkxcnnvx6a0n5xchztprq5b0sdzbdqfbda7bhchx9v9nkmhabrrrg2cnn0f44v4q8mfdztrtbz59019q8kst4ndncyaya96q5c53ztwxmkjhz6c67gp2bwbmzp84ez2rc138nekxn205b4kae2dk3e9ctwfazbcnw2zm50b38rwg0n1cey659ffaw8hxxpaq2fme2y64wr5yteysn74sstzdkdgtkwaegrfg0sj2fhdc2jhy5j4brvm4c12vvmrq988xcz5x7qrh2tz9kncv6fc0k25rg6k76wqxmkfe016jd2nm7wcwa7y07qwnk1qvr3tpynbc8fde2vr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2O_MVqR3Yb-hM82rgQfRlJ7oC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Bm66OrP0VW8XsoFKpIu2ax3Oob-Kga1dp6pMe-mEiQHMHY9vj-os_oVtdN5n6VOscqA5gC18iLjFWAAiusKHGV_Go_nfI1zAaQcQHmiY0HYEOdcUkW8e0wgutj4XIwNmPdMzs6Wj3O_t287EMiMK1zg34cAOOAblXaewVh6XjK1W7Qa9zi4d6yBbxrpf6f0M92uO-e9xeXW1_Px178VtJ0gBAl95apLXYevFGL6ziTNPRh0qxKvUQNnzInkavdm_xs-yRQxllqXFUYURhUpS4QsnAGGXXK5LnwATpSpkQ0H4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2CAula5xu4Iz4iCJtvBT2uo80Z0Q%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bac41bd8426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 3C16 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 41EC 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44406
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 3C16 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame 3C16 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyjYbdsV_XTwGUKBdLAmHWvaPmetYnr9O-t_6HlO5PGc15bxknXuuCQ0B21y56CpGjGTXKE3sUNBZmDbgSiPN1_kTaNg
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3C16 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3C16 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:47 GMT
dr
as.ad4m.at/ad/ Frame 75F6 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kgd5ar9t1qfq84satfrhzx0ztw8gkg8rx6j1hz043ykb0xjndnfv341c2qqsbcadhexr7dgaqbmq057tz116a04znkg66cq7b9570efm2da5hezzjmq2d3kwxhhw91d19tj7e4qnbpftgydd8g7wzzsavcaq1ee6hz94t2e626r1vys8zex7me7jz7hh86spgrb4er7r7c39ez31ekp7cd40f6eewtnjf1q39b0nw87m8nasj2725srhd9apdvbp61a3b87vf7sbz70jkx6bez84ada5swgyx3v8ecmzf3tvfj19sjpsg7rhwncqfbv920sgj94m6nvc6h0w7njzwdfsezknn1x256w4v2mcrn437dq9jzqsjgftkwyc8wbcpemkp4xvjrnwdc3rh87q6f4wh7pwkh8z348c3wkg6f27ccjz94gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDkpdVqR3Yeb2N-rO7_UP67qk6ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CLz3T7jhPROwYIB7xf7mWZbEokXOXH9mDRNKfJQbr8-CSq9qzWVgiOIEjefdBxLOVFPyYAy437YSJqQ4sMCAchNs-sAYPQXpBdLZzkBZOJ2pi2nJZ95z-ad6S28gp-614MbhF-MIXbUY8HIPAjcm1xCNCAoTlAK8ts9rj3qArp4fIHqjJ0AS-BB2DNp9SqfNRlRs26Nmaxn0-70QDjdkFCzBBWNAKEdAw2-nWZ1_qhtQXiR4DlHdu-GrUoZ9hyL_qcGRFQYg71deTuudh_4MTpJR7W1Vz80lrQwguhg-DQheAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vS1U8fFm0SOXJ4NQjQ3eauC1jpQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c5bc6576b8ef55896b5eb8fcbafb1b6beaa00e33331db90bc56a93c4a0fed94
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1kgd5ar9t1qfq84satfrhzx0ztw8gkg8rx6j1hz043ykb0xjndnfv341c2qqsbcadhexr7dgaqbmq057tz116a04znkg66cq7b9570efm2da5hezzjmq2d3kwxhhw91d19tj7e4qnbpftgydd8g7wzzsavcaq1ee6hz94t2e626r1vys8zex7me7jz7hh86spgrb4er7r7c39ez31ekp7cd40f6eewtnjf1q39b0nw87m8nasj2725srhd9apdvbp61a3b87vf7sbz70jkx6bez84ada5swgyx3v8ecmzf3tvfj19sjpsg7rhwncqfbv920sgj94m6nvc6h0w7njzwdfsezknn1x256w4v2mcrn437dq9jzqsjgftkwyc8wbcpemkp4xvjrnwdc3rh87q6f4wh7pwkh8z348c3wkg6f27ccjz94gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDkpdVqR3Yeb2N-rO7_UP67qk6ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CLz3T7jhPROwYIB7xf7mWZbEokXOXH9mDRNKfJQbr8-CSq9qzWVgiOIEjefdBxLOVFPyYAy437YSJqQ4sMCAchNs-sAYPQXpBdLZzkBZOJ2pi2nJZ95z-ad6S28gp-614MbhF-MIXbUY8HIPAjcm1xCNCAoTlAK8ts9rj3qArp4fIHqjJ0AS-BB2DNp9SqfNRlRs26Nmaxn0-70QDjdkFCzBBWNAKEdAw2-nWZ1_qhtQXiR4DlHdu-GrUoZ9hyL_qcGRFQYg71deTuudh_4MTpJR7W1Vz80lrQwguhg-DQheAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vS1U8fFm0SOXJ4NQjQ3eauC1jpQ%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bac41bd9426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 3729 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3DAA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44406
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 3729 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame 3729 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKr3W6r6dRKaYItEOrzWVWy8RC45FMYq9OWv8-hR_NA99kiHe3eRUzyaPiuha2h3Ua6L8vax_YS1wdXJLakvC1FBDiFg
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3729 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3729 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:47 GMT
async_usersync
ib.adnxs.com/ Frame 7534 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
318f4db5-77c9-4dab-85e1-eadcbda18b37
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C53E 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
838792bd-6400-4b2d-aa7c-4c35228052e8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E07A 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9b851952-660e-4af2-ab0a-0edb19bb744c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D75A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
adview
securepubads.g.doubleclick.net/pagead/ Frame A465 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQXBMV6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBN8BT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIev1qCwSn-137_1B7rA9pjrv65uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODiACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzI4MjU0NzExNDgwMDM0NxiQ_RI&sigh=k5D9LEGUtq0&uach_m=[UACH]&cid=CAQSKQCNIrLMohLecXLR2fwjwvBSkSKIwymPcFkXMK4WiNLNkgU0DwvDDM_1GAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame A465 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gzb75ys4twy8rxkgx3wph8zpgff0fbgqpch04qjbeg2fwcxd6bntjtq5qgn1dzf2r81be8ewvr000ckk2an6m8ay1291mc1pn18w0tjde0w7e90mgnjfrn8c9we744yem9844xmjb2we4sbssmn515018m73hne8tts6g8ygqxrpnam2j465mwxxya5xdsa5rb9gh8kk8qmp6ra6f11ejxxnrshm0dmqs299qxtvhrq62tm3madye8pta47sye7dbra9gs70npm3phpa4tcpv8tyc4zwx307dvbc7pyck551gn6z7q266z38z15jef40gbcgpb7w0gp5xrwvw7sj5ym1hf26ex36smnxf99d3xvxehgk92qefqrbfhy8k2tq7xpb6jgse3xs2aw&b=YXekVwABlqEIEeH7AAjMpStXM1HYA-yXgol-PQ
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame AAA9 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jmxw3g8vnk2nw1nxk76hfm3jfrtm64tyw2nk2hx6v7tt5t3bngcg4emvja9e48j99syc7frgjat724m0sd8aake4ztvs54nj655km389cz1z3n7jtjq95dmxwm0dzxz0tgqkqqjkxpgqvwfq58by18ddvffdwzp8dw7m1aqzgqa2nfz6x3kkjzczpw45a83mhjk9h71hd4v9c35n62yz4wt344ntk96knbfr55yk27npa72h992zcwxpsr9nkyprc5pbfw3vd0tb4v2p9tx08pj8bnw16kdh3vszz7p6y46mzsn57cvw087y5vem1919kskaa4d9g8m4xcfz76001expcs3qqvjkcmgvq089qy1hb532mwn2yw1s0wtnz83643wsvthj3f2v0v4qn3acz2ahvkd9ehjkpfnbc8debkt8h0r68bsc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
URL: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59364725933cdef62ac2c898d9584732be838248862615e2490046b1cce79ca2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1jmxw3g8vnk2nw1nxk76hfm3jfrtm64tyw2nk2hx6v7tt5t3bngcg4emvja9e48j99syc7frgjat724m0sd8aake4ztvs54nj655km389cz1z3n7jtjq95dmxwm0dzxz0tgqkqqjkxpgqvwfq58by18ddvffdwzp8dw7m1aqzgqa2nfz6x3kkjzczpw45a83mhjk9h71hd4v9c35n62yz4wt344ntk96knbfr55yk27npa72h992zcwxpsr9nkyprc5pbfw3vd0tb4v2p9tx08pj8bnw16kdh3vszz7p6y46mzsn57cvw087y5vem1919kskaa4d9g8m4xcfz76001expcs3qqvjkcmgvq089qy1hb532mwn2yw1s0wtnz83643wsvthj3f2v0v4qn3acz2ahvkd9ehjkpfnbc8debkt8h0r68bsc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bac49d25426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame A465 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
URL: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4AA8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
URL: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44406
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame A465 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
URL: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame A465 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXT0C1s6ie3fJ9D9A-ftkAxn15ErKJCXUJwc1yWuBjHsh4FB3KkjI5DVDT1Vss8ILo4F4jN6lS31O_ixJgBKltvC_ucg
Requested by
Host: 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
URL: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A465 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
URL: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A465 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
URL: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:47 GMT
async_usersync
ib.adnxs.com/ Frame E8A7 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
073604ae-c313-453c-8748-909b8ad52199
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D073 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 1021 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8f74297e-5f59-4fe1-8e9b-7d57b0af3468
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DDF9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqUU2V6R3YcTxCfPg7_UP65O_6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBN8BT9AErV1Ql1r9jSmzKwuoUmFqfykbCvBjnJHMaBbum72TL3ZHxWaAMQN98Q5wSI0FhZ329DPvUhsb_ze_fA7xqZF0MHEKnNtCuo1F2z2nFpHhx3YuHTv8PKth6-EvAgmivOnAx-oukRtcFTVyOaA-o4VatpgNLuJ1S6qgaKWzfeVvdMb6LI9oVj0SrCe5IWrD-UVy5L3QjlkS7RB9Arz7OeZI421aQFrVhaokgtRYbzNamt2bId4ogNLhD9FjZPU1KIg_35tN9UDuC68p_BrvON1-i9d5okMFC0qj5ZQDA-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODiACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzI4MjU0NzExNDgwMDM0NxiQ_RI&sigh=f0BDf6rQmyo&uach_m=[UACH]&cid=CAQSKQCNIrLMqi4YdjNwBIN9OCR9fc4VLzgr08P37RV8lHC_JM8fzDI8kAe9GAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame DDF9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gf03bp0stf7r9m1486ddns6p2cez66ccb6jad4b3aqcny2jbwwz5gzpst7qphdtk6xp96fvmmhxtf0ve96jf6hww4nkb3gpddfs3sj8h1h7q8ky8gtj71d5kb5k206rkcnrkyvfs59e4nzqe1xtp0h6t7jrcxfh8pyj0t0hhcr218xm5w70qy0q0znkh12yxzkmnsf1mp8vaa6r9mm7t1knxendrjb79afptfk70dvxrda0pag1myt2r0q2wqffq1rbg8paa26ye57ksn8dz1hwvng9yfc1sv7gtjy8j2f4ndvzff8dnbr6vtmr2xfv1kb97c9b8x7weca2gwswd4wrm4y2vtnj225ceqvb4r8dpq2kx48ems9p479agyqrazgdp702d1447mqy&b=YXekVwACeMQIu_BzAA_J638kZ5kUHSWtgOMBOQ
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame B944 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kgr571q15v7a7m59qy5ddyk7ce9dt86px5grcbe5sef7s6jgqq9hxm8a2wt1p7y30yjkjd65pgwmdd0xyc3yvyh24s764srhqzv7yzmefk7paj3z7hd2kac0xpxsjkzbpv2sa0cayp9mc64x47njjdz4ma2svqmksegym8wn03djdmq6bejh108jvz9seev7340mb114rhj6gft0mvvgqh3rdarmy2nxbavz78z6gp1yzybfedrtedje5gnx4wzjqwvvkjqzdp60zvv0c4nqrev2f6074yqy7sswxgg58r3z60djkyjgh8xarn2s5byh50s9c28ch0wc744cxt7ekz92rnd2jhe8wtax5kktq9hbwtj0g5d7fwjd1wkeqeywe13tgf2xxxb3xxvhjwhhaqd81gx46xyd0j1cwgytyk28n3696450&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChp_AV6R3YcTxCfPg7_UP65O_6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9AErV1Ql1r9jSmzKwuoUmFqfykbCvBjnJHMaBbum72TL3ZHxWaAMQN98Q5wSI0FhZ329DPvUhsb_ze_fA7xqZF0MHEKnNtCuo1F2z2nFpHhx3YuHTv8PKth6-EvAgmivOnAx-oukRtcFTVyOaA-o4VatpgNLuJ1S6qgaKWzfeVvdMb6LI9oVj0SrCe5IWrD-UVy5L3QjlkS7RB9Arz7OeZI421aQFrVhaokgtRYbzNamt2bId4ogNLhD9FjZPU1KIg_35tN9UDuC68p_FjtNU-pXlA5asRNnZDqd2Y6F_MfPeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZFhRIXNzi9EZrE1ERMKxdhMM74g%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611be0baf2ea50053918643c592afe12a3ba905c564e0841f0dba8154d1d9787
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1kgr571q15v7a7m59qy5ddyk7ce9dt86px5grcbe5sef7s6jgqq9hxm8a2wt1p7y30yjkjd65pgwmdd0xyc3yvyh24s764srhqzv7yzmefk7paj3z7hd2kac0xpxsjkzbpv2sa0cayp9mc64x47njjdz4ma2svqmksegym8wn03djdmq6bejh108jvz9seev7340mb114rhj6gft0mvvgqh3rdarmy2nxbavz78z6gp1yzybfedrtedje5gnx4wzjqwvvkjqzdp60zvv0c4nqrev2f6074yqy7sswxgg58r3z60djkyjgh8xarn2s5byh50s9c28ch0wc744cxt7ekz92rnd2jhe8wtax5kktq9hbwtj0g5d7fwjd1wkeqeywe13tgf2xxxb3xxvhjwhhaqd81gx46xyd0j1cwgytyk28n3696450&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChp_AV6R3YcTxCfPg7_UP65O_6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9AErV1Ql1r9jSmzKwuoUmFqfykbCvBjnJHMaBbum72TL3ZHxWaAMQN98Q5wSI0FhZ329DPvUhsb_ze_fA7xqZF0MHEKnNtCuo1F2z2nFpHhx3YuHTv8PKth6-EvAgmivOnAx-oukRtcFTVyOaA-o4VatpgNLuJ1S6qgaKWzfeVvdMb6LI9oVj0SrCe5IWrD-UVy5L3QjlkS7RB9Arz7OeZI421aQFrVhaokgtRYbzNamt2bId4ogNLhD9FjZPU1KIg_35tN9UDuC68p_FjtNU-pXlA5asRNnZDqd2Y6F_MfPeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZFhRIXNzi9EZrE1ERMKxdhMM74g%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bac4edd4426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame DDF9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9B0F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44406
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame DDF9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame DDF9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwh7x0sVPsozukkHSXV94l9TIBbb7Qsfjow_pJ5bNtSglzpSEUPIaYN6ToASzgndMIl1vnviWPAr6t6DWIO0xA6A2FjQ
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DDF9 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDF9 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:47 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CAE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxM1cV6R3Yc6cDNuV9u8P1Yy8wAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCxZ8zjLd3sz7gAgCoAwGqBN8BT9AMCdT9u9QnbG2tkd_t-FYEUcG47LLumiVf5hGgjqjMuaUvBuk-F1yk9mVRYUnY8yXWUN-HDL5MPF6gvcr2mXsLUdM48BLhPiaFhpco9AwCNuquI5nAczu9_Bnnev53HbXUixcyrfmDmzh31kKoCSZTsBmJPnF6k08SRpaPtf0q7215f24QhQDYxxMfsaSJjq8YHUn5wlMeQflBSUEZ6LUklbxcZdt6helP-lKHH1yORvbm2SRCZw6S1g54N3k4kbfoa9PWyGmDL5N891t7K4ju9x_UoI-FiLpRnSwdeeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODiACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzI4MjU0NzExNDgwMDM0NxiQ_RI&sigh=FxLEMRSPSAg&uach_m=[UACH]&cid=CAQSKQCNIrLMnU8z6bAYuBowIax31gwH3E3-Qhw4ucetrypljvq_FV2odp6NGAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame CAE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j54wmxaw5qpzk3zm674dbjsbtpb5r4rmf5xam2sf8bq6vdnmx85q92db029en1z0q5q0cr2x0v50qc3mzrb67z4bsrgdqcj172pzm0aqcm16dpwheba225yjyfx74skvjpddhjzwx648hg0xv80mvjfx0pzzxtm42hrztbvc3ypbxcmvypvre5f6w9q2d7st4jvm970jfpa8vjqffs8b7bhzfgh1kd4ceg310jkkrreqevc24stmr8xe257tcsw3gvjx6vdavvn2xmf9jy9eww89rj6t4fra2jkx1w57p2zbp0dc85a8zyjfssahktvxaa7qrjc2x1kzx8z91hzbpg71h2emagt1cten35j3ah2se6z9bj68fdgxphptj4v74v4yshw7gjs94py&b=YXekVwADDk4H_YrbAA8GVWX9Ke2KEILMgOThhg
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame E8C2 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gm6enez85w06mzc576yzwzv7x2wrf4tqp1n74z2vhrynrn63c5q7xd2j8a2bcf7pfbkq50ymsn96ah2qqm3c4a23kwxd4tz70scq4y1pp04wytd1b5w4bh3grg9h0ban370h98798v605h106wzh37bvr37fnv165gt6bdk08tpya1wwnsxnvcgm9839xtfz5wj6j0kd1kdrzcnxc6bvnms0qjgnwffez1xfh24vhmcqqmxcy9b7bt3t7v8khj20tc5nn69gnwd9ykd65nyaesbmswa9t7rjadzbzq7z93by5f9p7d6xyy7vtmgnwpx2etp677envz3za1eatmz6njw28k05xr1sg6r3exypkjke7hz6mhcwwm5y36smh8rdg7xnt2yewaap7t0myea66y3bzgsvwes6sjemebvr4cqxq1ctr8sm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUZnV6R3Yc6cDNuV9u8P1Yy8wAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCxZ8zjLd3sz7gAgCoAwGqBOIBT9AMCdT9u9QnbG2tkd_t-FYEUcG47LLumiVf5hGgjqjMuaUvBuk-F1yk9mVRYUnY8yXWUN-HDL5MPF6gvcr2mXsLUdM48BLhPiaFhpco9AwCNuquI5nAczu9_Bnnev53HbXUixcyrfmDmzh31kKoCSZTsBmJPnF6k08SRpaPtf0q7215f24QhQDYxxMfsaSJjq8YHUn5wlMeQflBSUEZ6LUklbxcZdt6helP-lKHH1yORvbm2SRCZw6S1g54N3k4kbfoa9PWyGmDL5N89xl5Jho5IpiUaAjNHmAYD94kba0XJeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11xDzdiv0bdbQ5P9nTh0na6bERVA%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc4ff7808b7926245dd76e73f8eb28e57ce0eeeb1f4713856ac8883d8a9b31dd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1gm6enez85w06mzc576yzwzv7x2wrf4tqp1n74z2vhrynrn63c5q7xd2j8a2bcf7pfbkq50ymsn96ah2qqm3c4a23kwxd4tz70scq4y1pp04wytd1b5w4bh3grg9h0ban370h98798v605h106wzh37bvr37fnv165gt6bdk08tpya1wwnsxnvcgm9839xtfz5wj6j0kd1kdrzcnxc6bvnms0qjgnwffez1xfh24vhmcqqmxcy9b7bt3t7v8khj20tc5nn69gnwd9ykd65nyaesbmswa9t7rjadzbzq7z93by5f9p7d6xyy7vtmgnwpx2etp677envz3za1eatmz6njw28k05xr1sg6r3exypkjke7hz6mhcwwm5y36smh8rdg7xnt2yewaap7t0myea66y3bzgsvwes6sjemebvr4cqxq1ctr8sm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUZnV6R3Yc6cDNuV9u8P1Yy8wAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCxZ8zjLd3sz7gAgCoAwGqBOIBT9AMCdT9u9QnbG2tkd_t-FYEUcG47LLumiVf5hGgjqjMuaUvBuk-F1yk9mVRYUnY8yXWUN-HDL5MPF6gvcr2mXsLUdM48BLhPiaFhpco9AwCNuquI5nAczu9_Bnnev53HbXUixcyrfmDmzh31kKoCSZTsBmJPnF6k08SRpaPtf0q7215f24QhQDYxxMfsaSJjq8YHUn5wlMeQflBSUEZ6LUklbxcZdt6helP-lKHH1yORvbm2SRCZw6S1g54N3k4kbfoa9PWyGmDL5N89xl5Jho5IpiUaAjNHmAYD94kba0XJeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11xDzdiv0bdbQ5P9nTh0na6bERVA%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bac4fdef426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame CAE3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4336 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44406
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame CAE3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CAE3 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CAE3 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:47 GMT
integrator.js
adservice.google.de/adsid/ Frame 8EA1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8EA1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8EA1 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3355200543626438&correlator=378056448776497&output=ldjh&impl=fif&eid=31063136%2C31063272%2C31062526%2C31063140&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=1&eri=1&cust_params=GS%3DYes%26OS%3DOther%26FC%3D1&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230807&dt=1635230807830&dlt=1635230804566&idt=2089&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=ni0ow58rwl&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1341641798.1635230806&ga_sid=1635230806&ga_hid=276536048&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f2c535076f890decb7daa0915da7a8b1b3fe5a74ac0ccb86c109a25764121367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10452
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame C4DC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C4DC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C4DC 		24 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2546505396439370&correlator=3157941095598630&output=ldjh&impl=fif&eid=31063213%2C31063272%2C44742768%2C31062525&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=1&eri=1&cust_params=GS%3DYes%26OS%3DOther%26FC%3D1&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230807&dt=1635230807838&dlt=1635230804574&idt=2050&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=uigpkripbbvx&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=210503027.1635230806&ga_sid=1635230806&ga_hid=809567159&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
cb954ef7bc6823e7375fc1d7468666a557448274d0f289f4acc207e1c17e78a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11491
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 93CE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYCCAIKAgw18jeiwY4CEAISAgQ18jeiwYYBw..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:49 GMT
Date
Tue, 26 Oct 2021 06:46:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 63E9 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
55d9823f-548d-47b1-b08b-8438f28632be
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9E62 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c6e99070-4eb5-4c2f-a31a-7f10fbab427e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame FCB7 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kqy7fz016egpbe9p2bk0fnzrjt65pyncnqmx4ey9rs0jck0eaavrrk58m0kekrth2gae6vta9n26tbkqgdh3mz2wr3jvqtsnaadv576ctv23n60mk1t9tr3y7hwrjr3mktzjnaqb74aejet6s9e5zphbhy32btet910fdpyxwpwkzd7c5vfesp48mwk1y7e319ab5fw9ejkjbaye1466q61kghqrhhkwf0wj2y512b0efw959yf56vynths2ve92zdngv20ehshes7t440b4d9d9ff8jsg9j4bz6396ytpkgnbekhnsh7xhj4en8cc3nafenz0n2bcwkbcw47gw87w80a0t7z5z485q5gxxsqbf0ehfv9gymy99hkv5975w5vsp508h8xt4cg7ay3cqhq89bxegryfapjmetqzxwxjf8kfnyy0kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy9zhVqR3YdbhK8vlgAfprqr4CpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0JJkxZNEEF01oxKY9ORRd-HvIGJnLmA7VBrS55eDJZ1HZj1mxgThz-eZ-BH2k8dBk9_4oOK1HlPH_DLhX8E0Okb2P9ijH-bwe4hZQ05DygYh_-x9vT1lc8xqTS02cj39R5afAFTTox5LpFX7j2hWmkLwN69EEkRrjsda8oHcbJnNjQL_L7bxke-krz6chJ0-Y4nF5tkp8TAmfdp47zGrz1COqW0APka9uUH2j9ofKN10d5dTkp2EycRAg3mrzeaT6TOQcrq_G90XDqhbtfStayknsdFYzzNgfZvnNWGoE2fB4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qq-pJMyRY3iK7ImfZoIkDdbeqJQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kqy7fz016egpbe9p2bk0fnzrjt65pyncnqmx4ey9rs0jck0eaavrrk58m0kekrth2gae6vta9n26tbkqgdh3mz2wr3jvqtsnaadv576ctv23n60mk1t9tr3y7hwrjr3mktzjnaqb74aejet6s9e5zphbhy32btet910fdpyxwpwkzd7c5vfesp48mwk1y7e319ab5fw9ejkjbaye1466q61kghqrhhkwf0wj2y512b0efw959yf56vynths2ve92zdngv20ehshes7t440b4d9d9ff8jsg9j4bz6396ytpkgnbekhnsh7xhj4en8cc3nafenz0n2bcwkbcw47gw87w80a0t7z5z485q5gxxsqbf0ehfv9gymy99hkv5975w5vsp508h8xt4cg7ay3cqhq89bxegryfapjmetqzxwxjf8kfnyy0kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy9zhVqR3YdbhK8vlgAfprqr4CpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0JJkxZNEEF01oxKY9ORRd-HvIGJnLmA7VBrS55eDJZ1HZj1mxgThz-eZ-BH2k8dBk9_4oOK1HlPH_DLhX8E0Okb2P9ijH-bwe4hZQ05DygYh_-x9vT1lc8xqTS02cj39R5afAFTTox5LpFX7j2hWmkLwN69EEkRrjsda8oHcbJnNjQL_L7bxke-krz6chJ0-Y4nF5tkp8TAmfdp47zGrz1COqW0APka9uUH2j9ofKN10d5dTkp2EycRAg3mrzeaT6TOQcrq_G90XDqhbtfStayknsdFYzzNgfZvnNWGoE2fB4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qq-pJMyRY3iK7ImfZoIkDdbeqJQ%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411081
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bac54e8d426c-AMS
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame FCB7 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kqy7fz016egpbe9p2bk0fnzrjt65pyncnqmx4ey9rs0jck0eaavrrk58m0kekrth2gae6vta9n26tbkqgdh3mz2wr3jvqtsnaadv576ctv23n60mk1t9tr3y7hwrjr3mktzjnaqb74aejet6s9e5zphbhy32btet910fdpyxwpwkzd7c5vfesp48mwk1y7e319ab5fw9ejkjbaye1466q61kghqrhhkwf0wj2y512b0efw959yf56vynths2ve92zdngv20ehshes7t440b4d9d9ff8jsg9j4bz6396ytpkgnbekhnsh7xhj4en8cc3nafenz0n2bcwkbcw47gw87w80a0t7z5z485q5gxxsqbf0ehfv9gymy99hkv5975w5vsp508h8xt4cg7ay3cqhq89bxegryfapjmetqzxwxjf8kfnyy0kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy9zhVqR3YdbhK8vlgAfprqr4CpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0JJkxZNEEF01oxKY9ORRd-HvIGJnLmA7VBrS55eDJZ1HZj1mxgThz-eZ-BH2k8dBk9_4oOK1HlPH_DLhX8E0Okb2P9ijH-bwe4hZQ05DygYh_-x9vT1lc8xqTS02cj39R5afAFTTox5LpFX7j2hWmkLwN69EEkRrjsda8oHcbJnNjQL_L7bxke-krz6chJ0-Y4nF5tkp8TAmfdp47zGrz1COqW0APka9uUH2j9ofKN10d5dTkp2EycRAg3mrzeaT6TOQcrq_G90XDqhbtfStayknsdFYzzNgfZvnNWGoE2fB4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qq-pJMyRY3iK7ImfZoIkDdbeqJQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69589
x-guploader-uploadid
ADPycdvNXhwiNu4xoVcJ42hilSPIRHALD7zD5Hf3wtHCPbX6ILgZz8gfHXg0sthzsTHAmQVME6-SSYz3rohz56QK4Uc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:36 GMT
server
cloudflare
etag
W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEt0eBP2pHzPqEhU4Q3GOSq0QZKP%2BFQtY6ZzinmK1FA3%2F%2FgurDyvFh%2B8bcCZUXs7V84NbCOYevmd0Np23k4D9Yz8xmUEJequmck4xBhi4FAo5HpCtjL88KU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729196057447
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11922
cf-ray
6a41bac54f154c98-AMS
expires
Mon, 25 Oct 2021 11:26:58 GMT
async_usersync
ib.adnxs.com/ Frame 1190 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
312437b8-f870-45ce-ab6f-3efd142afe14
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 0A8D 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jz13zh2xcmjryz5qmm1dwkxzb7e6ca1n6xjk78w134dyet66vg33ygv4yyq3e1ar7bsfqzgpjr3b7m0xw9ge8bjdzr1at434tyz1ckv27ar2yjs7s6z1gn2e2rmzzfvsqy4f2m6w0bvrgn07mmar683d29pvp5rnw4k003tm65nsm3w0hwvnrd084hvwjhf3tvhthhnak3zg6pweqzgccz0pdqtm20ksnk4qc732enzka7avyrq9y0hkqjmndwd7789nshva3dnyjrsarcvrs485xqmx9j38wpwee20w734vfd3r4kr4nyz6nexh0340b7cmzpcpgyhaamdwces1j7z655mxx3c71gd45cndk1j72hjp355ak99zj0n6dpt959csvrsje2v4wj4xw1vcr2ytztk2sp67bxp6yh5zjjradp564ka2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqGAOVqR3YazQKP2i7_UP2vSh4AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9CCV7OsUuoUoWL2L4fKmW6jLeLtVXfhLg6edSq2O2z6SVe7JnzZNoIy-e81dDKF4fzy6FBQ5a2dwFPtaLGwAkTUUQDq0pBYkKGQBDg4z7U-SgUdYnmbiaw36ubW1_fKzmX-lVxRZn7_g7B8VZi70fZLrTKH8gpAP9_CV3G2noBP8HbihRnfvsSzRawT5o6Ph9__keFLYuacpKKjZSSWhKi4ih3eY0v0-E4hgVYUP76EXtZvpJZ2Jd5r_RJ8Yvnw7_04HP6msQIC6rV7o-Bb8tFoKGAqYVUOaeu07aFJyISqSeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3z0_L-gk-2TBChM9Zv4oQxkqGCjA%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jz13zh2xcmjryz5qmm1dwkxzb7e6ca1n6xjk78w134dyet66vg33ygv4yyq3e1ar7bsfqzgpjr3b7m0xw9ge8bjdzr1at434tyz1ckv27ar2yjs7s6z1gn2e2rmzzfvsqy4f2m6w0bvrgn07mmar683d29pvp5rnw4k003tm65nsm3w0hwvnrd084hvwjhf3tvhthhnak3zg6pweqzgccz0pdqtm20ksnk4qc732enzka7avyrq9y0hkqjmndwd7789nshva3dnyjrsarcvrs485xqmx9j38wpwee20w734vfd3r4kr4nyz6nexh0340b7cmzpcpgyhaamdwces1j7z655mxx3c71gd45cndk1j72hjp355ak99zj0n6dpt959csvrsje2v4wj4xw1vcr2ytztk2sp67bxp6yh5zjjradp564ka2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqGAOVqR3YazQKP2i7_UP2vSh4AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9CCV7OsUuoUoWL2L4fKmW6jLeLtVXfhLg6edSq2O2z6SVe7JnzZNoIy-e81dDKF4fzy6FBQ5a2dwFPtaLGwAkTUUQDq0pBYkKGQBDg4z7U-SgUdYnmbiaw36ubW1_fKzmX-lVxRZn7_g7B8VZi70fZLrTKH8gpAP9_CV3G2noBP8HbihRnfvsSzRawT5o6Ph9__keFLYuacpKKjZSSWhKi4ih3eY0v0-E4hgVYUP76EXtZvpJZ2Jd5r_RJ8Yvnw7_04HP6msQIC6rV7o-Bb8tFoKGAqYVUOaeu07aFJyISqSeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3z0_L-gk-2TBChM9Zv4oQxkqGCjA%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:47 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411081
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bac54e97426c-AMS
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 0A8D 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jz13zh2xcmjryz5qmm1dwkxzb7e6ca1n6xjk78w134dyet66vg33ygv4yyq3e1ar7bsfqzgpjr3b7m0xw9ge8bjdzr1at434tyz1ckv27ar2yjs7s6z1gn2e2rmzzfvsqy4f2m6w0bvrgn07mmar683d29pvp5rnw4k003tm65nsm3w0hwvnrd084hvwjhf3tvhthhnak3zg6pweqzgccz0pdqtm20ksnk4qc732enzka7avyrq9y0hkqjmndwd7789nshva3dnyjrsarcvrs485xqmx9j38wpwee20w734vfd3r4kr4nyz6nexh0340b7cmzpcpgyhaamdwces1j7z655mxx3c71gd45cndk1j72hjp355ak99zj0n6dpt959csvrsje2v4wj4xw1vcr2ytztk2sp67bxp6yh5zjjradp564ka2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqGAOVqR3YazQKP2i7_UP2vSh4AGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9CCV7OsUuoUoWL2L4fKmW6jLeLtVXfhLg6edSq2O2z6SVe7JnzZNoIy-e81dDKF4fzy6FBQ5a2dwFPtaLGwAkTUUQDq0pBYkKGQBDg4z7U-SgUdYnmbiaw36ubW1_fKzmX-lVxRZn7_g7B8VZi70fZLrTKH8gpAP9_CV3G2noBP8HbihRnfvsSzRawT5o6Ph9__keFLYuacpKKjZSSWhKi4ih3eY0v0-E4hgVYUP76EXtZvpJZ2Jd5r_RJ8Yvnw7_04HP6msQIC6rV7o-Bb8tFoKGAqYVUOaeu07aFJyISqSeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3z0_L-gk-2TBChM9Zv4oQxkqGCjA%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date
Tue, 26 Oct 2021 06:46:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69589
x-guploader-uploadid
ADPycdvNXhwiNu4xoVcJ42hilSPIRHALD7zD5Hf3wtHCPbX6ILgZz8gfHXg0sthzsTHAmQVME6-SSYz3rohz56QK4Uc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:36 GMT
server
cloudflare
etag
W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUHODNuUdjounoQlNCPXMzc5c9gp04a3dxoH8RfmUEjjlV6bs2hLgk%2BcM8U2EIeVN9gth%2BBBbN2PyRpwiwDBYjIn7a0HHWiotmuAgs9lIbfwNbveRSCbyOc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729196057447
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11922
cf-ray
6a41bac54f164c98-AMS
expires
Mon, 25 Oct 2021 11:26:58 GMT
async_usersync
ib.adnxs.com/ Frame FC48 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:47 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
39a21d37-ba49-490d-b7d6-d560c98a6965
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF12 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7086 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYCSAJKAkw18jeiwY4CUAJSAkQ18jeiwYYCA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:49 GMT
Date
Tue, 26 Oct 2021 06:46:47 GMT
Connection
keep-alive
Vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame BFFC
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEAXNy8YM_WZCwUy1wNWC5XY&google_cver=1&google_push=AYg5qPKgMv0B-CtZKMcL7wEkgHPSXN5GZwz4ya6lM9zgZHoeSXzNnVvJbHEDVgOQu_i7p9Wact8MLUjd9MSQoiJ_ormQm0Y6Zf70iw
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzZENjk0MDg1RUUzNzc4Mw==
0
0
sync
sync.srv.stackadapt.com/ Frame BFFC 		0
0
pixel
cm.g.doubleclick.net/ Frame BFFC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA7g2GGIKbPQpyXkZOGntS4&google_cver=1&google_push=AYg5qPJ3R1prYEJ6iLlOpnOyI22MTBfvaVX6hRO2TEdpeRgg9oSYifks_oIJocWOyvkgyH1oxKT...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y3UTdBTzAtVS1GUFRG&google_push=AYg5qPJ3R1prYEJ6iLlOpnOyI22MTBfvaVX6hRO2TEdpeRgg9oSYifks_oIJocWOyvkgyH1oxKTJZwQIUKZNeJaO6hCNoRo5686X6Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y3UTdBTzAtVS1GUFRG&google_push=AYg5qPJ3R1prYEJ6iLlOpnOyI22MTBfvaVX6hRO2TEdpeRgg9oSYifks_oIJocWOyvkgyH1oxKTJZwQIUKZNeJaO6hCNoRo5686X6Q
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y3UTdBTzAtVS1GUFRG&google_push=AYg5qPJ3R1prYEJ6iLlOpnOyI22MTBfvaVX6hRO2TEdpeRgg9oSYifks_oIJocWOyvkgyH1oxKTJZwQIUKZNeJaO6hCNoRo5686X6Q
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame BFFC
Redirect Chain
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEK1Nq1DxqjKz3b3JjNZFvBo&google_cver=1&google_push=AYg5qPKJJqr_1F6IwSA4gM5Iv4bWi7_2Bx095XNIbZidLohHKzSkLM9a8Ktm8KdLqZrCzwuYl2n45d7ckDK-5n-EhVPETB4...
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=UjVXaTE3R2RJdmw3&google_ula=2046794&google_push=AYg5qPKJJqr_1F6IwSA4gM5Iv4bWi7_2Bx095XNIbZidLohHKzSkLM9a8Ktm8KdLqZrCzwuYl2n45d7ckD...
0
0
us
sync.go.sonobi.com/ Frame BFFC 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPKtqiN6yc_Pm1BIqREJ_FfODNLZf9x0DpBnqZ5CWbtmcjhiCTHL3qyKuC94r9mxUe3UacmUNaaq0ILXdk7yLp3LZVUpl65rXw%26google_hm%3D%5BUID%5D&google_gid=CAESEBK-x977IQKEbR9AdxThYD4&google_cver=1
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFFC
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKE0YotPDqoy_b5nplnnndA&google_cver=1&google_push=AYg5qPKjyMkmGOsQ0eB8H86jb37H60nl2mUg0HabWT6DDvuP3yk3KCw4cgwoTFOkQS7_r8MHLC-qu1Xwx7AZBlHQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKjyMkmGOsQ0eB8H86jb37H60nl2mUg0HabWT6DDvuP3yk3KCw4cgwoTFOkQS7_r8MHLC-qu1Xwx7AZBlHQhSzpLnfG14HG6Q
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKjyMkmGOsQ0eB8H86jb37H60nl2mUg0HabWT6DDvuP3yk3KCw4cgwoTFOkQS7_r8MHLC-qu1Xwx7AZBlHQhSzpLnfG14HG6Q
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:47 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKjyMkmGOsQ0eB8H86jb37H60nl2mUg0HabWT6DDvuP3yk3KCw4cgwoTFOkQS7_r8MHLC-qu1Xwx7AZBlHQhSzpLnfG14HG6Q
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
7DV5DEM4VLT6eX-7LQFXAZrcYeqe4-rLGu17lp3suiFfVcLqdDS4Ow==
pixel
cm.g.doubleclick.net/ Frame BFFC
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESELEqbxDXWYkmcRTkDA1hP88&google_cver=1&google_push=AYg5qPKGmJ0TiNijFvwtHShTl0qps6PDmecamS1Ru4HezxUUiPdOkK9Y-0qYhs_tsc_xWN5balg1J-e9KdjnsU1BEHUT6kmDW...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKGmJ0TiNijFvwtHShTl0qps6P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKGmJ0TiNijFvwtHShTl0qps6PDmecamS1Ru4HezxUUiPdOkK9Y-0qYhs_tsc_xWN5balg1J-e9KdjnsU1BEHUT6kmDW0JZyw&gdpr=&gdpr_consent=
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKGmJ0TiNijFvwtHShTl0qps6PDmecamS1Ru4HezxUUiPdOkK9Y-0qYhs_tsc_xWN5balg1J-e9KdjnsU1BEHUT6kmDW0JZyw&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 26 Oct 2021 06:46:48 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BFFC 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYrzSAsXf88Ayg3ajzTb2f92ubppgoXYfAMCYW9DmR6Egnxg9WSsFSoR95mJ-yLBABc70g
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame DC38
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKhfKQ6oRdfnCBMCuWY7QqM&google_cver=1&google_push=AYg5qPLls3iZxyoVfNsjN2yWeAc6sLqJ2BNi0d-hvEQGrC3M3FKpblqMsdr3FH0vJ5UkmpDaSXIjcwJkSPhXk1HQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLls3iZxyoVfNsjN2yWeAc6sLqJ2BNi0d-hvEQGrC3M3FKpblqMsdr3FH0vJ5UkmpDaSXIjcwJkSPhXk1HQkt8ZTfsX0WqZ
0
0
pixel
cm.g.doubleclick.net/ Frame DC38
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEOEqbj8QP4YJk_ev17_L9h4&google_cver=1&google_push=AYg5qPJERL3HO9QAt4xAUG-dDgBGVosOTh_iwEm9oQE88-rQ_0vcWzH73pd3SUwtiR3L7SoGJccmpargQbrc9eUrC-TDOHBqOdM
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4BBC99F38D2A46BF9B24531513E07064&google_push=AYg5qPJERL3HO9QAt4xAUG-dDgBGVosOTh_iwEm9oQE88-rQ_0vcWzH73pd3SUwtiR3L7SoGJccmpargQbrc9eU...
0
0
pixel
cm.g.doubleclick.net/ Frame DC38
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGNTg8Zk214pK5XCX5Z5jhU&google_cver=1&google_push=AYg5qPLJo1cuogQMADunaE3reFBXZvt-1q_fekrsu0broQojedzIdKpWF-Mv-voazmIGY6vq7EWybYMc6Q_V6E...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzI2Mjg0MTc3MTk4MDkzOQ%3D%3D&google_push=AYg5qPLJo1cuogQMADunaE3reFBXZvt-1q_fekrsu0broQojedzIdKpWF-Mv-voazmIGY6vq7EWybYMc6Q_V6EaaUs...
0
0
google;c
d5p.de17a.com/cookies/ Frame DC38
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPJ2BgZ3BCQmtkKKGDhuielMqyAiqvR-EQK1teDQ9ODYb-SrSjfp64l6SlBgX2aKNxdGWlD6c1z-6Yt9KREY-qfVS6E...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPJ2BgZ3BCQmtkKKGDhuielMqyAiqvR-EQK1teDQ9ODYb-SrSjfp64l6SlBgX2aKNxdGWlD6c1z-6Yt9KREY-qfVS...
0
0
/
c1.adform.net/serving/cookie/match/ Frame DC38
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPJu1e2SqQ4FL4ZTN8ZtnG2ZIPD6NySP2HB98IXPAeigRcPZ34b6EXQIlpt1Q9LcX_n9eihKj3TO...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPJu1e2SqQ4FL4ZTN8ZtnG2ZIPD6NySP2HB98IXPAeigRcPZ34b6EXQIlpt1Q9LcX_n9eih...
0
0
us
sync.go.sonobi.com/ Frame DC38 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPKHIbAdHFDcYD87NKFY9uSnPjUGW_wprKYZp9pgnLOBRwqApeIrB0V-RhlJyMvD-prniNddNVhLbl8hORH8M-WTRxHpOrs%26google_hm%3D%5BUID%5D&google_gid=CAESEBK-x977IQKEbR9AdxThYD4&google_cver=1
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC38
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFFLyjnVGRdavkUv4kfTrbo&google_cver=1&google_push=AYg5qPJLEghW9NhpSOwKBT7l73dnp45inX6xtTls4Q_DWp1MDlcgq6pb1nQpSE7Pr0zK4h0BGylXZz2SlUhqdg5zsClYoMSnjsV7
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJLEghW9NhpSOwKBT7l73dnp45inX6xtTls4Q_DWp1MDlcgq6pb1nQpSE7Pr0zK4h0BGylXZz2SlUhqdg5zsClYoMSnjsV7&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPJLEghW9NhpSOwKBT7l73dnp45inX6xtTls4Q_DWp1MDlcgq6pb1nQp...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame DC38 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeKuw_gT59MO4iKXCW46LCfAlsbTUL87SquSpqMqZzWl-ydVrzzeOnYeCPMDJPjDYept9b
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 3436 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k10vft8hdq14q9wkn98gcb4kjsh91vxprp87farzaayqhwkd806mgvan2j3q4mtzr9zvtrvv3qd2q1btjkz9wzyp9fwmwyztbegaqmkxcnnvx6a0n5xchztprq5b0sdzbdqfbda7bhchx9v9nkmhabrrrg2cnn0f44v4q8mfdztrtbz59019q8kst4ndncyaya96q5c53ztwxmkjhz6c67gp2bwbmzp84ez2rc138nekxn205b4kae2dk3e9ctwfazbcnw2zm50b38rwg0n1cey659ffaw8hxxpaq2fme2y64wr5yteysn74sstzdkdgtkwaegrfg0sj2fhdc2jhy5j4brvm4c12vvmrq988xcz5x7qrh2tz9kncv6fc0k25rg6k76wqxmkfe016jd2nm7wcwa7y07qwnk1qvr3tpynbc8fde2vr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2O_MVqR3Yb-hM82rgQfRlJ7oC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Bm66OrP0VW8XsoFKpIu2ax3Oob-Kga1dp6pMe-mEiQHMHY9vj-os_oVtdN5n6VOscqA5gC18iLjFWAAiusKHGV_Go_nfI1zAaQcQHmiY0HYEOdcUkW8e0wgutj4XIwNmPdMzs6Wj3O_t287EMiMK1zg34cAOOAblXaewVh6XjK1W7Qa9zi4d6yBbxrpf6f0M92uO-e9xeXW1_Px178VtJ0gBAl95apLXYevFGL6ziTNPRh0qxKvUQNnzInkavdm_xs-yRQxllqXFUYURhUpS4QsnAGGXXK5LnwATpSpkQ0H4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2CAula5xu4Iz4iCJtvBT2uo80Z0Q%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1k10vft8hdq14q9wkn98gcb4kjsh91vxprp87farzaayqhwkd806mgvan2j3q4mtzr9zvtrvv3qd2q1btjkz9wzyp9fwmwyztbegaqmkxcnnvx6a0n5xchztprq5b0sdzbdqfbda7bhchx9v9nkmhabrrrg2cnn0f44v4q8mfdztrtbz59019q8kst4ndncyaya96q5c53ztwxmkjhz6c67gp2bwbmzp84ez2rc138nekxn205b4kae2dk3e9ctwfazbcnw2zm50b38rwg0n1cey659ffaw8hxxpaq2fme2y64wr5yteysn74sstzdkdgtkwaegrfg0sj2fhdc2jhy5j4brvm4c12vvmrq988xcz5x7qrh2tz9kncv6fc0k25rg6k76wqxmkfe016jd2nm7wcwa7y07qwnk1qvr3tpynbc8fde2vr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2O_MVqR3Yb-hM82rgQfRlJ7oC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Bm66OrP0VW8XsoFKpIu2ax3Oob-Kga1dp6pMe-mEiQHMHY9vj-os_oVtdN5n6VOscqA5gC18iLjFWAAiusKHGV_Go_nfI1zAaQcQHmiY0HYEOdcUkW8e0wgutj4XIwNmPdMzs6Wj3O_t287EMiMK1zg34cAOOAblXaewVh6XjK1W7Qa9zi4d6yBbxrpf6f0M92uO-e9xeXW1_Px178VtJ0gBAl95apLXYevFGL6ziTNPRh0qxKvUQNnzInkavdm_xs-yRQxllqXFUYURhUpS4QsnAGGXXK5LnwATpSpkQ0H4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2CAula5xu4Iz4iCJtvBT2uo80Z0Q%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411082
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bac61809426c-AMS
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 3436 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k10vft8hdq14q9wkn98gcb4kjsh91vxprp87farzaayqhwkd806mgvan2j3q4mtzr9zvtrvv3qd2q1btjkz9wzyp9fwmwyztbegaqmkxcnnvx6a0n5xchztprq5b0sdzbdqfbda7bhchx9v9nkmhabrrrg2cnn0f44v4q8mfdztrtbz59019q8kst4ndncyaya96q5c53ztwxmkjhz6c67gp2bwbmzp84ez2rc138nekxn205b4kae2dk3e9ctwfazbcnw2zm50b38rwg0n1cey659ffaw8hxxpaq2fme2y64wr5yteysn74sstzdkdgtkwaegrfg0sj2fhdc2jhy5j4brvm4c12vvmrq988xcz5x7qrh2tz9kncv6fc0k25rg6k76wqxmkfe016jd2nm7wcwa7y07qwnk1qvr3tpynbc8fde2vr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2O_MVqR3Yb-hM82rgQfRlJ7oC5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Bm66OrP0VW8XsoFKpIu2ax3Oob-Kga1dp6pMe-mEiQHMHY9vj-os_oVtdN5n6VOscqA5gC18iLjFWAAiusKHGV_Go_nfI1zAaQcQHmiY0HYEOdcUkW8e0wgutj4XIwNmPdMzs6Wj3O_t287EMiMK1zg34cAOOAblXaewVh6XjK1W7Qa9zi4d6yBbxrpf6f0M92uO-e9xeXW1_Px178VtJ0gBAl95apLXYevFGL6ziTNPRh0qxKvUQNnzInkavdm_xs-yRQxllqXFUYURhUpS4QsnAGGXXK5LnwATpSpkQ0H4AQBgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2CAula5xu4Iz4iCJtvBT2uo80Z0Q%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69590
x-guploader-uploadid
ADPycdvNXhwiNu4xoVcJ42hilSPIRHALD7zD5Hf3wtHCPbX6ILgZz8gfHXg0sthzsTHAmQVME6-SSYz3rohz56QK4Uc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:36 GMT
server
cloudflare
etag
W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nQfBwxp5PoFK4cctsToSZq0g6lUWXuYzS71frfiNU45PRvSr8qI9lTdaCVZl3BbqIhdFOCaPAQ1g2OhkwqpAIs4ppy9erDZrX8ceg7aFE8UDrMRFC%2BPW9A%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729196057447
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11922
cf-ray
6a41bac6180b426c-AMS
expires
Mon, 25 Oct 2021 11:26:58 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 75F6 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgd5ar9t1qfq84satfrhzx0ztw8gkg8rx6j1hz043ykb0xjndnfv341c2qqsbcadhexr7dgaqbmq057tz116a04znkg66cq7b9570efm2da5hezzjmq2d3kwxhhw91d19tj7e4qnbpftgydd8g7wzzsavcaq1ee6hz94t2e626r1vys8zex7me7jz7hh86spgrb4er7r7c39ez31ekp7cd40f6eewtnjf1q39b0nw87m8nasj2725srhd9apdvbp61a3b87vf7sbz70jkx6bez84ada5swgyx3v8ecmzf3tvfj19sjpsg7rhwncqfbv920sgj94m6nvc6h0w7njzwdfsezknn1x256w4v2mcrn437dq9jzqsjgftkwyc8wbcpemkp4xvjrnwdc3rh87q6f4wh7pwkh8z348c3wkg6f27ccjz94gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDkpdVqR3Yeb2N-rO7_UP67qk6ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CLz3T7jhPROwYIB7xf7mWZbEokXOXH9mDRNKfJQbr8-CSq9qzWVgiOIEjefdBxLOVFPyYAy437YSJqQ4sMCAchNs-sAYPQXpBdLZzkBZOJ2pi2nJZ95z-ad6S28gp-614MbhF-MIXbUY8HIPAjcm1xCNCAoTlAK8ts9rj3qArp4fIHqjJ0AS-BB2DNp9SqfNRlRs26Nmaxn0-70QDjdkFCzBBWNAKEdAw2-nWZ1_qhtQXiR4DlHdu-GrUoZ9hyL_qcGRFQYg71deTuudh_4MTpJR7W1Vz80lrQwguhg-DQheAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vS1U8fFm0SOXJ4NQjQ3eauC1jpQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kgd5ar9t1qfq84satfrhzx0ztw8gkg8rx6j1hz043ykb0xjndnfv341c2qqsbcadhexr7dgaqbmq057tz116a04znkg66cq7b9570efm2da5hezzjmq2d3kwxhhw91d19tj7e4qnbpftgydd8g7wzzsavcaq1ee6hz94t2e626r1vys8zex7me7jz7hh86spgrb4er7r7c39ez31ekp7cd40f6eewtnjf1q39b0nw87m8nasj2725srhd9apdvbp61a3b87vf7sbz70jkx6bez84ada5swgyx3v8ecmzf3tvfj19sjpsg7rhwncqfbv920sgj94m6nvc6h0w7njzwdfsezknn1x256w4v2mcrn437dq9jzqsjgftkwyc8wbcpemkp4xvjrnwdc3rh87q6f4wh7pwkh8z348c3wkg6f27ccjz94gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDkpdVqR3Yeb2N-rO7_UP67qk6ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CLz3T7jhPROwYIB7xf7mWZbEokXOXH9mDRNKfJQbr8-CSq9qzWVgiOIEjefdBxLOVFPyYAy437YSJqQ4sMCAchNs-sAYPQXpBdLZzkBZOJ2pi2nJZ95z-ad6S28gp-614MbhF-MIXbUY8HIPAjcm1xCNCAoTlAK8ts9rj3qArp4fIHqjJ0AS-BB2DNp9SqfNRlRs26Nmaxn0-70QDjdkFCzBBWNAKEdAw2-nWZ1_qhtQXiR4DlHdu-GrUoZ9hyL_qcGRFQYg71deTuudh_4MTpJR7W1Vz80lrQwguhg-DQheAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vS1U8fFm0SOXJ4NQjQ3eauC1jpQ%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411082
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bac6180d426c-AMS
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 75F6 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgd5ar9t1qfq84satfrhzx0ztw8gkg8rx6j1hz043ykb0xjndnfv341c2qqsbcadhexr7dgaqbmq057tz116a04znkg66cq7b9570efm2da5hezzjmq2d3kwxhhw91d19tj7e4qnbpftgydd8g7wzzsavcaq1ee6hz94t2e626r1vys8zex7me7jz7hh86spgrb4er7r7c39ez31ekp7cd40f6eewtnjf1q39b0nw87m8nasj2725srhd9apdvbp61a3b87vf7sbz70jkx6bez84ada5swgyx3v8ecmzf3tvfj19sjpsg7rhwncqfbv920sgj94m6nvc6h0w7njzwdfsezknn1x256w4v2mcrn437dq9jzqsjgftkwyc8wbcpemkp4xvjrnwdc3rh87q6f4wh7pwkh8z348c3wkg6f27ccjz94gg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDkpdVqR3Yeb2N-rO7_UP67qk6ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CLz3T7jhPROwYIB7xf7mWZbEokXOXH9mDRNKfJQbr8-CSq9qzWVgiOIEjefdBxLOVFPyYAy437YSJqQ4sMCAchNs-sAYPQXpBdLZzkBZOJ2pi2nJZ95z-ad6S28gp-614MbhF-MIXbUY8HIPAjcm1xCNCAoTlAK8ts9rj3qArp4fIHqjJ0AS-BB2DNp9SqfNRlRs26Nmaxn0-70QDjdkFCzBBWNAKEdAw2-nWZ1_qhtQXiR4DlHdu-GrUoZ9hyL_qcGRFQYg71deTuudh_4MTpJR7W1Vz80lrQwguhg-DQheAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vS1U8fFm0SOXJ4NQjQ3eauC1jpQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69590
x-guploader-uploadid
ADPycdvNXhwiNu4xoVcJ42hilSPIRHALD7zD5Hf3wtHCPbX6ILgZz8gfHXg0sthzsTHAmQVME6-SSYz3rohz56QK4Uc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:36 GMT
server
cloudflare
etag
W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQmRBiHYWVwVrLmoQmr9KoZg0pTv0GXV73HEsqQPgW6tMfAg0iiwOpwoB0nSqDzsQ36WMkl3%2FbYPTNb3JsfjkCYkWoHjY69CwFPeS4rrSkgSuxdet6CR6CI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729196057447
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11922
cf-ray
6a41bac6180e426c-AMS
expires
Mon, 25 Oct 2021 11:26:58 GMT
pixel
cm.g.doubleclick.net/ Frame ACB5
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEOEqbj8QP4YJk_ev17_L9h4&google_cver=1&google_push=AYg5qPIKgyLWFnhRoA-KVRuJdPiDLuStB11osIHs1CjPDiVXEL2KNopoEsFAI0fdduCLuHEfnhIBf3-KTu2wUZpHKCJQ0DwW4NL0
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17DE5C7B864B46579AE4222FB6BB3A3D&google_push=AYg5qPIKgyLWFnhRoA-KVRuJdPiDLuStB11osIHs1CjPDiVXEL2KNopoEsFAI0fdduCLuHEfnhIBf3-KTu2wUZp...
0
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame ACB5 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELiZEGIdlx_7f-I-Vq1bOJ4&google_cver=1&google_push=AYg5qPI6JTJV_OLXHiebwltoWLkILOL0y7PgFhTaj7XiAdn-ESGj38un56lsGFFuuSjoqAvWiCKanT4C0NKFWV2w_kCFifWNwxaY
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
alt-svc
clear
adx
pr-bh.ybp.yahoo.com/sync/ Frame ACB5 		0
0
dot.gif
s0.2mdn.net/ Frame ACB5 		43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEO20rtuKvFbVWOk-lWWxFLI&google_cver=1&google_push=AYg5qPKvO9s9a5pt1sB3OQU0GnaSfe8nfjCr57UqnSpW3jiP5wNO-dKqFOiunNIRXUnlUckDyL4PFWBbp_PCaKOQ0yW1cG8FHVUZmw
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Oct 2021 06:46:48 GMT
/
c1.adform.net/serving/cookie/match/ Frame ACB5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPKstH5UbFVVUyKWY218GfPlzDtHuIMVt2yu0xKlEwjF7mUqsk-zJ5mT2oUV-m8RreOpHyaWyhDx...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPKstH5UbFVVUyKWY218GfPlzDtHuIMVt2yu0xKlEwjF7mUqsk-zJ5mT2oUV-m8RreOpHya...
0
0
/
b1sync.zemanta.com/usersync/googleadx/ Frame ACB5 		0
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame ACB5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame ACB5 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0CwNCtCsDoD3Et_xMxkdH3E9B1XDiA6AT5qqgVx6PVLC8iNatPl0mIPH6AlWe88zOUahp
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
integrator.js
adservice.google.de/adsid/ Frame 11E4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 11E4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 11E4 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=507165796166891&correlator=1812496309068578&output=ldjh&impl=fif&eid=31063082%2C31063262%2C31062524%2C31062931&vrg=2021102001&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=1&eri=1&cust_params=GS%3DYes%26OS%3DOther%26FC%3D1&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230808&dt=1635230808013&dlt=1635230804581&idt=2008&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=7t6t6roiuay3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=67234239.1635230807&ga_sid=1635230807&ga_hid=2096104949&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
18fa61ac88a1157f1adcf1880d1062c6855751dbc5dbd231aa7469bdf24a2ca3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10505
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D75A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxNWvV6R3YaTjGuWV9u8Po-awwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBN8BT9A-cU5EYiv9OwCr-Mons8ROEq4l3iyF1wTXtV1GBuH6pqKcS4mPy1rWKaIqtpYQpOGxJlsM0Wfd_pERa9IHyLMXrpf2NIZ7G404YsHZ4g6vT7NVU-TZYXhmYxp-iGpSbztjq6W3SUeZjg6V9mZCDq5gVSVjuCoYIS22J-r_rupU7mOCbhRqhUtkl3x96lZyJxMgnuMcpHuGB_Xz6K_GiJO5C4D_J_ddjXncoC2drBVy8hxB0mX3tqDpoqFuYStbIXPZOX86l8uokGEZnxLsHovGQzAO010u_oHDBsW92-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODiACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzI4MjU0NzExNDgwMDM0NxiQ_RI&sigh=1QxQoQsAK_Y&uach_m=[UACH]&cid=CAQSKQCNIrLM6Gtl-dWAKpovvWX7-rMjjkCP9e9DRmDA-xGpR6sLBjNZAwN-GAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame D75A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g0p78rgt7h31cnj1xc492rn9vk8hr3dnprvrqs9xhsdyfhze3jbt911e6pkgz7bdrk4rgz34rgbd3e6e2vrzj3pqrsw8yrb1tytj9192ctcsc8ygrc90ctjtxkmb51q5pyxp8s9y0s9qtnmrbbka3bqrw9fwj3dc75p84cmj2y7cj1w9t3xhzqsrv30mtm5fmbxsk8cs14c0kwp14q20e0qp3kf324zejt3pafr6g6mgchcfmv6srt46xwrcvqczxsf2r13y5jvbqg0b9kjgdaebbnerjjncmscm145vxs570pmsdqakawqrx9gchyp1td06pmvhhmgtcq69mt5b7n7v64kgbkehw2q635zsjg6dxvtn4ghv3wq1mv0axf29xphwxqvy53ezcxx&b=YXekVwAGsaQH_YrlAAwzIxTz4_pOg3Bg8A1qbA
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 9885 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jrsf3e0hyw39e401ecydtndakj74mnddzxws2dvm1n2ky99p9wh0mfsayydksmapt1q0eyagxfaehbd58hkzn80tg3jk3a9819n7vs2jdzr89njwr75zs4344mvfc49dbd4dsrjz7q3bq35dhy4caxmt4mmh6x15nym8qtysm7vgft53mf74z1ppcfe9k0smh20dvdxmzcj8s8y2cx931xsg6nvysbk0bk1p7xc4ceqqj1sz63cah1rnwg7ny3d19j70gsh517vx2d1d13da54cx4r6tjt7jt0gx9v7j39s70fcysatp39c1andh6kmgakh18p3vs872vynxxng474hjrans2v73vfb9x41hytdrgz96rs09ebe5cd90dbrbg70geapckv9ky2t1f5w3nrvk7hej7vbmkbtk0et0awaghh3acg9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpJ_3V6R3YaTjGuWV9u8Po-awwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9A-cU5EYiv9OwCr-Mons8ROEq4l3iyF1wTXtV1GBuH6pqKcS4mPy1rWKaIqtpYQpOGxJlsM0Wfd_pERa9IHyLMXrpf2NIZ7G404YsHZ4g6vT7NVU-TZYXhmYxp-iGpSbztjq6W3SUeZjg6V9mZCDq5gVSVjuCoYIS22J-r_rupU7mOCbhRqhUtkl3x96lZyJxMgnuMcpHuGB_Xz6K_GiJO5C4D_J_ddjXncoC2drBVy8hxB0mX3tqDpoqFuYStbIXPZOX86l8uokGEZn1DuExkRlrdOG9pmaFuKlDeEzyYkvuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0fw4LrM6Zx0CEzTi8qrS34XndUKQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04cbc0852faf80b98370ec34f4e2c36b8da18b2a7ecf1a5cb24c34c51c4b439f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1jrsf3e0hyw39e401ecydtndakj74mnddzxws2dvm1n2ky99p9wh0mfsayydksmapt1q0eyagxfaehbd58hkzn80tg3jk3a9819n7vs2jdzr89njwr75zs4344mvfc49dbd4dsrjz7q3bq35dhy4caxmt4mmh6x15nym8qtysm7vgft53mf74z1ppcfe9k0smh20dvdxmzcj8s8y2cx931xsg6nvysbk0bk1p7xc4ceqqj1sz63cah1rnwg7ny3d19j70gsh517vx2d1d13da54cx4r6tjt7jt0gx9v7j39s70fcysatp39c1andh6kmgakh18p3vs872vynxxng474hjrans2v73vfb9x41hytdrgz96rs09ebe5cd90dbrbg70geapckv9ky2t1f5w3nrvk7hej7vbmkbtk0et0awaghh3acg9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpJ_3V6R3YaTjGuWV9u8Po-awwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9A-cU5EYiv9OwCr-Mons8ROEq4l3iyF1wTXtV1GBuH6pqKcS4mPy1rWKaIqtpYQpOGxJlsM0Wfd_pERa9IHyLMXrpf2NIZ7G404YsHZ4g6vT7NVU-TZYXhmYxp-iGpSbztjq6W3SUeZjg6V9mZCDq5gVSVjuCoYIS22J-r_rupU7mOCbhRqhUtkl3x96lZyJxMgnuMcpHuGB_Xz6K_GiJO5C4D_J_ddjXncoC2drBVy8hxB0mX3tqDpoqFuYStbIXPZOX86l8uokGEZn1DuExkRlrdOG9pmaFuKlDeEzyYkvuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0fw4LrM6Zx0CEzTi8qrS34XndUKQ%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bac6384f426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame D75A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1506 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44407
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame D75A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D75A 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D75A 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:48 GMT
async_usersync
ib.adnxs.com/ Frame FE32 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0187976e-2ec5-477f-ad4b-f1735e4a1054
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame AAA9 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jmxw3g8vnk2nw1nxk76hfm3jfrtm64tyw2nk2hx6v7tt5t3bngcg4emvja9e48j99syc7frgjat724m0sd8aake4ztvs54nj655km389cz1z3n7jtjq95dmxwm0dzxz0tgqkqqjkxpgqvwfq58by18ddvffdwzp8dw7m1aqzgqa2nfz6x3kkjzczpw45a83mhjk9h71hd4v9c35n62yz4wt344ntk96knbfr55yk27npa72h992zcwxpsr9nkyprc5pbfw3vd0tb4v2p9tx08pj8bnw16kdh3vszz7p6y46mzsn57cvw087y5vem1919kskaa4d9g8m4xcfz76001expcs3qqvjkcmgvq089qy1hb532mwn2yw1s0wtnz83643wsvthj3f2v0v4qn3acz2ahvkd9ehjkpfnbc8debkt8h0r68bsc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jmxw3g8vnk2nw1nxk76hfm3jfrtm64tyw2nk2hx6v7tt5t3bngcg4emvja9e48j99syc7frgjat724m0sd8aake4ztvs54nj655km389cz1z3n7jtjq95dmxwm0dzxz0tgqkqqjkxpgqvwfq58by18ddvffdwzp8dw7m1aqzgqa2nfz6x3kkjzczpw45a83mhjk9h71hd4v9c35n62yz4wt344ntk96knbfr55yk27npa72h992zcwxpsr9nkyprc5pbfw3vd0tb4v2p9tx08pj8bnw16kdh3vszz7p6y46mzsn57cvw087y5vem1919kskaa4d9g8m4xcfz76001expcs3qqvjkcmgvq089qy1hb532mwn2yw1s0wtnz83643wsvthj3f2v0v4qn3acz2ahvkd9ehjkpfnbc8debkt8h0r68bsc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411082
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bac69925426c-AMS
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame AAA9 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jmxw3g8vnk2nw1nxk76hfm3jfrtm64tyw2nk2hx6v7tt5t3bngcg4emvja9e48j99syc7frgjat724m0sd8aake4ztvs54nj655km389cz1z3n7jtjq95dmxwm0dzxz0tgqkqqjkxpgqvwfq58by18ddvffdwzp8dw7m1aqzgqa2nfz6x3kkjzczpw45a83mhjk9h71hd4v9c35n62yz4wt344ntk96knbfr55yk27npa72h992zcwxpsr9nkyprc5pbfw3vd0tb4v2p9tx08pj8bnw16kdh3vszz7p6y46mzsn57cvw087y5vem1919kskaa4d9g8m4xcfz76001expcs3qqvjkcmgvq089qy1hb532mwn2yw1s0wtnz83643wsvthj3f2v0v4qn3acz2ahvkd9ehjkpfnbc8debkt8h0r68bsc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69590
x-guploader-uploadid
ADPycdvNXhwiNu4xoVcJ42hilSPIRHALD7zD5Hf3wtHCPbX6ILgZz8gfHXg0sthzsTHAmQVME6-SSYz3rohz56QK4Uc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:36 GMT
server
cloudflare
etag
W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jSKO4tXUOOV%2BjJTF7rNaxtkmcEc02HSUA1rI4uA7Hek9bDsIork0KMPI8ReI%2FhyrZ%2FRW7ANwNEmfmq7tTTnAvHiSuWJjHEEEotuAyJ3fKEepDYdRQ7%2FS8I%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729196057447
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11922
cf-ray
6a41bac69928426c-AMS
expires
Mon, 25 Oct 2021 11:26:58 GMT
cs
ad.turn.com/r/ Frame 41EC 		0
0
dpixel
cms.quantserve.com/ Frame 41EC 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENqjNHC7y5pqBVFPKXcoHts&google_cver=1&google_push=AYg5qPLCJYxr5rBOEESmmOPQHG_vH_FIIKoQTAsOZdJNcu1XX5AfjFMPl_okJ183pZTuA-U9cijzujXc0S8xcj-n5kzFb3y0lQbl
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.226 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
gcm
a.c.appier.net/ Frame 41EC 		0
0
pixel
cm.g.doubleclick.net/ Frame 41EC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIwsnHAQG4TUK6b1NEMIN4U&google_cver=1&google_push=AYg5qPIH9LnHwm-qOM3nuHWPRymvigkR5jXrHgvl0-cF6XIdAhCyR1_JXe087ca6SQkSFot9zBlMqLTaV34tYGIwm2tE...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIwsnHAQG4TUK6b1NEMIN4U&google_cver=1&google_push=AYg5qPIH9LnHwm-qOM3nuHWPRymvigkR5jXrHgvl0-cF6XIdAhCyR1_JXe087ca6SQkSFot9zBlMqLTaV34tYG...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIH9LnHwm-qOM3nuHWPRymvigkR5jXrHgvl0-cF6XIdAhCyR1_JXe087ca6SQkSFot9zBlMqLTaV34tYGIwm2tEkgvKLbi7CQ&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIH9LnHwm-qOM3nuHWPRymvigkR5jXrHgvl0-cF6XIdAhCyR1_JXe087ca6SQkSFot9zBlMqLTaV34tYGIwm2tEkgvKLbi7CQ&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIH9LnHwm-qOM3nuHWPRymvigkR5jXrHgvl0-cF6XIdAhCyR1_JXe087ca6SQkSFot9zBlMqLTaV34tYGIwm2tEkgvKLbi7CQ&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
Date
Tue, 26 Oct 2021 06:46:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 41EC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPL0jlCFgLZ0hJIB7ZzA31TLdg-br-gp6VXmquqeew-xIMXwQmOkaNZqtuRcjsIr3rd-jeFA_rWd...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM1MTA2Mjg5NTQ5Mzc3NjE3NA&google_push=AYg5qPL0jlCFgLZ0hJIB7ZzA31TLdg-br-gp6VXmquqeew-xIMXwQmOkaNZqtuRcjsIr3rd-jeFA_r...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM1MTA2Mjg5NTQ5Mzc3NjE3NA&google_push=AYg5qPL0jlCFgLZ0hJIB7ZzA31TLdg-br-gp6VXmquqeew-xIMXwQmOkaNZqtuRcjsIr3rd-jeFA_rWdJABHBhrdAhxAuFWtTfLrZg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM1MTA2Mjg5NTQ5Mzc3NjE3NA&google_push=AYg5qPL0jlCFgLZ0hJIB7ZzA31TLdg-br-gp6VXmquqeew-xIMXwQmOkaNZqtuRcjsIr3rd-jeFA_rWdJABHBhrdAhxAuFWtTfLrZg
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 41EC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPJrNbP8IUu0R67rVXo0W7k&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPJrNbP8IUu0R67rVXo0W7k&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXekWCieGtnP6ifADr2TcgAABHcAAAAB&google_gid=CAESEPJrNbP8IUu0R67rVXo0W7k&google_cver=1&google_push=AYg5qPLg7aUijGv9wsPyZu7w0YSwxJAw2jnk9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXekWCieGtnP6ifADr2TcgAABHcAAAAB&google_gid=CAESEPJrNbP8IUu0R67rVXo0W7k&google_cver=1&google_push=AYg5qPLg7aUijGv9wsPyZu7w0YSwxJAw2jnk9...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXekWCieGtnP6ifADr2TcgAABHcAAAAB&google_gid=CAESEPJrNbP8IUu0R67rVXo0W7k&google_cver=1&google_push=AYg5qPLg7aUijGv9wsPyZu7w0YSwxJAw2jnk9...
0
0
dot.gif
s0.2mdn.net/ Frame 41EC 		43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEED1ov7KovYknr6wrEtDxc8&google_cver=1&google_push=AYg5qPI3kf-O20cyEfzgctaiOp1IW8wzf9N5uYfyBBpcjL0OApf6XcI-89Z5y-5m3hkHbNcCNF6Tj4zc4UMMEyHyggEGaLa8z614lAY
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Oct 2021 06:46:48 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 41EC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxPQqNP_5hidK1qmCraihSe_6HwXZf_MWZO4p5ySXw66im-qO_72JEj9lUa4pnrd5cowqkJw
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
async_usersync
ib.adnxs.com/ Frame A091 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4855b283-c395-4e82-8b59-5a18026d36a6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3DAA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_push=AYg5qPJpqmo-T0ZcxWiJK60lnaSE6X7e_pZIEiIvbB8U6N5-1Qtp6UB0N3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_push=AYg5qPJpqmo-T0ZcxWiJK60lnaSE6X7e_pZIEiIvbB8U6N5-1Qtp6UB0N3HIUG4I5w1UY5ucajxrZF1CmcxmcTFtSMgOHWRvA0k
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1635230808.125580,VS0,VE90
x-served-by
cache-hhn4069-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_push=AYg5qPJpqmo-T0ZcxWiJK60lnaSE6X7e_pZIEiIvbB8U6N5-1Qtp6UB0N3HIUG4I5w1UY5ucajxrZF1CmcxmcTFtSMgOHWRvA0k
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 3DAA 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM_5LXJ2FNlA3MnbYFuUsB8&google_cver=1&google_push=AYg5qPLcGo6MsnWlLzq9L1p3f8U30z-ML7NHy2xsO8sA7MVMSiDWz_s0vdOKBu1i5tunHS50Z3sFLdtnEFi9O5cmZ7AxzjmdLSE
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3DAA
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELiZEGIdlx_7f-I-Vq1bOJ4&google_cver=1&google_push=AYg5qPJUNUpg2W5WND3UoIT5X2SJ8yQNnm8Gi7HPbF39dxkUjnZvRE3uWRiihFhZFtr2CIJKQawQkWTzlnDAfx...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJUNUpg2W5WND3UoIT5X2SJ8yQNnm8Gi7HPbF39dxkUjnZvRE3uWRiihFhZFtr2CIJKQawQkWTzlnDAfxvzs17NKjhEfA&google_hm=hmF3pFht5znJGcFr3Q&...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJUNUpg2W5WND3UoIT5X2SJ8yQNnm8Gi7HPbF39dxkUjnZvRE3uWRiihFhZFtr2CIJKQawQkWTzlnDAfxvzs17NKjhEfA&google_hm=hmF3pFht5znJGcFr3Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6177A4586DE739C919C16BDDBLIS
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPJUNUpg2W5WND3UoIT5X2SJ8yQNnm8Gi7HPbF39dxkUjnZvRE3uWRiihFhZFtr2CIJKQawQkWTzlnDAfxvzs17NKjhEfA&google_hm=hmF3pFht5znJGcFr3Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6177A4586DE739C919C16BDDBLIS
date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3DAA
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPJcZmHkAG4tDwZfhriXRE0hqvzO9yhOdZXUdBmsjEJZUNFMelQVwaPI95Pmjxx5nezyh1Op7wIO--QBi2_6eXWPwbo...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJcZmHkAG4tDwZfhriXRE0hqvzO9yhOdZXUdBmsjEJZUNFMelQVwaPI95Pmjxx5nezyh1Op7wIO--QBi2_6eXWPwboeex0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJcZmHkAG4tDwZfhriXRE0hqvzO9yhOdZXUdBmsjEJZUNFMelQVwaPI95Pmjxx5nezyh1Op7wIO--QBi2_6eXWPwboeex0
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJcZmHkAG4tDwZfhriXRE0hqvzO9yhOdZXUdBmsjEJZUNFMelQVwaPI95Pmjxx5nezyh1Op7wIO--QBi2_6eXWPwboeex0
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 3DAA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPIrKblLuSrTkcVC5LOmBdXqJ5dueMtUQtPPXl_TerMLPDIcpcr5q2NDpz4Kf4FMW44NFsVuPyBt...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1MzQ0Mzc2MDg2MjAxMjI3OA&google_push=AYg5qPIrKblLuSrTkcVC5LOmBdXqJ5dueMtUQtPPXl_TerMLPDIcpcr5q2NDpz4Kf4FMW44NFsVuPy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1MzQ0Mzc2MDg2MjAxMjI3OA&google_push=AYg5qPIrKblLuSrTkcVC5LOmBdXqJ5dueMtUQtPPXl_TerMLPDIcpcr5q2NDpz4Kf4FMW44NFsVuPyBtiy4XY8xIIVI5AcoxuQw
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTc1MzQ0Mzc2MDg2MjAxMjI3OA&google_push=AYg5qPIrKblLuSrTkcVC5LOmBdXqJ5dueMtUQtPPXl_TerMLPDIcpcr5q2NDpz4Kf4FMW44NFsVuPyBtiy4XY8xIIVI5AcoxuQw
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
b1sync.zemanta.com/usersync/googleadx/ Frame 3DAA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOTWl_FRqihe81hpW0K1uVU&google_cver=1&google_push=AYg5qPJewVEtad6I0-143t41woO9M8h8xMbVwRxa_JeaIns4TnfrzqaBajhHYzNrvIRCIImkr90j3ll3Q2vgw...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOTWl_FRqihe81hpW0K1uVU&google_push=AYg5qPJewVEtad6I0-143t41woO9M8h8xMbVwRxa_JeaIns4TnfrzqaBajhHYzNrvIRCIImkr90j3ll3Q2vgw...
0
0
pixel
cm.g.doubleclick.net/ Frame 3DAA
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESELEqbxDXWYkmcRTkDA1hP88&google_cver=1&google_push=AYg5qPIt9adKVOrN2B4540sSjH2uKs5laABg-QiE1brPWJ5WwLrsmDRFefDtiDLTbJ1vfYYzFSmWDbUccGkFVTDOYsq4kLVYFpE
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIt9adKVOrN2B4540sSjH2uKs5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIt9adKVOrN2B4540sSjH2uKs5laABg-QiE1brPWJ5WwLrsmDRFefDtiDLTbJ1vfYYzFSmWDbUccGkFVTDOYsq4kLVYFpE&gdpr=&gdpr_consent=
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIt9adKVOrN2B4540sSjH2uKs5laABg-QiE1brPWJ5WwLrsmDRFefDtiDLTbJ1vfYYzFSmWDbUccGkFVTDOYsq4kLVYFpE&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 26 Oct 2021 06:46:48 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3DAA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0G1CC1tq_yecSj-L0AAjEp7RKAS8-KpQ55uqB4cbHeReqEkgbuET-WvAT1Rk2ktA2AOD_
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame D073 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQy6wV6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr-bm1gPIAQmpAsWfM4y3d7M-4AIAqAMBqgTgAU_QjbNpQBk2EWkSo3zYrJser4_BmNrPdFNQHq6OLcPG7vLThXy9sYH_saRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go_SWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4_mpJSlQbMkrtwMlwC9M0rRmwpwfyU_4y4KvAOeuskD15CGgqAqS6-1wxzcTQCDVnPZr24iuRpqq2eFuB-9D_TZaGWKqEsnEf2kmQDeG3sfxvmHc24AQBgAazhJWjtJLDxGOgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMjgyNTQ3MTE0ODAwMzQ3GJD9Eg&sigh=qQglnbLdie8&uach_m=[UACH]&cid=CAQSKQCNIrLMKxT5ybrEb8cyYTU4Cd2RC3GRJwLuF5sUWha21mrD0uODKyK5GAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
creative
tracking.m6r.eu/impression/ Frame D073
Redirect Chain
  • https://tracking.m6r.eu/impression/creative?format=script&creativeLinkId=c353a180-a1ea-487d-a047-52014a213b0b&id=adx-auction%3A6177a457000726d90a77fb844302d76b&mbrUserId=fa5c8f50b3abeba1f95937f3f69...
  • https://tracking.m6r.eu/impression/creative?format=script&creativeLinkId=c353a180-a1ea-487d-a047-52014a213b0b&id=adx-auction%3A6177a457000726d90a77fb844302d76b&mbrUserId=fa5c8f50b3abeba1f95937f3f69...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.m6r.eu/impression/creative?format=script&creativeLinkId=c353a180-a1ea-487d-a047-52014a213b0b&id=adx-auction%3A6177a457000726d90a77fb844302d76b&mbrUserId=fa5c8f50b3abeba1f95937f3f693ff9c&adxPrice=YXekVwAGTfwKd7QDAAg7HlHSd4zBZ3J0v3sbLA&sync=adx&target=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr-bm1gPIAQmpAsWfM4y3d7M-4AIAqAMBqgTjAU_QjbNpQBk2EWkSo3zYrJser4_BmNrPdFNQHq6OLcPG7vLThXy9sYH_saRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go_SWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4_mpJSlQbMkrtwMlwC9M0rRmwpwfyU_4y4KvAOeuskD15CGgqAqS6-1wxzcTQCDVnPZr24iuRpqq2eFuB-9D_TZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qM13_ohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca-pub-3282547114800347%26adurl%3D&checkcookies=true
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.251.244.140 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3174e00c2838db0ad4eef9db201439c4f76fa784b2e965e61c3957ebf4f44a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 06:46:48 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Transfer-Encoding
chunked
Connection
close
Content-Type
text/javascript; charset=utf-8

Redirect headers

Location
https://tracking.m6r.eu/impression/creative?format=script&creativeLinkId=c353a180-a1ea-487d-a047-52014a213b0b&id=adx-auction%3A6177a457000726d90a77fb844302d76b&mbrUserId=fa5c8f50b3abeba1f95937f3f693ff9c&adxPrice=YXekVwAGTfwKd7QDAAg7HlHSd4zBZ3J0v3sbLA&sync=adx&target=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr-bm1gPIAQmpAsWfM4y3d7M-4AIAqAMBqgTjAU_QjbNpQBk2EWkSo3zYrJser4_BmNrPdFNQHq6OLcPG7vLThXy9sYH_saRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go_SWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4_mpJSlQbMkrtwMlwC9M0rRmwpwfyU_4y4KvAOeuskD15CGgqAqS6-1wxzcTQCDVnPZr24iuRpqq2eFuB-9D_TZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qM13_ohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca-pub-3282547114800347%26adurl%3D&checkcookies=true
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
nginx
Connection
close
Content-Length
1034
Vary
Accept
Content-Type
text/plain; charset=utf-8
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame D073 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A180 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44407
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame D073 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D073 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D073 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:48 GMT
async_usersync
ib.adnxs.com/ Frame 8143 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0cc1b7de-7714-4546-8c23-35dbb0492630
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame B944 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgr571q15v7a7m59qy5ddyk7ce9dt86px5grcbe5sef7s6jgqq9hxm8a2wt1p7y30yjkjd65pgwmdd0xyc3yvyh24s764srhqzv7yzmefk7paj3z7hd2kac0xpxsjkzbpv2sa0cayp9mc64x47njjdz4ma2svqmksegym8wn03djdmq6bejh108jvz9seev7340mb114rhj6gft0mvvgqh3rdarmy2nxbavz78z6gp1yzybfedrtedje5gnx4wzjqwvvkjqzdp60zvv0c4nqrev2f6074yqy7sswxgg58r3z60djkyjgh8xarn2s5byh50s9c28ch0wc744cxt7ekz92rnd2jhe8wtax5kktq9hbwtj0g5d7fwjd1wkeqeywe13tgf2xxxb3xxvhjwhhaqd81gx46xyd0j1cwgytyk28n3696450&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChp_AV6R3YcTxCfPg7_UP65O_6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9AErV1Ql1r9jSmzKwuoUmFqfykbCvBjnJHMaBbum72TL3ZHxWaAMQN98Q5wSI0FhZ329DPvUhsb_ze_fA7xqZF0MHEKnNtCuo1F2z2nFpHhx3YuHTv8PKth6-EvAgmivOnAx-oukRtcFTVyOaA-o4VatpgNLuJ1S6qgaKWzfeVvdMb6LI9oVj0SrCe5IWrD-UVy5L3QjlkS7RB9Arz7OeZI421aQFrVhaokgtRYbzNamt2bId4ogNLhD9FjZPU1KIg_35tN9UDuC68p_FjtNU-pXlA5asRNnZDqd2Y6F_MfPeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZFhRIXNzi9EZrE1ERMKxdhMM74g%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kgr571q15v7a7m59qy5ddyk7ce9dt86px5grcbe5sef7s6jgqq9hxm8a2wt1p7y30yjkjd65pgwmdd0xyc3yvyh24s764srhqzv7yzmefk7paj3z7hd2kac0xpxsjkzbpv2sa0cayp9mc64x47njjdz4ma2svqmksegym8wn03djdmq6bejh108jvz9seev7340mb114rhj6gft0mvvgqh3rdarmy2nxbavz78z6gp1yzybfedrtedje5gnx4wzjqwvvkjqzdp60zvv0c4nqrev2f6074yqy7sswxgg58r3z60djkyjgh8xarn2s5byh50s9c28ch0wc744cxt7ekz92rnd2jhe8wtax5kktq9hbwtj0g5d7fwjd1wkeqeywe13tgf2xxxb3xxvhjwhhaqd81gx46xyd0j1cwgytyk28n3696450&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChp_AV6R3YcTxCfPg7_UP65O_6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9AErV1Ql1r9jSmzKwuoUmFqfykbCvBjnJHMaBbum72TL3ZHxWaAMQN98Q5wSI0FhZ329DPvUhsb_ze_fA7xqZF0MHEKnNtCuo1F2z2nFpHhx3YuHTv8PKth6-EvAgmivOnAx-oukRtcFTVyOaA-o4VatpgNLuJ1S6qgaKWzfeVvdMb6LI9oVj0SrCe5IWrD-UVy5L3QjlkS7RB9Arz7OeZI421aQFrVhaokgtRYbzNamt2bId4ogNLhD9FjZPU1KIg_35tN9UDuC68p_FjtNU-pXlA5asRNnZDqd2Y6F_MfPeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZFhRIXNzi9EZrE1ERMKxdhMM74g%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411082
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bac6c981426c-AMS
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame B944 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kgr571q15v7a7m59qy5ddyk7ce9dt86px5grcbe5sef7s6jgqq9hxm8a2wt1p7y30yjkjd65pgwmdd0xyc3yvyh24s764srhqzv7yzmefk7paj3z7hd2kac0xpxsjkzbpv2sa0cayp9mc64x47njjdz4ma2svqmksegym8wn03djdmq6bejh108jvz9seev7340mb114rhj6gft0mvvgqh3rdarmy2nxbavz78z6gp1yzybfedrtedje5gnx4wzjqwvvkjqzdp60zvv0c4nqrev2f6074yqy7sswxgg58r3z60djkyjgh8xarn2s5byh50s9c28ch0wc744cxt7ekz92rnd2jhe8wtax5kktq9hbwtj0g5d7fwjd1wkeqeywe13tgf2xxxb3xxvhjwhhaqd81gx46xyd0j1cwgytyk28n3696450&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChp_AV6R3YcTxCfPg7_UP65O_6AeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9AErV1Ql1r9jSmzKwuoUmFqfykbCvBjnJHMaBbum72TL3ZHxWaAMQN98Q5wSI0FhZ329DPvUhsb_ze_fA7xqZF0MHEKnNtCuo1F2z2nFpHhx3YuHTv8PKth6-EvAgmivOnAx-oukRtcFTVyOaA-o4VatpgNLuJ1S6qgaKWzfeVvdMb6LI9oVj0SrCe5IWrD-UVy5L3QjlkS7RB9Arz7OeZI421aQFrVhaokgtRYbzNamt2bId4ogNLhD9FjZPU1KIg_35tN9UDuC68p_FjtNU-pXlA5asRNnZDqd2Y6F_MfPeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZFhRIXNzi9EZrE1ERMKxdhMM74g%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69590
x-guploader-uploadid
ADPycdvNXhwiNu4xoVcJ42hilSPIRHALD7zD5Hf3wtHCPbX6ILgZz8gfHXg0sthzsTHAmQVME6-SSYz3rohz56QK4Uc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:36 GMT
server
cloudflare
etag
W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdSiBRuxzNnk7L4i3z6GDRUkWY1U3dh7BuBuoPtp9V%2FVT3970kabew9eI0QVg7Mg3jEnsDlfYhJ0ZglTGImy4wXSnUOmKKv3C%2FFJolKXwVXvzS4oDW9CGdY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729196057447
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11922
cf-ray
6a41bac6c984426c-AMS
expires
Mon, 25 Oct 2021 11:26:58 GMT
async_usersync
ib.adnxs.com/ Frame 2309 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a192a62d-fcc2-482f-8e21-eba073732766
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame A386 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/SLM/sorrelma.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sorrelma.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3976595427479291674; icu=ChgIzYVEEAoYCSAJKAkw18jeiwY4CUAJSAkQ18jeiwYYCA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Wed, 27 Oct 2021 06:46:50 GMT
Date
Tue, 26 Oct 2021 06:46:48 GMT
Connection
keep-alive
Vary
Accept-Encoding
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame E8C2 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gm6enez85w06mzc576yzwzv7x2wrf4tqp1n74z2vhrynrn63c5q7xd2j8a2bcf7pfbkq50ymsn96ah2qqm3c4a23kwxd4tz70scq4y1pp04wytd1b5w4bh3grg9h0ban370h98798v605h106wzh37bvr37fnv165gt6bdk08tpya1wwnsxnvcgm9839xtfz5wj6j0kd1kdrzcnxc6bvnms0qjgnwffez1xfh24vhmcqqmxcy9b7bt3t7v8khj20tc5nn69gnwd9ykd65nyaesbmswa9t7rjadzbzq7z93by5f9p7d6xyy7vtmgnwpx2etp677envz3za1eatmz6njw28k05xr1sg6r3exypkjke7hz6mhcwwm5y36smh8rdg7xnt2yewaap7t0myea66y3bzgsvwes6sjemebvr4cqxq1ctr8sm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUZnV6R3Yc6cDNuV9u8P1Yy8wAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCxZ8zjLd3sz7gAgCoAwGqBOIBT9AMCdT9u9QnbG2tkd_t-FYEUcG47LLumiVf5hGgjqjMuaUvBuk-F1yk9mVRYUnY8yXWUN-HDL5MPF6gvcr2mXsLUdM48BLhPiaFhpco9AwCNuquI5nAczu9_Bnnev53HbXUixcyrfmDmzh31kKoCSZTsBmJPnF6k08SRpaPtf0q7215f24QhQDYxxMfsaSJjq8YHUn5wlMeQflBSUEZ6LUklbxcZdt6helP-lKHH1yORvbm2SRCZw6S1g54N3k4kbfoa9PWyGmDL5N89xl5Jho5IpiUaAjNHmAYD94kba0XJeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11xDzdiv0bdbQ5P9nTh0na6bERVA%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gm6enez85w06mzc576yzwzv7x2wrf4tqp1n74z2vhrynrn63c5q7xd2j8a2bcf7pfbkq50ymsn96ah2qqm3c4a23kwxd4tz70scq4y1pp04wytd1b5w4bh3grg9h0ban370h98798v605h106wzh37bvr37fnv165gt6bdk08tpya1wwnsxnvcgm9839xtfz5wj6j0kd1kdrzcnxc6bvnms0qjgnwffez1xfh24vhmcqqmxcy9b7bt3t7v8khj20tc5nn69gnwd9ykd65nyaesbmswa9t7rjadzbzq7z93by5f9p7d6xyy7vtmgnwpx2etp677envz3za1eatmz6njw28k05xr1sg6r3exypkjke7hz6mhcwwm5y36smh8rdg7xnt2yewaap7t0myea66y3bzgsvwes6sjemebvr4cqxq1ctr8sm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUZnV6R3Yc6cDNuV9u8P1Yy8wAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCxZ8zjLd3sz7gAgCoAwGqBOIBT9AMCdT9u9QnbG2tkd_t-FYEUcG47LLumiVf5hGgjqjMuaUvBuk-F1yk9mVRYUnY8yXWUN-HDL5MPF6gvcr2mXsLUdM48BLhPiaFhpco9AwCNuquI5nAczu9_Bnnev53HbXUixcyrfmDmzh31kKoCSZTsBmJPnF6k08SRpaPtf0q7215f24QhQDYxxMfsaSJjq8YHUn5wlMeQflBSUEZ6LUklbxcZdt6helP-lKHH1yORvbm2SRCZw6S1g54N3k4kbfoa9PWyGmDL5N89xl5Jho5IpiUaAjNHmAYD94kba0XJeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11xDzdiv0bdbQ5P9nTh0na6bERVA%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411082
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bac6d9ab426c-AMS
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame E8C2 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gm6enez85w06mzc576yzwzv7x2wrf4tqp1n74z2vhrynrn63c5q7xd2j8a2bcf7pfbkq50ymsn96ah2qqm3c4a23kwxd4tz70scq4y1pp04wytd1b5w4bh3grg9h0ban370h98798v605h106wzh37bvr37fnv165gt6bdk08tpya1wwnsxnvcgm9839xtfz5wj6j0kd1kdrzcnxc6bvnms0qjgnwffez1xfh24vhmcqqmxcy9b7bt3t7v8khj20tc5nn69gnwd9ykd65nyaesbmswa9t7rjadzbzq7z93by5f9p7d6xyy7vtmgnwpx2etp677envz3za1eatmz6njw28k05xr1sg6r3exypkjke7hz6mhcwwm5y36smh8rdg7xnt2yewaap7t0myea66y3bzgsvwes6sjemebvr4cqxq1ctr8sm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQUZnV6R3Yc6cDNuV9u8P1Yy8wAqQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCxZ8zjLd3sz7gAgCoAwGqBOIBT9AMCdT9u9QnbG2tkd_t-FYEUcG47LLumiVf5hGgjqjMuaUvBuk-F1yk9mVRYUnY8yXWUN-HDL5MPF6gvcr2mXsLUdM48BLhPiaFhpco9AwCNuquI5nAczu9_Bnnev53HbXUixcyrfmDmzh31kKoCSZTsBmJPnF6k08SRpaPtf0q7215f24QhQDYxxMfsaSJjq8YHUn5wlMeQflBSUEZ6LUklbxcZdt6helP-lKHH1yORvbm2SRCZw6S1g54N3k4kbfoa9PWyGmDL5N89xl5Jho5IpiUaAjNHmAYD94kba0XJeAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_11xDzdiv0bdbQ5P9nTh0na6bERVA%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69590
x-guploader-uploadid
ADPycdvNXhwiNu4xoVcJ42hilSPIRHALD7zD5Hf3wtHCPbX6ILgZz8gfHXg0sthzsTHAmQVME6-SSYz3rohz56QK4Uc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:36 GMT
server
cloudflare
etag
W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgm%2BvINtBrXjcNpfilkhiyd6Y%2FUYztxZbXiYT1VBo3L%2Bwsp7Mq2F%2F3x04PeOnwOTNcyWm2wbxzHxVNz8KJBQHmrgzzQYE0taK2oTqzL%2BSCmqrzAMYWDhy%2Bc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729196057447
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11922
cf-ray
6a41bac6d9b0426c-AMS
expires
Mon, 25 Oct 2021 11:26:58 GMT
frame.html
ad4m.at/ Frame 3ED1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:48 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015224
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwCYW98JDKkbSd706VMloIMymU8yflCDdTBVrBfyer1NMPqUMwXSwXcYLLWi%2B7o5wuuUMAyShxVvQNxWnmLH4HHwN%2Fxdf6g0VOcCv7yCzduVj6r5fttyKCg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bac6d9ad426c-AMS
content-encoding
br
async_usersync
ib.adnxs.com/ Frame 93CE 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fbd891b9-f690-4fe1-98f1-97dc898545ef
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
frame.html
ad4m.at/ Frame 32BA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:48 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015224
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgPO6kZqVzRy5oSMystEwcM8mbXvF6%2FUmMYG4yZwJpfi%2BGtTqD0npQ9xR46eCnkpen1bPC1NY29WXwdAaQ9NWz3KOD0fswZb9QLLcBSx2GeCjERktpaRhRk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bac6d9b7426c-AMS
content-encoding
br
integrator.js
adservice.google.de/adsid/ Frame 9940 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9940 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9940 		55 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1063323530164287&correlator=3020711409702168&output=ldjh&impl=fif&eid=31063136%2C31063272%2C21068030%2C21068766&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=1&prev_scp=hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D373c51e5bca96d%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D373c51e5bca96d%26hb_bidder%3Dappnexus&eri=1&cust_params=GS%3DYes%26OS%3DOther%26FC%3D1&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230808&dt=1635230808130&dlt=1635230804605&idt=2176&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=k27z98h3olyp&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=619093451.1635230807&ga_sid=1635230807&ga_hid=219653584&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a1c0f40e229c0b8fe57814d79102dea0f892e053967f66783f67b9c035f278d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17172
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C4DC 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8d58c751f457783137834d253633dbaebcce59931c18ad5a6dcc8b3c9bd328df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8469
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DAE0 		0
0
container.html
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8B28 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8EA1 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b7e5c41694a58d2c18eefa4d7897bdc10568fc3fc634d4d2c67f30ef732724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8626
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame F72C 		0
0
container.html
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FBAD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
adview
securepubads.g.doubleclick.net/pagead/ Frame 3729 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKgKHVqR3Yeb2N-rO7_UP67qk6ASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBN8BT9CLz3T7jhPROwYIB7xf7mWZbEokXOXH9mDRNKfJQbr8-CSq9qzWVgiOIEjefdBxLOVFPyYAy437YSJqQ4sMCAchNs-sAYPQXpBdLZzkBZOJ2pi2nJZ95z-ad6S28gp-614MbhF-MIXbUY8HIPAjcm1xCNCAoTlAK8ts9rj3qArp4fIHqjJ0AS-BB2DNp9SqfNRlRs26Nmaxn0-70QDjdkFCzBBWNAKEdAw2-nWZ1_qhtQXiR4DlHdu-GrUoZ9hyL_qcGRFQYg71deTuuZp97VY-8JmWHdu0RICZUPmYl-AEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODiACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzI4MjU0NzExNDgwMDM0NxiQ_RI&sigh=NgUPWALoUSY&uach_m=[UACH]&cid=CAQSKQCNIrLMNUfhnsAGBh_n0-S1u5Sci-aGLJcr7RHgHLQgyomXVm5cZfdUGAE&cbvp=2&vis=1
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 3729 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hx4grwmk3z67pvw28tz5xdrma06xztf5rm92tcccsxevg8fs5080fbkfp4gd92x1p8zsqa9frds84fhmmmpr9c5mmzkajbjss5ge91vjnzkfv8ng0xv38s8acycv72zhemmeqtxjq8j2zyrhw622dke4hfb7anzq2rxvna5k5dns7w7dsw98bx9j4atwsrpx75yayqrjf7whzm9tqffxfkr1qeygedm86dbn0v62x5vma9yq00gtdg7ryhpny435n8xzpsapd0fpazqrh5x6my8ykd4mp272v6mgvh6zra597x20vcd92jz7bpkdqc655j628z8hcbz0dnrcf2edzv4vfbzjvy56k5j9n4ygcwky249zjt0cbfkkeewyd6kqdtwkyjaayspfpg9&b=YXekVgAN-2YIu-dqAAkda08Oh2UXX5TOqsA0hw&cbvp=2
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4AA8
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAkOKuOR3K6tNpRJJ7V33yg&google_cver=1&google_push=AYg5qPLkrtB8frq5Di0TipK14f7nXeW-x-7Jd_-WXJdefyuro5M8OVLaAVZiu_XzDlxAvreg2woDVJnLJaO-QDfq...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=M2lwVZhISqKBQ7mvRMIVMg2&google_push=AYg5qPLkrtB8frq5Di0TipK14f7nXeW-x-7Jd_-WXJdefyuro5M8OVLaAVZiu_XzDlxAvreg2woDVJnLJaO-QDfqyKa9TIo_Rg-Qvg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=M2lwVZhISqKBQ7mvRMIVMg2&google_push=AYg5qPLkrtB8frq5Di0TipK14f7nXeW-x-7Jd_-WXJdefyuro5M8OVLaAVZiu_XzDlxAvreg2woDVJnLJaO-QDfqyKa9TIo_Rg-Qvg
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=M2lwVZhISqKBQ7mvRMIVMg2&google_push=AYg5qPLkrtB8frq5Di0TipK14f7nXeW-x-7Jd_-WXJdefyuro5M8OVLaAVZiu_XzDlxAvreg2woDVJnLJaO-QDfqyKa9TIo_Rg-Qvg
x-host
tde-deliveryengine-production-7f8fcb5db4-fz9pv
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4AA8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELEMrX5n7ZyXDEVy7z6rZYg&google_cver=1&google_push=AYg5qPJmW3Cfh2Pb47vvC4B0SP5m8xdF0Fd8o9KU3P4gGiY9_oPos9IxuyB9S4FC5EhGEHHHizrkHe9p09zkwBBDC5T4Q2o...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJmW3Cfh2Pb47vvC4B0SP5m8xdF0Fd8o9KU3P4gGiY9_oPos9IxuyB9S4FC5EhGEHHHizrkHe9p09zkwBBDC5T4Q2oOMc1Vnw&google_hm=MTQwMzA3NjkyMzcyMjc3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJmW3Cfh2Pb47vvC4B0SP5m8xdF0Fd8o9KU3P4gGiY9_oPos9IxuyB9S4FC5EhGEHHHizrkHe9p09zkwBBDC5T4Q2oOMc1Vnw&google_hm=MTQwMzA3NjkyMzcyMjc3MDg0Mg%3D%3D
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJmW3Cfh2Pb47vvC4B0SP5m8xdF0Fd8o9KU3P4gGiY9_oPos9IxuyB9S4FC5EhGEHHHizrkHe9p09zkwBBDC5T4Q2oOMc1Vnw&google_hm=MTQwMzA3NjkyMzcyMjc3MDg0Mg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 4AA8
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEAJl9XfjGV92pfjgA8o9Wkc&google_cver=1&google_push=AYg5qPL68budzDjznQ7MIY3TsSJdYTwA52AQdAcZGS3-Hdk35IiHgutcw6Uk5Hrc5Ap5g...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPL68budzDjznQ7MIY3TsSJdYTwA52AQdAcZGS3-Hdk35IiHgutcw6Uk5Hrc5Ap5gldde2FynyjBKI-2WSiIKuf03N9IkvWD&google_hm=QXVIYXNLeWlUeDR3R19QZzAx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPL68budzDjznQ7MIY3TsSJdYTwA52AQdAcZGS3-Hdk35IiHgutcw6Uk5Hrc5Ap5gldde2FynyjBKI-2WSiIKuf03N9IkvWD&google_hm=QXVIYXNLeWlUeDR3R19QZzAxSXhxeGc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPL68budzDjznQ7MIY3TsSJdYTwA52AQdAcZGS3-Hdk35IiHgutcw6Uk5Hrc5Ap5gldde2FynyjBKI-2WSiIKuf03N9IkvWD&google_hm=QXVIYXNLeWlUeDR3R19QZzAxSXhxeGc=
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
exptsync
ads.yieldmo.com/ Frame 4AA8 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/exptsync?google_gid=CAESEE4xiGVSR6kA1ezI2Ldeuzo&google_cver=1&google_push=AYg5qPJbqcgAm76Tha_S95_mTFimh_j4HOp2udrkvDOBSSHUniSBr-o0Z7kHrhQSJNZqT0BlAmnTtZ-SVkt3H_hg2GtQK80V5DL6
Requested by
Host: 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
URL: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.74.33 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
pixel
cm.g.doubleclick.net/ Frame 4AA8
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEPe_uP3BEH3eKSn9P3DFk38&google_cver=1&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA...
0
0
sync
rtb2-useast.e-volution.ai/ Frame 4AA8 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEPo6yGcdmiUzINuffssJ57M&google_cver=1&google_push=AYg5qPK86kEQqf7DMKkpgpur9d5ppkZzdVJEVuKTF3ED4FDUK-WbLFKBbsa6pGU4P4Z_DicVUX3-P1-ERuuxVPNaosPH25WNLWcI2Xg
Requested by
Host: 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
URL: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 4AA8
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEG0vBDR4lGTixmo8MAvRtQc&google_cver=1&google_push=AYg5qPKfsgWtfZRIrNrNANOiimdGgePnyYglolgGMbIQ5TmFu1imk8iDnEgbUWgjKaWAULYOL9g_SPCOwoahUTmaT...
  • https://sm.rtb.mts.ru/match/second?ssp=12&google_push=AYg5qPKfsgWtfZRIrNrNANOiimdGgePnyYglolgGMbIQ5TmFu1imk8iDnEgbUWgjKaWAULYOL9g_SPCOwoahUTmaTrloS7hRzo-0QHc&exu=CAESEG0vBDR4lGTixmo8MAvRtQc
  • https://tech.rtb.mts.ru/?dsp_uid=40c407a6-02d6-4fb7-885d-9368f0fcea3c&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D40c407a6-02d6-4fb7-885d-9368f0fcea3c%26g...
  • https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=40c407a6-02d6-4fb7-885d-9368f0fcea3c&google_push=AYg5qPKfsgWtfZRIrNrNANOiimdGgePnyYglolgGMbIQ5TmFu1imk8iDnEgbUWgjKaWAULYOL9g_SPCOwoahUTma...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=40c407a6-02d6-4fb7-885d-9368f0fcea3c&google_push=AYg5qPKfsgWtfZRIrNrNANOiimdGgePnyYglolgGMbIQ5TmFu1imk8iDnEgbUWgjKaWAULYOL9g_SPCOwoahUTmaTrloS7hRzo-0QHc
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=40c407a6-02d6-4fb7-885d-9368f0fcea3c&google_push=AYg5qPKfsgWtfZRIrNrNANOiimdGgePnyYglolgGMbIQ5TmFu1imk8iDnEgbUWgjKaWAULYOL9g_SPCOwoahUTmaTrloS7hRzo-0QHc
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
attr
cm.g.doubleclick.net/pixel/ Frame 4AA8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbW62yfcOTslFaSRw4RmO7_BxN2MH3jUcIeX1P76fdXwTJikse0714H5vjN7Qle0Dzs7jtCvY
Requested by
Host: 9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
URL: https://9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 9B0F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJtMei8Ek6WhrpiwwuYLpgK8gzJYRNiNPJFlBd0oNS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJtMei8Ek6WhrpiwwuYLpgK8gzJYRNiNPJFlBd0oNS0kGKbh0qANdWQpKBzD-u5C0GHfCQiMxreRgin-di1a5WbOxTMYBio
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJtMei8Ek6WhrpiwwuYLpgK8gzJYRNiNPJFlBd0oNS0kGKbh0qANdWQpKBzD-u5C0GHfCQiMxreRgin-di1a5WbOxTMYBio
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9B0F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKhfKQ6oRdfnCBMCuWY7QqM&google_cver=1&google_push=AYg5qPKioXp5jwEEXRdKyVpCCko-_Y-dDNOmhKtvlpYf2x0n6qs6XG7H2lWPggod5bTUk2C71BvK7WdV079CLoRC...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=L6Rhd6RXQwC91ELUV_tyvA&google_push=AYg5qPKioXp5jwEEXRdKyVpCCko-_Y-dDNOmhKtvlpYf2x0n6qs6XG7H2lWPggod5bTUk2C71BvK7WdV079CLoRCiHJhgNZx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=L6Rhd6RXQwC91ELUV_tyvA&google_push=AYg5qPKioXp5jwEEXRdKyVpCCko-_Y-dDNOmhKtvlpYf2x0n6qs6XG7H2lWPggod5bTUk2C71BvK7WdV079CLoRCiHJhgNZxL_fv
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
MT3 4044 0c7f252 master zrh-pixel-x11 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=L6Rhd6RXQwC91ELUV_tyvA&google_push=AYg5qPKioXp5jwEEXRdKyVpCCko-_Y-dDNOmhKtvlpYf2x0n6qs6XG7H2lWPggod5bTUk2C71BvK7WdV079CLoRCiHJhgNZxL_fv
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 26 Oct 2021 06:46:47 GMT
pixel
cm.g.doubleclick.net/ Frame 9B0F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGNTg8Zk214pK5XCX5Z5jhU&google_cver=1&google_push=AYg5qPI_hJtlfCjocm2ycuYjCpCpLHpLo3FEOYxWycKVFJTdaXoLMtHiQWZ2PG1bsWwbhbeWbZLObwO0D_pZWh...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzI2Mjg0MTc3MTk4MDkzOQ%3D%3D&google_push=AYg5qPI_hJtlfCjocm2ycuYjCpCpLHpLo3FEOYxWycKVFJTdaXoLMtHiQWZ2PG1bsWwbhbeWbZLObwO0D_pZWhimxd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzI2Mjg0MTc3MTk4MDkzOQ%3D%3D&google_push=AYg5qPI_hJtlfCjocm2ycuYjCpCpLHpLo3FEOYxWycKVFJTdaXoLMtHiQWZ2PG1bsWwbhbeWbZLObwO0D_pZWhimxd4Qe99_0ce_
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzI2Mjg0MTc3MTk4MDkzOQ%3D%3D&google_push=AYg5qPI_hJtlfCjocm2ycuYjCpCpLHpLo3FEOYxWycKVFJTdaXoLMtHiQWZ2PG1bsWwbhbeWbZLObwO0D_pZWhimxd4Qe99_0ce_
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
gcm
a.c.appier.net/ Frame 9B0F 		0
0
pixel
cm.g.doubleclick.net/ Frame 9B0F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKgHrq6R5LT4cUsThnDE4gE&google_cver=1&google_push=AYg5qPL4H12NMT65aRZVFuk12fhMHlcXvN-xMEUQOPbU5becIqx1mmbuuWWmaNLZo2qoHnBw1ZJDG-uLEGQI2kl...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tE-UdoBcQutd6jgZOPDuT9iDby4&google_push=AYg5qPL4H12NMT65aRZVFuk12fhMHlcXvN-xMEUQOPbU5becIqx1mmbuuWWmaNLZo2qoHnBw1ZJDG-uLEGQI2k...
0
0
/
cc.adingo.jp/adx/push/ Frame 9B0F 		0
0
pixel
cm.g.doubleclick.net/ Frame 9B0F
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEMJq9upkybf00gaAWM7QgVI&google_cver=1&google_push=AYg5qPLsFYzp9bZ8RwSmGYVIs_AeS-vDBDHBNoGydkuxeJ6uYunwu1tRTUpZIavYeta-vFJROFFfBgoVBzkGLjV-hntso4b...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLsFYzp9bZ8RwSmGYVIs_AeS-vDBDHBNoGydkuxeJ6uYunwu1tRTUpZIavYeta-vFJROFFfBgoVBzkGLjV-hntso4bBJkbV&google_hm=Mjg5NTI0NzE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLsFYzp9bZ8RwSmGYVIs_AeS-vDBDHBNoGydkuxeJ6uYunwu1tRTUpZIavYeta-vFJROFFfBgoVBzkGLjV-hntso4bBJkbV&google_hm=Mjg5NTI0NzE5MDQwMDEwMjYwOQ==
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLsFYzp9bZ8RwSmGYVIs_AeS-vDBDHBNoGydkuxeJ6uYunwu1tRTUpZIavYeta-vFJROFFfBgoVBzkGLjV-hntso4bBJkbV&google_hm=Mjg5NTI0NzE5MDQwMDEwMjYwOQ==
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame 9B0F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3JUfDqsISSqZNoDsfZv83X-y2syx6c2EtLyd4kyHio44RfWH2uROu7Js4OscrndbwVBcgNQ
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 4336
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAkOKuOR3K6tNpRJJ7V33yg&google_cver=1&google_push=AYg5qPIadxOP_yMTq758SIM1Rr2P50mWCp5ueZJqGMYqZ_3eA0JxqcDyWYpgsh3Smjjur5edbX7bht3wHFbKOX7h...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4uGdcOA3Tyi_YQbVVm72Hw2&google_push=AYg5qPIadxOP_yMTq758SIM1Rr2P50mWCp5ueZJqGMYqZ_3eA0JxqcDyWYpgsh3Smjjur5edbX7bht3wHFbKOX7hWxsqvIkvfU4T
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4uGdcOA3Tyi_YQbVVm72Hw2&google_push=AYg5qPIadxOP_yMTq758SIM1Rr2P50mWCp5ueZJqGMYqZ_3eA0JxqcDyWYpgsh3Smjjur5edbX7bht3wHFbKOX7hWxsqvIkvfU4T
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4uGdcOA3Tyi_YQbVVm72Hw2&google_push=AYg5qPIadxOP_yMTq758SIM1Rr2P50mWCp5ueZJqGMYqZ_3eA0JxqcDyWYpgsh3Smjjur5edbX7bht3wHFbKOX7hWxsqvIkvfU4T
x-host
tde-deliveryengine-production-7f8fcb5db4-fz9pv
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4336
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELQp2NWFqDAmJ4GUspa7HLk&google_cver=1&google_push=AYg5qPLbGQCWRQQtpBoLWy8jVFzheH_55DRD-sIw7RtmCsZpgbev2SQupv5awpa34mSnyDGI2tf5c1uWfi...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELQp2NWFqDAmJ4GUspa7HLk&google_cver=1&google_push=AYg5qPLbGQCWRQQtpBoLWy8jVFzheH_55DRD-sIw7RtmCsZpgbev2SQupv5awpa34mSnyDGI2tf5c1uWfi...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLbGQCWRQQtpBoLWy8jVFzheH_55DRD-sIw7RtmCsZpgbev2SQupv5awpa34mSnyDGI2tf5c1uWfioAl6jugZU_BaFl_yfz&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLbGQCWRQQtpBoLWy8jVFzheH_55DRD-sIw7RtmCsZpgbev2SQupv5awpa34mSnyDGI2tf5c1uWfioAl6jugZU_BaFl_yfz&google_hm=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLbGQCWRQQtpBoLWy8jVFzheH_55DRD-sIw7RtmCsZpgbev2SQupv5awpa34mSnyDGI2tf5c1uWfioAl6jugZU_BaFl_yfz&google_hm=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 4336
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEAJl9XfjGV92pfjgA8o9Wkc&google_cver=1&google_push=AYg5qPKVBQ6-NKHB2xCFIVK-KW06OOmLZuFXHaHaHF_6cD8jDoZEoyyUGNfcbYoGdF5qR...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPKVBQ6-NKHB2xCFIVK-KW06OOmLZuFXHaHaHF_6cD8jDoZEoyyUGNfcbYoGdF5qR9vz0lcaXkYwYkYDONJ9ltiqcfQ1tB6wNQ&google_hm=QURCaDhjdEltYnUtWncyTE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPKVBQ6-NKHB2xCFIVK-KW06OOmLZuFXHaHaHF_6cD8jDoZEoyyUGNfcbYoGdF5qR9vz0lcaXkYwYkYDONJ9ltiqcfQ1tB6wNQ&google_hm=QURCaDhjdEltYnUtWncyTE5CSTFoR3c=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPKVBQ6-NKHB2xCFIVK-KW06OOmLZuFXHaHaHF_6cD8jDoZEoyyUGNfcbYoGdF5qR9vz0lcaXkYwYkYDONJ9ltiqcfQ1tB6wNQ&google_hm=QURCaDhjdEltYnUtWncyTE5CSTFoR3c=
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame 4336
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKE0YotPDqoy_b5nplnnndA&google_cver=1&google_push=AYg5qPKa0f8t8R01nHKDv9BBdZRdqIjn9GFe652cle5Vt7sz-YLgkEyN3nn_ZsU1CjrVNerZe6cv_lNOmFggY78-...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKa0f8t8R01nHKDv9BBdZRdqIjn9GFe652cle5Vt7sz-YLgkEyN3nn_ZsU1CjrVNerZe6cv_lNOmFggY78-khLcONKBBNUvcA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKa0f8t8R01nHKDv9BBdZRdqIjn9GFe652cle5Vt7sz-YLgkEyN3nn_ZsU1CjrVNerZe6cv_lNOmFggY78-khLcONKBBNUvcA
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKa0f8t8R01nHKDv9BBdZRdqIjn9GFe652cle5Vt7sz-YLgkEyN3nn_ZsU1CjrVNerZe6cv_lNOmFggY78-khLcONKBBNUvcA
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
v0I59Jp09yFLkkznFyrmi22X5FioVhY4SvZB5-RJ0oc3Fiv8N1tbOA==
pixel
cm.g.doubleclick.net/ Frame 4336
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBfeb0FH5sgBRTseeaHsPDM&google_cver=1&google_push=AYg5qPIs1AR6eRnddqp-YQPus1WZfXG90JKtfqbNfsKlIMLytnv-uRsM...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBfeb0FH5sgBRTseeaHsPDM&google_cver=1&google_push=AYg5qPIs1AR6eRnddqp-YQPus1WZfXG90JKtfqbNfsKlIMLytnv-uRsM...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBfeb0FH5sgBRTseeaHsPDM&google_cver=1&google_push=AYg5qPIs1AR6eRnddqp-YQPus1WZfXG90JKtfqbNfsKlIMLytnv-uR...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3ZTBiMTVkMi0zNjI4LTExZWMtOTJmMS0wNmM2MzNkNTk0MTI%3D&google_push=AYg5qPIs1AR6eRnddqp-YQPus1WZfXG90JKtfqbNfsKlIMLytnv-uRsM66GmbMBecl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3ZTBiMTVkMi0zNjI4LTExZWMtOTJmMS0wNmM2MzNkNTk0MTI%3D&google_push=AYg5qPIs1AR6eRnddqp-YQPus1WZfXG90JKtfqbNfsKlIMLytnv-uRsM66GmbMBeclqdJv5aVPfb96Ky2oF2vNgP_LlTGR8TMHn8F1k
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3ZTBiMTVkMi0zNjI4LTExZWMtOTJmMS0wNmM2MzNkNTk0MTI%3D&google_push=AYg5qPIs1AR6eRnddqp-YQPus1WZfXG90JKtfqbNfsKlIMLytnv-uRsM66GmbMBeclqdJv5aVPfb96Ky2oF2vNgP_LlTGR8TMHn8F1k
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4336
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMLGW_0MN4VBTVnKkphQUNU&google_cver=1&google_push=AYg5qPK9X9VwtxjenOpbCIXyCnoBDIuPFqxi7cvcitB9l2LxFHTpQOUpBRHttuZU3GhlaYYPYg...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPK9X9VwtxjenOpbCIXyCnoBDIuPFqxi7cvcitB9l2LxFHTpQOUpB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPK9X9VwtxjenOpbCIXyCnoBDIuPFqxi7cvcitB9l2LxFHTpQOUpBRHttuZU3GhlaYYPYgC6IHQSrYTEGFi7tN0qvQpgb7QdzKc
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPK9X9VwtxjenOpbCIXyCnoBDIuPFqxi7cvcitB9l2LxFHTpQOUpBRHttuZU3GhlaYYPYgC6IHQSrYTEGFi7tN0qvQpgb7QdzKc
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4336
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEI7BYT8ZsyUKrG7FJ7UFZ5w&google_cver=1&google_push=AYg5qPKWrbfFrFWEsiZhb0P3bBbSoHqhIWtstEJheLiOojheQv2zZvE_UTz9fQC3oGjx58ThYkr5NjAMZLZqDfdlU...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OGJlMDMyNWYtOGY3MC00ZDMyLWIwMWItZDg5YjI4OTllNmRk&google_push=AYg5qPKWrbfFrFWEsiZhb0P3bBbSoHqhIWtstEJheLiOojheQv2zZvE_UTz9fQC3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OGJlMDMyNWYtOGY3MC00ZDMyLWIwMWItZDg5YjI4OTllNmRk&google_push=AYg5qPKWrbfFrFWEsiZhb0P3bBbSoHqhIWtstEJheLiOojheQv2zZvE_UTz9fQC3oGjx58ThYkr5NjAMZLZqDfdlUUvqwvy0oTmqM58
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=OGJlMDMyNWYtOGY3MC00ZDMyLWIwMWItZDg5YjI4OTllNmRk&google_push=AYg5qPKWrbfFrFWEsiZhb0P3bBbSoHqhIWtstEJheLiOojheQv2zZvE_UTz9fQC3oGjx58ThYkr5NjAMZLZqDfdlUUvqwvy0oTmqM58
date
Tue, 26 Oct 2021 06:46:48 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4336 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-xFN4uFUgkHBny0X9_025rjLotvMKzlVUpS2i3BdMD3V0HCVcHUDIYo_FJGKLxv3W1U3lXagA
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
async_usersync
ib.adnxs.com/ Frame 7086 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e3da36aa-18b6-4f3f-aecd-bb2aea74994c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DF12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBzq7V6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE3wFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmQ5sxoKa_lGd5FChMAmAWz00r4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODiACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzI4MjU0NzExNDgwMDM0NxiQ_RI&sigh=xTWVTeoyo6c&uach_m=[UACH]&cid=CAQSKQCNIrLMRjJa9AwrL2ySUuHVqYhZLjxQuHifP2CVOfKIdbDhDL-zgg-oGAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame DF12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hmzs7n0saz5rj4msyq4cyeb4h786080c0q5dp8fgez3jfcgk3e62rb0wp35gqcp6dx2thdavfgfy1qa5temd8zhejsebtjvkvnstt1c6aqgtjszjfvh9zx8m2ebahhecwrgt7g1abs2w7hpd0v1pyg9t50bznavvr8d8qtgj3qjc9fyav5g151s6dtx0jmd6v16ww9dd4vrjnt5xmw0krnbzw85afbysms2g529erm7k51bb97g7hrx73tzjda7dwn1099bf5xmjsv6epb0p6s3mx1w9z6d9pwyaq5sefpts28v77gg91hfaemvnv7e7rvxhyx54vnyxy7wkp954eca9zy3va8ejeh1mjr1k681c0sd05va4221pqnnbqvhsvtzcs0m70&b=YXekVwAJ5kIKd_YFAAAr7iECAmASme36vGFTDg
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 2951 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1j5m9ym1x3bjx45yzskwjadqpwdynmz6n62fdv81jchs2q4ke4xnh567wzyvyjswvg568nay1jyymwxs72552yvqy2fkzec327ybc594ykr66ncvmnwa8gp65ff91y3ngs9a7w39kab82309tckx1b7yvm74y2y1pq2b9hdrdmb2yzswnkahjsta0jhnchfq6z888wmhv443rnzyz3q1h0azmfr9p3y756h12reg5bds35d8kv101xq05k5288twxfy7ap630bjj0f1k2eegsa8srkjs77vdn11hjvmzgj7x6f0vmm4kv09gj9ywg820avsgs33y4ew1a814gdrjk089pva5zsc3wwfsgmbwhzk982ncazdqr4dh0rk2pa4qf84g7qnw02ymxrz9n0352ndyadpb0h2fzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9706c1c3c631aa7f63196da4b35852a4984b7d6bd8407f83ac501180c4ade3b0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1j5m9ym1x3bjx45yzskwjadqpwdynmz6n62fdv81jchs2q4ke4xnh567wzyvyjswvg568nay1jyymwxs72552yvqy2fkzec327ybc594ykr66ncvmnwa8gp65ff91y3ngs9a7w39kab82309tckx1b7yvm74y2y1pq2b9hdrdmb2yzswnkahjsta0jhnchfq6z888wmhv443rnzyz3q1h0azmfr9p3y756h12reg5bds35d8kv101xq05k5288twxfy7ap630bjj0f1k2eegsa8srkjs77vdn11hjvmzgj7x6f0vmm4kv09gj9ywg820avsgs33y4ew1a814gdrjk089pva5zsc3wwfsgmbwhzk982ncazdqr4dh0rk2pa4qf84g7qnw02ymxrz9n0352ndyadpb0h2fzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bac7dbac426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame DF12 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D1E6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44407
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame DF12 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DF12 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DF12 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:48 GMT
frame.html
ad4m.at/ Frame 50B1 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:48 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015224
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyoim6USOdjhsF0gQX0HLprz4sDsX0Xl6xBXKtb7L2VkdOKrVnVm5TAFAqKyOwBcPKNdgjwaenlLhcuwOawXTim1q7jBuFwa17Cxvt1cTTUEov6n0WN4M8w%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bac7ebdc426c-AMS
content-encoding
br
frame.html
ad4m.at/ Frame 0C36 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:48 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015224
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BDszwhj4hy0TqXGvwAOsHUtSUOfMItfTT3To3PkozbS4TVbgSFj96jJvYPAUE626%2FHFiZSdIvKFe20hPCPFe1rGDgoJQgI7lqE5znplIrNfzlEtUs1cvBg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bac80c1a426c-AMS
content-encoding
br
integrator.js
adservice.google.de/adsid/ Frame 7893 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7893 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7893 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2143231000418624&correlator=4448832282127279&output=ldjh&impl=fif&eid=31063272&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=1&eri=1&cust_params=GS%3DYes%26OS%3DOther%26FC%3D1&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230808&dt=1635230808310&dlt=1635230804611&idt=2489&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=2elmy55f0sq6&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=901358038.1635230806&ga_sid=1635230806&ga_hid=1652268948&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
71138f095af89cc7dc457ab7d298d1c591944e5b4cf4061d12edd614528c254e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10162
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2E73 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
4d33b318991e3377aacb24f4f641a4e133d4433d7b0e61f0bbe2fee20abd1f1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8439
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 70AD 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4543dcce-96f5-4e09-8f92-d96d8adab0d7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 646F 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a7a05f55-7e96-4e2b-9956-578aa6432a8a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C4DC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:46:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8EA1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:46:48 GMT
integrator.js
adservice.google.de/adsid/ Frame BAB5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BAB5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BAB5 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=556060901943839&correlator=740300869148087&output=ldjh&impl=fif&eid=31063263%2C21068110%2C21065725%2C31062526%2C44748552&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=1&eri=1&cust_params=GS%3DYes%26OS%3DOther%26FC%3D1&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230808&dt=1635230808366&dlt=1635230804643&idt=2200&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=nrykcl6g968a&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1035855769.1635230807&ga_sid=1635230807&ga_hid=582278695&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
1d0bf89dff246831b5859a6777c8f11e3a48ed2f23bf6b4bc3b4778b1281e7ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10361
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1EE1 		0
0
container.html
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9F5F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9C7C 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1997c9e367340679136114a8c59155a3cf2c6746bbaad85cbac72885b3a1d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8506
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 9885 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jrsf3e0hyw39e401ecydtndakj74mnddzxws2dvm1n2ky99p9wh0mfsayydksmapt1q0eyagxfaehbd58hkzn80tg3jk3a9819n7vs2jdzr89njwr75zs4344mvfc49dbd4dsrjz7q3bq35dhy4caxmt4mmh6x15nym8qtysm7vgft53mf74z1ppcfe9k0smh20dvdxmzcj8s8y2cx931xsg6nvysbk0bk1p7xc4ceqqj1sz63cah1rnwg7ny3d19j70gsh517vx2d1d13da54cx4r6tjt7jt0gx9v7j39s70fcysatp39c1andh6kmgakh18p3vs872vynxxng474hjrans2v73vfb9x41hytdrgz96rs09ebe5cd90dbrbg70geapckv9ky2t1f5w3nrvk7hej7vbmkbtk0et0awaghh3acg9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpJ_3V6R3YaTjGuWV9u8Po-awwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9A-cU5EYiv9OwCr-Mons8ROEq4l3iyF1wTXtV1GBuH6pqKcS4mPy1rWKaIqtpYQpOGxJlsM0Wfd_pERa9IHyLMXrpf2NIZ7G404YsHZ4g6vT7NVU-TZYXhmYxp-iGpSbztjq6W3SUeZjg6V9mZCDq5gVSVjuCoYIS22J-r_rupU7mOCbhRqhUtkl3x96lZyJxMgnuMcpHuGB_Xz6K_GiJO5C4D_J_ddjXncoC2drBVy8hxB0mX3tqDpoqFuYStbIXPZOX86l8uokGEZn1DuExkRlrdOG9pmaFuKlDeEzyYkvuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0fw4LrM6Zx0CEzTi8qrS34XndUKQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jrsf3e0hyw39e401ecydtndakj74mnddzxws2dvm1n2ky99p9wh0mfsayydksmapt1q0eyagxfaehbd58hkzn80tg3jk3a9819n7vs2jdzr89njwr75zs4344mvfc49dbd4dsrjz7q3bq35dhy4caxmt4mmh6x15nym8qtysm7vgft53mf74z1ppcfe9k0smh20dvdxmzcj8s8y2cx931xsg6nvysbk0bk1p7xc4ceqqj1sz63cah1rnwg7ny3d19j70gsh517vx2d1d13da54cx4r6tjt7jt0gx9v7j39s70fcysatp39c1andh6kmgakh18p3vs872vynxxng474hjrans2v73vfb9x41hytdrgz96rs09ebe5cd90dbrbg70geapckv9ky2t1f5w3nrvk7hej7vbmkbtk0et0awaghh3acg9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpJ_3V6R3YaTjGuWV9u8Po-awwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9A-cU5EYiv9OwCr-Mons8ROEq4l3iyF1wTXtV1GBuH6pqKcS4mPy1rWKaIqtpYQpOGxJlsM0Wfd_pERa9IHyLMXrpf2NIZ7G404YsHZ4g6vT7NVU-TZYXhmYxp-iGpSbztjq6W3SUeZjg6V9mZCDq5gVSVjuCoYIS22J-r_rupU7mOCbhRqhUtkl3x96lZyJxMgnuMcpHuGB_Xz6K_GiJO5C4D_J_ddjXncoC2drBVy8hxB0mX3tqDpoqFuYStbIXPZOX86l8uokGEZn1DuExkRlrdOG9pmaFuKlDeEzyYkvuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0fw4LrM6Zx0CEzTi8qrS34XndUKQ%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411082
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bac8ad57426c-AMS
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame 9885 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jrsf3e0hyw39e401ecydtndakj74mnddzxws2dvm1n2ky99p9wh0mfsayydksmapt1q0eyagxfaehbd58hkzn80tg3jk3a9819n7vs2jdzr89njwr75zs4344mvfc49dbd4dsrjz7q3bq35dhy4caxmt4mmh6x15nym8qtysm7vgft53mf74z1ppcfe9k0smh20dvdxmzcj8s8y2cx931xsg6nvysbk0bk1p7xc4ceqqj1sz63cah1rnwg7ny3d19j70gsh517vx2d1d13da54cx4r6tjt7jt0gx9v7j39s70fcysatp39c1andh6kmgakh18p3vs872vynxxng474hjrans2v73vfb9x41hytdrgz96rs09ebe5cd90dbrbg70geapckv9ky2t1f5w3nrvk7hej7vbmkbtk0et0awaghh3acg9c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpJ_3V6R3YaTjGuWV9u8Po-awwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9A-cU5EYiv9OwCr-Mons8ROEq4l3iyF1wTXtV1GBuH6pqKcS4mPy1rWKaIqtpYQpOGxJlsM0Wfd_pERa9IHyLMXrpf2NIZ7G404YsHZ4g6vT7NVU-TZYXhmYxp-iGpSbztjq6W3SUeZjg6V9mZCDq5gVSVjuCoYIS22J-r_rupU7mOCbhRqhUtkl3x96lZyJxMgnuMcpHuGB_Xz6K_GiJO5C4D_J_ddjXncoC2drBVy8hxB0mX3tqDpoqFuYStbIXPZOX86l8uokGEZn1DuExkRlrdOG9pmaFuKlDeEzyYkvuAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0fw4LrM6Zx0CEzTi8qrS34XndUKQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=VMZk9g==, md5=8Dl88jIeakD66NOc9V2ZFw==
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69590
x-guploader-uploadid
ADPycdvNXhwiNu4xoVcJ42hilSPIRHALD7zD5Hf3wtHCPbX6ILgZz8gfHXg0sthzsTHAmQVME6-SSYz3rohz56QK4Uc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:36 GMT
server
cloudflare
etag
W/"f0397cf2321e6a40fae8d39cf55d9917"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oB6w%2FrL0VP3Qihce3TWTRBcu79bEzyFROFiRanPUYangpZx9briVmIlM044xLYihUy31ZP6pgir7hvizNL8HVorQ1xPr45dfkBp4SQStyI%2FBwFgOiJAWyMw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729196057447
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11922
cf-ray
6a41bac8ad59426c-AMS
expires
Mon, 25 Oct 2021 11:26:58 GMT
frame.html
ad4m.at/ Frame AFBA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:48 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015224
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsn1e6xlSdnB9yRlwYEWIy1slWgPe27N4SpjTsy3R%2BzHsommcTqdgiF5Xu3G3cnNcvImbRirjZhlWwAG2Gx8UyFuSFZgvJDzY7uzdtX6Nbe6RhcLSAANjOY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bac8ad5d426c-AMS
content-encoding
br
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2E73 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:46:48 GMT
frame.html
ad4m.at/ Frame ED02 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:48 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015224
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6uKj5ne%2BBWl0HpJqcyOLPcNFKyhtUri6nr2G27rOcYgvow4w7Lo%2FbQSeDqK4DxOhCVboj1WoYgydYOSQqeyIc1JJ5WTZWl1EBzGvQQrYV3ilTf0kuYZX1w%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bac8cdc5426c-AMS
content-encoding
br
frame.html
ad4m.at/ Frame 9EF3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:48 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015224
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5LNf5WRSEDfkkrG2GtDcKkDXYdAzsOahyFqKYKiFzUISoqdnEK8LBJX5dgJC4ZCNIZluqfenGd9j%2Fd2u1ZhCPhibcC0yZ1%2BE2gqR27ws1lJUcusvHFpxRc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bac8cdc9426c-AMS
content-encoding
br
integrator.js
adservice.google.de/adsid/ Frame 9C7C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9C7C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9C7C 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2094331154805026&correlator=70805380011475&output=ldjh&impl=fif&eid=31063136%2C31063214%2C31063263%2C31062524%2C31063139&vrg=2021102101&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=1&eri=1&cust_params=GS%3DYes%26OS%3DOther%26FC%3D1&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230808&dt=1635230808440&dlt=1635230804634&idt=2485&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=212t0ckpslhx&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1399544675.1635230806&ga_sid=1635230806&ga_hid=135499769&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
85919f212239c89da29326732909318c57e55ac385e9a6df9e1be00b75de66e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10416
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9C7C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:46:48 GMT
async_usersync
ib.adnxs.com/ Frame A386 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1a2def08-00d2-480a-8307-df9a38e0473f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 1506 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM_5LXJ2FNlA3MnbYFuUsB8&google_cver=1&google_push=AYg5qPL3MR8TTURJvMgyTZC2vcYWPy4vUPQiofIMNnoY54kUBayIGB6DkOSYfNXYxKaQUUeRPkws8F8jlysbKky4VphqEXWhoaUN
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1506
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE05YFd2tdevRZn3jJDUfgg&google_cver=1&google_push=AYg5qPJtEtj5PNJCqWuR7JIuyCNai8A3gVcTO9zVrraHdCxB85qpwrfkH4FwURDzBRZ2q5B95oP5jhbTyQe...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJtEtj5PNJCqWuR7JIuyCNai8A3gVcTO9zVrraHdCxB85qpwrfkH4FwURDzBRZ2q5B95oP5jhbTyQen3mTaC-ZOQQ-KCUFP&google_hm=iRAq0OmjQM2sS1xqMxO7zC4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJtEtj5PNJCqWuR7JIuyCNai8A3gVcTO9zVrraHdCxB85qpwrfkH4FwURDzBRZ2q5B95oP5jhbTyQen3mTaC-ZOQQ-KCUFP&google_hm=iRAq0OmjQM2sS1xqMxO7zC4
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJtEtj5PNJCqWuR7JIuyCNai8A3gVcTO9zVrraHdCxB85qpwrfkH4FwURDzBRZ2q5B95oP5jhbTyQen3mTaC-ZOQQ-KCUFP&google_hm=iRAq0OmjQM2sS1xqMxO7zC4
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1506
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEAXNy8YM_WZCwUy1wNWC5XY&google_cver=1&google_push=AYg5qPLYRAAfxbmdeP7MAeeuIJgagH1YxO_CO-hW4Sef9uEgo7aN9jbPsXgAaYL-gcQZFXO7M3pLCN7IgeXuDfENBLGCouti4ZlP
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzZENjk0MDg1RUUzNzc4Mw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzZENjk0MDg1RUUzNzc4Mw==
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzZENjk0MDg1RUUzNzc4Mw==
date
Tue, 26 Oct 2021 06:46:48 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 1506
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELJsxJGzPCZsQAT2_U6bzGQ&google_cver=1&google_push=AYg5qPKLOTVle3wDe-u5myVSNcOvUYKlTfVwYSbnV4dICLkMXax9C5KoaC3kQgIadvvBotyxEUkc_YfOJGR4vp0Ka...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELJsxJGzPCZsQAT2_U6bzGQ&google_cver=1&google_push=AYg5qPKLOTVle3wDe-u5myVSNcOvUYKlTfVwYSbnV4dICLkMXax9C5KoaC3kQgIadvvBotyxEUkc_YfOJGR4vp0Ka...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKLOTVle3wDe-u5myVSNcOvUYKlTfVwYSbnV4dICLkMXax9C5KoaC3kQgIadvvBotyxEUkc_YfOJGR4vp0KaEeRPa3I_fFI&google_hm=cf745295171a9a0440edb135
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKLOTVle3wDe-u5myVSNcOvUYKlTfVwYSbnV4dICLkMXax9C5KoaC3kQgIadvvBotyxEUkc_YfOJGR4vp0KaEeRPa3I_fFI&google_hm=cf745295171a9a0440edb135
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 26 Oct 2021 06:46:48 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKLOTVle3wDe-u5myVSNcOvUYKlTfVwYSbnV4dICLkMXax9C5KoaC3kQgIadvvBotyxEUkc_YfOJGR4vp0KaEeRPa3I_fFI&google_hm=cf745295171a9a0440edb135
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 1506
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEM69U3a1AallweLTK-DWo1g&google_cver=1&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtudsB1vM99X...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEM69U3a1AallweLTK-DWo1g&google_cver=1&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtudsB...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtuds...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtuds...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtuds...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtuds...
0
0
pixel
cm.g.doubleclick.net/ Frame 1506
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFFLyjnVGRdavkUv4kfTrbo&google_cver=1&google_push=AYg5qPISQ8ZiDyhQTVn4Pn89VTRakr1UAYvoBSIMh-w1dAr6DPgP7N_wwUX70fYni3n4JtSb3LLLHK7zH23DYokG6qmWqZ35FS6X
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPISQ8ZiDyhQTVn4Pn89VTRakr1UAYvoBSIMh-w1dAr6DPgP7N_wwUX7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPISQ8ZiDyhQTVn4Pn89VTRakr1UAYvoBSIMh-w1dAr6DPgP7N_wwUX70fYni3n4JtSb3LLLHK7zH23DYokG6qmWqZ35FS6X
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPISQ8ZiDyhQTVn4Pn89VTRakr1UAYvoBSIMh-w1dAr6DPgP7N_wwUX70fYni3n4JtSb3LLLHK7zH23DYokG6qmWqZ35FS6X
date
Tue, 26 Oct 2021 06:46:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
rtb2-useast.e-volution.ai/ Frame 1506 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEPo6yGcdmiUzINuffssJ57M&google_cver=1&google_push=AYg5qPL7JPqn1q0WhmS4LalwRvjSxGUWNSynS9onn5fVHIUS6kr2ShBHNPgXpTgSg9iq7CXUfF-CdiN3qe97RyzP_1Hg-PFNe1buOg
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
attr
cm.g.doubleclick.net/pixel/ Frame 1506 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHO8u2mNi1_mZ60o5hpRLhJ53lxrtjhpMm1AHgdAWwEeEamRaVU2_QFVyrl-DW503XxVgtFw
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dr
as.ad4m.at/ad/ Frame 399D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jn7rg7gz7jjj3cfz6v0vkdkfqg1kwp725zmz09dm04rx56my9dk67b96harexs2a3gge46525v0edax28a6wtnfnftte0zp390dgs763gvymg9zvbq9c957snwq9x526n5hr5zxjptb85zs2h3y4re4xm78cjd9eztwk92fa76szzn2dkwpraffdnqn4twhjyvrba3y5c64sae6x6e3ttz05p0eks5pcyff2zkamqeeh4he8zadyk1xes93bgt3ggy84zp2ywm1b22fj0e855sth65z8bbbbzbnd44xpn7095983vza626bkgznchj4vzpfecsjz4srv9zy2vj98j315baanaemvgfka4e03yv50bj2rtq9cpwqhvp6ddmd7mcdpnzs0tt60jbdfkvv8txmvbdwn78vz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f98a30d9736a4ff8493ea589ceb68ce8d4612d4f21ec4d21b2de2753393285
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1jn7rg7gz7jjj3cfz6v0vkdkfqg1kwp725zmz09dm04rx56my9dk67b96harexs2a3gge46525v0edax28a6wtnfnftte0zp390dgs763gvymg9zvbq9c957snwq9x526n5hr5zxjptb85zs2h3y4re4xm78cjd9eztwk92fa76szzn2dkwpraffdnqn4twhjyvrba3y5c64sae6x6e3ttz05p0eks5pcyff2zkamqeeh4he8zadyk1xes93bgt3ggy84zp2ywm1b22fj0e855sth65z8bbbbzbnd44xpn7095983vza626bkgznchj4vzpfecsjz4srv9zy2vj98j315baanaemvgfka4e03yv50bj2rtq9cpwqhvp6ddmd7mcdpnzs0tt60jbdfkvv8txmvbdwn78vz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bac9efcb426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 8B28 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CAD2 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44407
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 8B28 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame 8B28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRxOopR3o7DEwZTGUPR5rMgcqXvQzodulp3wMrz02hAd4wxHTdB1TeZUXBPREU5QdNU1FyhUAi5prU-kPGI7zoX8Y6gA
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8B28 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8B28 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:48 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame FBAD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqveLV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE3wFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1hmGgWFvJGAj81NGaOO4mrYhM4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODiACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzI4MjU0NzExNDgwMDM0NxiQ_RI&sigh=T2aTVqZA-jM&uach_m=[UACH]&cid=CAQSKQCNIrLMnx8ljmdfZAPFm_sac9irjI7VEbTU6hslBQNCzPpYrlxkXlmrGAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame FBAD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1k5zt2d9spv3yrqgbaf3t3c9cgcydabx99gzfbtsp6batb12q9hgy69zp9fr2vz52wbt5affb2ekgpd66v284hsgzs04m9vfdhgxnt5cv2t2t9zjhcn5j8nz34kckabnm7whwdcvyr5gxj6kazc4nyy6vmhzgyfbw9642vyrx90dmxd7gk3p1g7eb3y1a9b16ft168a64t5wdk2z2r2axrptq2akxnzqhprgeb8hjz6nqvf9gcm02tzq37pa9jyw18ah6xsvjgh7e77zq4yxnp1v9ha4fcm6pdh09trvm2vsv2q7z8hb8gkrvm44jahfrp9wg6a7fxz1wss9a618shqza7e28036ayfpdnfwz2x31rgphbx8sj2maayhb5wnk3ykh3xyhm&b=YXekVwANcTYK4AOJAAW5NlBbpfLPjoUbmWRwlg
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame E82F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hqftp2acb8gwzezcm6gfqk1w8kgvn39eaetq9sr3twdsx89b1kb2aw62cqggyz8z6gxh2czdmjb1h033heh9wt169bdxvfaztsx3vkm3dcysg1rhat0pzd30e5y40ss1nr1gsdnp03zntsc7vda7r1jmef43h5zbbvrfk5jd9ngczz6cxhe0dy4h9gf5g5b5v79es3veg1qtyejmjwhjmv031hdynvsrktqjr2pk25xbpa9yf2zceyc8jsd4nrkeg5yrrh6pehp3qw1fa4hz8s5gfydd9xa9ypj59bwv1cmhcaz7wwckjkjaange7hehc8rva4s8p3nft88mtq4qhm9hp5whdgvax5skj8rsr24g21ak34nhbxvw1h61krgaywvx8kdv0y3yz5rmk1f8hp26f0en338c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07e888c40252af49d8bbfdeaba326cdd6d811cfa04fd465944da4c8da00519e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1hqftp2acb8gwzezcm6gfqk1w8kgvn39eaetq9sr3twdsx89b1kb2aw62cqggyz8z6gxh2czdmjb1h033heh9wt169bdxvfaztsx3vkm3dcysg1rhat0pzd30e5y40ss1nr1gsdnp03zntsc7vda7r1jmef43h5zbbvrfk5jd9ngczz6cxhe0dy4h9gf5g5b5v79es3veg1qtyejmjwhjmv031hdynvsrktqjr2pk25xbpa9yf2zceyc8jsd4nrkeg5yrrh6pehp3qw1fa4hz8s5gfydd9xa9ypj59bwv1cmhcaz7wwckjkjaange7hehc8rva4s8p3nft88mtq4qhm9hp5whdgvax5skj8rsr24g21ak34nhbxvw1h61krgaywvx8kdv0y3yz5rmk1f8hp26f0en338c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bac9ffe1426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame FBAD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BF5F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44407
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame FBAD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame FBAD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQb4Kdwh-SeJK-1oxNkJwnnaHjMO2QuA0k_QZvfuxws8i-OO4owHCCpUcZis9uZ9VGcwKePWLoDGsE25cZMyFzfvcvJNg
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FBAD 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FBAD 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:48 GMT
adition.js
imagesrv.adition.com/js/ Frame 0C47 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: tracking.m6r.eu
URL: https://tracking.m6r.eu/impression/creative?format=script&creativeLinkId=c353a180-a1ea-487d-a047-52014a213b0b&id=adx-auction%3A6177a457000726d90a77fb844302d76b&mbrUserId=fa5c8f50b3abeba1f95937f3f693ff9c&adxPrice=YXekVwAGTfwKd7QDAAg7HlHSd4zBZ3J0v3sbLA&sync=adx&target=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr-bm1gPIAQmpAsWfM4y3d7M-4AIAqAMBqgTjAU_QjbNpQBk2EWkSo3zYrJser4_BmNrPdFNQHq6OLcPG7vLThXy9sYH_saRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go_SWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4_mpJSlQbMkrtwMlwC9M0rRmwpwfyU_4y4KvAOeuskD15CGgqAqS6-1wxzcTQCDVnPZr24iuRpqq2eFuB-9D_TZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qM13_ohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad3.adfarm1.adition.com/ Frame 0C47 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad3.adfarm1.adition.com/js?wp_id=4662864&gdpr=&gdpr_consent=&kid=4646472&clickurl=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Crn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr-bm1gPIAQmpAsWfM4y3d7M-4AIAqAMBqgTjAU_QjbNpQBk2EWkSo3zYrJser4_BmNrPdFNQHq6OLcPG7vLThXy9sYH_saRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go_SWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4_mpJSlQbMkrtwMlwC9M0rRmwpwfyU_4y4KvAOeuskD15CGgqAqS6-1wxzcTQCDVnPZr24iuRpqq2eFuB-9D_TZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0qM13_ohgG7nPv8ZrcK9ABhUDYPw&client=ca-pub-3282547114800347&adurl=https%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx-auction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3D
Requested by
Host: tracking.m6r.eu
URL: https://tracking.m6r.eu/impression/creative?format=script&creativeLinkId=c353a180-a1ea-487d-a047-52014a213b0b&id=adx-auction%3A6177a457000726d90a77fb844302d76b&mbrUserId=fa5c8f50b3abeba1f95937f3f693ff9c&adxPrice=YXekVwAGTfwKd7QDAAg7HlHSd4zBZ3J0v3sbLA&sync=adx&target=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr-bm1gPIAQmpAsWfM4y3d7M-4AIAqAMBqgTjAU_QjbNpQBk2EWkSo3zYrJser4_BmNrPdFNQHq6OLcPG7vLThXy9sYH_saRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go_SWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4_mpJSlQbMkrtwMlwC9M0rRmwpwfyU_4y4KvAOeuskD15CGgqAqS6-1wxzcTQCDVnPZr24iuRpqq2eFuB-9D_TZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0qM13_ohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.9 -, , ASN (),
Reverse DNS
Software
ADITIONSERVER v1.0 /
Resource Hash
f3f59269b56487c644969a6622e30336d2e9167da860552b4bef0f11085d1dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 08:46:49 +0200
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9940 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
96c453ce8111a7ecf20aef999147583521db637dca5e7e4cc3523e2d58385342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8495
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3C16 		0
0
container.html
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 38E2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
activeview
pagead2.googlesyndication.com/pcs/ Frame DDF9 		0
0
container.html
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 376A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
integrator.js
adservice.google.de/adsid/ Frame C14A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C14A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C14A 		349 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3528714001232785&correlator=3573123151994959&output=ldjh&impl=fif&eid=31063136%2C31062525%2C31063182&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=1&eri=1&cust_params=GS%3DYes%26OS%3DOther%26FC%3D1&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230808&dt=1635230808689&dlt=1635230804657&idt=2682&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=upezao7vdz4y&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=939484896.1635230807&ga_sid=1635230807&ga_hid=1399399062&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b31c78186330f87cb0574768a97d262d1d6cff22b9965edd6ed66e545407d8a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
150
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A6FD 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:43:19 GMT
expires
Wed, 26 Oct 2022 06:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 1414 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
32413cd8d96bb10561920eb59359968bee8c2445085d818c4523ad92af73960e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4TBfRbXaUkDntv+2niMEoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:46:49 GMT
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-4TBfRbXaUkDntv+2niMEoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 0BE9 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
114cb40b-8c77-40c6-96ec-a53df0187bc6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7260 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
98dd141a6b8a71eca0ac179f7879d18b7fc6b6522598bc15eb4bec2d3ce0208a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8576
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 2951 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j5m9ym1x3bjx45yzskwjadqpwdynmz6n62fdv81jchs2q4ke4xnh567wzyvyjswvg568nay1jyymwxs72552yvqy2fkzec327ybc594ykr66ncvmnwa8gp65ff91y3ngs9a7w39kab82309tckx1b7yvm74y2y1pq2b9hdrdmb2yzswnkahjsta0jhnchfq6z888wmhv443rnzyz3q1h0azmfr9p3y756h12reg5bds35d8kv101xq05k5288twxfy7ap630bjj0f1k2eegsa8srkjs77vdn11hjvmzgj7x6f0vmm4kv09gj9ywg820avsgs33y4ew1a814gdrjk089pva5zsc3wwfsgmbwhzk982ncazdqr4dh0rk2pa4qf84g7qnw02ymxrz9n0352ndyadpb0h2fzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1j5m9ym1x3bjx45yzskwjadqpwdynmz6n62fdv81jchs2q4ke4xnh567wzyvyjswvg568nay1jyymwxs72552yvqy2fkzec327ybc594ykr66ncvmnwa8gp65ff91y3ngs9a7w39kab82309tckx1b7yvm74y2y1pq2b9hdrdmb2yzswnkahjsta0jhnchfq6z888wmhv443rnzyz3q1h0azmfr9p3y756h12reg5bds35d8kv101xq05k5288twxfy7ap630bjj0f1k2eegsa8srkjs77vdn11hjvmzgj7x6f0vmm4kv09gj9ywg820avsgs33y4ew1a814gdrjk089pva5zsc3wwfsgmbwhzk982ncazdqr4dh0rk2pa4qf84g7qnw02ymxrz9n0352ndyadpb0h2fzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411082
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41baca78c8426c-AMS
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 2951 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j5m9ym1x3bjx45yzskwjadqpwdynmz6n62fdv81jchs2q4ke4xnh567wzyvyjswvg568nay1jyymwxs72552yvqy2fkzec327ybc594ykr66ncvmnwa8gp65ff91y3ngs9a7w39kab82309tckx1b7yvm74y2y1pq2b9hdrdmb2yzswnkahjsta0jhnchfq6z888wmhv443rnzyz3q1h0azmfr9p3y756h12reg5bds35d8kv101xq05k5288twxfy7ap630bjj0f1k2eegsa8srkjs77vdn11hjvmzgj7x6f0vmm4kv09gj9ywg820avsgs33y4ew1a814gdrjk089pva5zsc3wwfsgmbwhzk982ncazdqr4dh0rk2pa4qf84g7qnw02ymxrz9n0352ndyadpb0h2fzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69564
x-guploader-uploadid
ADPycduDVKAqrImukjhlYteElQMkMrYqokC1rGAPP0PymAQcPIf77FwZheoKbpTUE7JfdnrrSxlzL91UZkZh2eVQXHo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:57 GMT
server
cloudflare
etag
W/"8117c73fc4e946a604517e9066dbb583"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rgYS%2F5K9YbZu8U91HgLaa9GcoDrGIG5s1oM4uc9l7Asu2xTt0iTYw3%2FioECbFlqBH97PDpSjMqjAPVleoMfskPDwZLcf2wE7HS6dbqrAh3BrSfRvlW6j54%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729216993678
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11927
cf-ray
6a41baca78cb426c-AMS
expires
Mon, 25 Oct 2021 11:27:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3729 		0
0
container.html
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F77 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:46 GMT
expires
Wed, 26 Oct 2022 06:46:46 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B924 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:43:19 GMT
expires
Wed, 26 Oct 2022 06:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 1470 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
a58d6fe6ff2d86a7d6defa65c7c5d4ef552366a7b4454bb73dbe4b9dfce5d707
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7J7wk9S21DXQ3jXJArseCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:46:49 GMT
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-7J7wk9S21DXQ3jXJArseCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame A180
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEOEqbj8QP4YJk_ev17_L9h4&google_cver=1&google_push=AYg5qPJbS8DuwOKO_bpW3FWF0AiM4LT65VkhbH4teb0td5-5h-HvUsl6v2VflocxZa6xssRlRl9MNPSUVHVkiod9PDgIXAD8Ink
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17DE5C7B864B46579AE4222FB6BB3A3D&google_push=AYg5qPJbS8DuwOKO_bpW3FWF0AiM4LT65VkhbH4teb0td5-5h-HvUsl6v2VflocxZa6xssRlRl9MNPSUVHVkiod...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17DE5C7B864B46579AE4222FB6BB3A3D&google_push=AYg5qPJbS8DuwOKO_bpW3FWF0AiM4LT65VkhbH4teb0td5-5h-HvUsl6v2VflocxZa6xssRlRl9MNPSUVHVkiod9PDgIXAD8Ink
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:48 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17DE5C7B864B46579AE4222FB6BB3A3D&google_push=AYg5qPJbS8DuwOKO_bpW3FWF0AiM4LT65VkhbH4teb0td5-5h-HvUsl6v2VflocxZa6xssRlRl9MNPSUVHVkiod9PDgIXAD8Ink
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 25 Oct 2021 06:46:48 GMT
pixel
cm.g.doubleclick.net/ Frame A180
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELiZEGIdlx_7f-I-Vq1bOJ4&google_cver=1&google_push=AYg5qPKjGVabbeaVSBzxVFX2F-ztBGKkvqh6FNLqM42jxpSEjflwOVGuObERD0Ssv-dZLmpltkh-mcF7_HG2u4...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPKjGVabbeaVSBzxVFX2F-ztBGKkvqh6FNLqM42jxpSEjflwOVGuObERD0Ssv-dZLmpltkh-mcF7_HG2u46CPb49Sh1eqE0&google_hm=hmF3pFht5znJGcFr3Q...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPKjGVabbeaVSBzxVFX2F-ztBGKkvqh6FNLqM42jxpSEjflwOVGuObERD0Ssv-dZLmpltkh-mcF7_HG2u46CPb49Sh1eqE0&google_hm=hmF3pFht5znJGcFr3Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6177A4586DE739C919C16BDDBLIS
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPKjGVabbeaVSBzxVFX2F-ztBGKkvqh6FNLqM42jxpSEjflwOVGuObERD0Ssv-dZLmpltkh-mcF7_HG2u46CPb49Sh1eqE0&google_hm=hmF3pFht5znJGcFr3Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6177A4586DE739C919C16BDDBLIS
date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame A180
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEN7FCimv0IDyJ2WZkCAmimw&google_cver=1&google_push=AYg5qPJTDmyrQWYtRbVoy7WuatL02OmJQJe9x-qePpLjj5UIi18DQPZC__k25...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-lyPULOr66H5WTfz9pP_nA&google_push=AYg5qPJTDmyrQWYtRbVoy7WuatL02OmJQJe9x-qePpLjj5UIi18DQPZC__k25laI6AapYwxUTQ0-GTuhJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-lyPULOr66H5WTfz9pP_nA&google_push=AYg5qPJTDmyrQWYtRbVoy7WuatL02OmJQJe9x-qePpLjj5UIi18DQPZC__k25laI6AapYwxUTQ0-GTuhJ98Eptv0nBAAnv08QQ
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-lyPULOr66H5WTfz9pP_nA&google_push=AYg5qPJTDmyrQWYtRbVoy7WuatL02OmJQJe9x-qePpLjj5UIi18DQPZC__k25laI6AapYwxUTQ0-GTuhJ98Eptv0nBAAnv08QQ
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
236
pixel
cm.g.doubleclick.net/ Frame A180
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIwsnHAQG4TUK6b1NEMIN4U&google_cver=1&google_push=AYg5qPKcqMVrhYtW8useA9HOOAt2azgtJDuj8Jwin-4veH7krTHpY7JU49LkSmCk9fHFOjVFajm5TX-dH7USl-FbdzRh...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=da5b4089-2795-4384-b054-74e250c74418
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=da5b4089-2795-4384-b054-74e250c74418
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f76375ad-0db0-46df-8354-cb0aeb5713dd&user_group=1&ssp=google&bsw_param=da5b4089-2795-4384-b054-74e250c74418
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKcqMVrhYtW8useA9HOOAt2azgtJDuj8Jwin-4veH7krTHpY7JU49LkSmCk9fHFOjVFajm5TX-dH7USl-FbdzRhOLzM0FY&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKcqMVrhYtW8useA9HOOAt2azgtJDuj8Jwin-4veH7krTHpY7JU49LkSmCk9fHFOjVFajm5TX-dH7USl-FbdzRhOLzM0FY&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKcqMVrhYtW8useA9HOOAt2azgtJDuj8Jwin-4veH7krTHpY7JU49LkSmCk9fHFOjVFajm5TX-dH7USl-FbdzRhOLzM0FY&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
Date
Tue, 26 Oct 2021 06:46:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame A180 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEO20rtuKvFbVWOk-lWWxFLI&google_cver=1&google_push=AYg5qPL_9MXX3c0LnozuzNasrhIDtIMi3W1qBP46VQLNc7owwRUnXcqRAw0URj7nNh8VAQioAELbavs3FqZYWF4bU4tnkEoW-Ik
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Oct 2021 06:46:48 GMT
pixel
cm.g.doubleclick.net/ Frame A180
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESELEqbxDXWYkmcRTkDA1hP88&google_cver=1&google_push=AYg5qPLY_TsjGh_m2CVYE1JwkWNIdr0nO9lvEVYPe92xEd5Q9HRxncMNlYi7luBc1joYsQ1hwM4Sv2RVE7uRXTvYV34IACg5T7w
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLY_TsjGh_m2CVYE1JwkWNIdr0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLY_TsjGh_m2CVYE1JwkWNIdr0nO9lvEVYPe92xEd5Q9HRxncMNlYi7luBc1joYsQ1hwM4Sv2RVE7uRXTvYV34IACg5T7w&gdpr=&gdpr_consent=
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLY_TsjGh_m2CVYE1JwkWNIdr0nO9lvEVYPe92xEd5Q9HRxncMNlYi7luBc1joYsQ1hwM4Sv2RVE7uRXTvYV34IACg5T7w&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 26 Oct 2021 06:46:48 GMT
pub
cs.chocolateplatform.com/ Frame A180 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEPe_uP3BEH3eKSn9P3DFk38&google_cver=1&google_push=AYg5qPJnJjsc-sK3wgOh99mLVCLRv7_xDsqBd30Q4qbvbIRhHhamDy5aULcfhZc96Pa6SyZTOpcKq00BXmVqlp_F2Slu-dMngVI
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.212.101.174 -, , ASN (),
Reverse DNS
Software
Chocolate Cookie Sync Powered by Vdopia /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
server
Chocolate Cookie Sync Powered by Vdopia
alt-svc
clear
content-type
application/javascript
attr
cm.g.doubleclick.net/pixel/ Frame A180 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I19lopbDymgLhbtsXxXgP91wAX9fN_RMoQkIYTi35RX_gkS3rbT76KKoS92Ugh1EAt4IGB
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
async_usersync
ib.adnxs.com/ Frame 4D1E 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c29ee513-dd09-4788-85af-03ec571cf4dc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8901 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
457f31f7-47f4-45cc-90ac-fd7e64dcdf2f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 7260 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7260 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7260 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3761144809957779&correlator=4289289138585359&output=ldjh&impl=fif&eid=31063254%2C31062525&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=1&eri=1&cust_params=GS%3DYes%26OS%3DOther%26FC%3D1&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230808&dt=1635230808751&dlt=1635230804650&idt=2724&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=53xw8gmgxbob&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=1837983081.1635230807&ga_sid=1635230807&ga_hid=351039452&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
5696759b7d3d53a36280590f6547b84b5fe2e5eb8a589033da5329007bcee14f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11742
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9940 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:46:48 GMT
async_usersync
ib.adnxs.com/ Frame 7534 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8a173ea6-4ad5-4f1c-a145-404c19aaf23f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CAE3 		0
0
container.html
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF5F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102101.js?31063263
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
frame.html
ad4m.at/ Frame 5691 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:49 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015225
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfM1GMnNwRoi97dm2LAbVr%2BxTYSgjSuCThoNYoXFzl9IwligCOsherzsLq5EnBR0oZKGvOvALorFu5tK8JLljrfA8JB9%2FErgnwSUeHEihX7XN6yD%2FGtHxeY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bacc8cc2426c-AMS
content-encoding
br
adview
securepubads.g.doubleclick.net/pagead/ Frame 9F5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CF-7MWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE3wFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbPyUBSjDu33PNgdXWM7DDXDM44AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODiACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzI4MjU0NzExNDgwMDM0NxiQ_RI&sigh=bTHXro8Uo8g&uach_m=[UACH]&cid=CAQSKQCNIrLMH9MukaykPQ0nCFMfkHg7xpEZXXqCCXauUdARLIrg0_oaxLA7GAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 9F5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g3qtnpaca7qhjjcsnn95d3ewvj0ptsrg2ny2pzp4r085pkpdervs6fshcw8qrn1qjxrgswgqn39d7z1801crjfaxng23hfmf5p0jgjgd2091xbwz2v4t4pjnzjmx5j9r11zt1z9863nq34f8tzdjxc38etktt7ay77qkf2jxhaxdtce5yjgs8df5w0h44v5495mggjnk6xc2a0rzvcwfch797s6a1v6km541sm25hsm604xn2rredzk91m29gegrkntxbp7n01js5v0dkxc86cwswymwhfqdd9fgg657rvs0raggmsj69k3krmhan0frxjpwspkjyfsjx1dy0y5y3k5xaet4vrn99h4qb3vaedzfwjp11jzbwamxeyzvh3qck2b0vdrf4&b=YXekWAAA6xgIu-KuAAlhpWulxGqMoHbhujwabg
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 023B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hm873ehmnkxt6z4t2y7x7am172psh6e990ywjh17yqdxq3hx9jd8f4tb1vbj6wmsq4m3mcp361f5e361s4bg37emhb0cmndp041rc7fh37r8txk0kgjx893z6q27q5nj9agp9fzhs9a0breehw2k102wvx4vme7zvnvechzw7cm0cs8b817e3eb9azqrgqch7xk0jjq0671d07f5avdr07ntxq3agpddj66gbxz4scja1tm01rk66xg7j276ddd412s75nm6st9cxgqg32rs8fn4xz3t2y1pcqqwvh1csrcqmhxmkc5zz1wgfcnjbzfsencpvexen616es3599vjz2rme418v02cqj0rka1c57ctb62n7n3mag9c5hh7cr17w2sbkckwm1g14bs51vt3cdc8kcnp2c0b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
013bb1de95202e40e489f72c7a9c5e3b15e20f7163487f078a675482502a39fb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1hm873ehmnkxt6z4t2y7x7am172psh6e990ywjh17yqdxq3hx9jd8f4tb1vbj6wmsq4m3mcp361f5e361s4bg37emhb0cmndp041rc7fh37r8txk0kgjx893z6q27q5nj9agp9fzhs9a0breehw2k102wvx4vme7zvnvechzw7cm0cs8b817e3eb9azqrgqch7xk0jjq0671d07f5avdr07ntxq3agpddj66gbxz4scja1tm01rk66xg7j276ddd412s75nm6st9cxgqg32rs8fn4xz3t2y1pcqqwvh1csrcqmhxmkc5zz1wgfcnjbzfsencpvexen616es3599vjz2rme418v02cqj0rka1c57ctb62n7n3mag9c5hh7cr17w2sbkckwm1g14bs51vt3cdc8kcnp2c0b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bacc8cc7426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 9F5F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 050B 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44408
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 9F5F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame 9F5F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXSgrhCe9zzvxFbg4LwD4S1QWGx6XGnnWpS8LxbaLeTWbzamSZ8ugxylqU18xnDwEGvHbHzQy6WCFPD65XLDZI1a3zdw
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9F5F 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F5F 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:48 GMT
async_usersync
ib.adnxs.com/ Frame C53E 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
be4ea855-9a15-4292-9f03-cbd40d3bb245
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E07A 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0abb7c26-42d6-48aa-b36b-62b7bce37c3a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8043 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:43:19 GMT
expires
Wed, 26 Oct 2022 06:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 54BC 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
d6c5ee6bcce826db9a49505228faa7c52d58457ad42ac0970bdf95967f8779a4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0aDb3TxMnLez9ZUOySUHnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:46:49 GMT
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-0aDb3TxMnLez9ZUOySUHnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
i.match
s.tribalfusion.com/z/ Frame D1E6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEHhwrQIjPANHdjqc_iPd7V4&google_cver=1&google_push=AYg5qPIgwuX8rAZlPhxXwzPnYPnqPeJPMLwN1pYUZbTdchcP70SSNEj3Gl_DERikgYOpxf4I5fpCd4NI862-ppmaMguOsz_1TJ1Q&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHhwrQIjPANHdjqc_iPd7V4&google_cver=1&google_push=AYg5qPIgwuX8rAZlPhxXwzPnYPnqPeJPMLwN1pYUZbTdchcP70SSNEj3Gl_DERikgYOpxf4I5fpCd4NI862-ppmaMguOsz_1TJ1...
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHhwrQIjPANHdjqc_iPd7V4&google_cver=1&google_push=AYg5qPIgwuX8rAZlPhxXwzPnYPnqPeJPMLwN1pYUZbTdchcP70SSNEj3Gl_DERikgYOpxf4I5fpCd4NI862-ppmaMguOsz_1TJ1Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgwuX8rAZlPhxXwzPnYPnqPeJPMLwN1pYUZbTdchcP70SSNEj3Gl_DERikgYOpxf4I5fpCd4NI862-ppmaMguOsz_1TJ1Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.5 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a41bacdedcd7166-DUS
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
289
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a41baccabdd7166-DUS
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHhwrQIjPANHdjqc_iPd7V4&google_cver=1&google_push=AYg5qPIgwuX8rAZlPhxXwzPnYPnqPeJPMLwN1pYUZbTdchcP70SSNEj3Gl_DERikgYOpxf4I5fpCd4NI862-ppmaMguOsz_1TJ1Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIgwuX8rAZlPhxXwzPnYPnqPeJPMLwN1pYUZbTdchcP70SSNEj3Gl_DERikgYOpxf4I5fpCd4NI862-ppmaMguOsz_1TJ1Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D1E6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPJB4ZHC9RCJixgh3avrWF4eA2306U...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPJB4ZHC9RCJixgh3avrWF4eA2306UpVN6Kn6QBqKLOFf06Q903Z1ccUj9skQ8RijzaETvhvAoLhgbJh9058jvQpcQXwaLM
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1635230809.816883,VS0,VE0
x-served-by
cache-hhn4069-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPJB4ZHC9RCJixgh3avrWF4eA2306UpVN6Kn6QBqKLOFf06Q903Z1ccUj9skQ8RijzaETvhvAoLhgbJh9058jvQpcQXwaLM
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame D1E6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM_5LXJ2FNlA3MnbYFuUsB8&google_cver=1&google_push=AYg5qPLXoFgw90KsxvLbAoizatLJST5-uWslyeZNUNl6ixueHWJ9kWjPBRaB3hnjd_n0u2drvo3CN7OMqyBNw1dIr3Nl0OLkfYGX
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D1E6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPKavu1dMPP75KTLzv0fqTXDNRYKDhqtYPZMdobLF_YoUpyWCYNRGHNGjbHtXqHi4Yaw1hOCtCtn...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5NDYwNDAwNDgwNDU2OTEyMw&google_push=AYg5qPKavu1dMPP75KTLzv0fqTXDNRYKDhqtYPZMdobLF_YoUpyWCYNRGHNGjbHtXqHi4Yaw1hOCtC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5NDYwNDAwNDgwNDU2OTEyMw&google_push=AYg5qPKavu1dMPP75KTLzv0fqTXDNRYKDhqtYPZMdobLF_YoUpyWCYNRGHNGjbHtXqHi4Yaw1hOCtCtneXd6t13LnZthI7Be5l6P
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5NDYwNDAwNDgwNDU2OTEyMw&google_push=AYg5qPKavu1dMPP75KTLzv0fqTXDNRYKDhqtYPZMdobLF_YoUpyWCYNRGHNGjbHtXqHi4Yaw1hOCtCtneXd6t13LnZthI7Be5l6P
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
dsp.adkernel.com/ Frame D1E6 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJ-xlhheDIu_o0agAehZ1jw&google_cver=1&google_push=AYg5qPK61N8OEl38YDI2mxS5ubiCp-4zHhGTGWoeEvRvznfXGt7HrfNKIHhp_1TUcKVIIuG8hBYfpSeDrseINo0xmTcJ78G0p-3U
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame D1E6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.targeting.unrulymedia.com/csync/RX-c0716310-07e7-411b-9fed-5b30fdf41a48-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPL3JJZiVOP55gCpT2g0m...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL3JJZiVOP55gCpT2g0mfax24NkgzT1OLzrQLX48Kfk_ghtbKO-BmBOTafh2g27hA_s7d46UcdMW4LRn_rLjiWsRdx5tPXk&google_hm=A8BxYxAH50Ebn-1bMP30Gkg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL3JJZiVOP55gCpT2g0mfax24NkgzT1OLzrQLX48Kfk_ghtbKO-BmBOTafh2g27hA_s7d46UcdMW4LRn_rLjiWsRdx5tPXk&google_hm=A8BxYxAH50Ebn-1bMP30Gkg
Requested by
Host: sorrelma.com
URL: https://sorrelma.com/geometric-tattoos/?utm_source=twitter&utm_medium=Social&utm_campaign=remarketing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPL3JJZiVOP55gCpT2g0mfax24NkgzT1OLzrQLX48Kfk_ghtbKO-BmBOTafh2g27hA_s7d46UcdMW4LRn_rLjiWsRdx5tPXk&google_hm=A8BxYxAH50Ebn-1bMP30Gkg
date
Tue, 26 Oct 2021 06:46:49 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc071631007e7411b9fed5b30fdf41a48003
content-type
text/html
/
cc.adingo.jp/adx/push/ Frame D1E6 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEEHKDzN5iMpIJZz-wgt0oEw&google_cver=1&google_push=AYg5qPJNmO799h6C_5SDW9mpDZpmPyRnQYVO4g1z9V9scmXsS61NR5wdbiSiBbYWRWlPwEpXGtbOudjIB3ZuJv3vxhLneF59Nt8
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.44.14 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame D1E6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LtLqAJ3ZyoLzS2DmAFFt6URhO32dGyl4OmnvYUjoLNKLUBjOSh7NLZgWWDjCqtOEaTDHG2
Requested by
Host: 0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
URL: https://0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 08A8 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:43:19 GMT
expires
Wed, 26 Oct 2022 06:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 9B14 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
38b94d14be6ce5e0f3675657743e0b888d6e87d8d51db91863e0ab89adecc2ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JL4p75kxSEBgCDKeLOYgzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:46:49 GMT
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-JL4p75kxSEBgCDKeLOYgzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 1021 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:48 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
32e82c74-d393-4f6e-a9a0-2dd583bcbe73
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1190 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6e841be7-4ff2-45ff-9fc6-a303e42401d3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame FC48 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8f634e9f-c4ea-4031-9841-dddc8bedbc44
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame ACD6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame ACD6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=sorrelma.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame ACD6 		349 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3264558835570243&correlator=114691986605552&output=ldjh&impl=fif&eid=31063082%2C31063213%2C31063262%2C31062525&vrg=2021102001&ptt=17&sc=1&sfv=1-0-38&ecs=20211026&iu_parts=421469808%2Csorrelma.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=1&eri=1&cust_params=GS%3DYes%26OS%3DOther%26FC%3D1&cdm=sorrelma.com&bc=31&abxe=1&lmt=1635230809&dt=1635230809067&dlt=1635230804787&idt=2802&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=2026580777&ucis=ntyaq8yaj148&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fsorrelma.com%2Fgeometric-tattoos%2F%3Futm_source%3Dtwitter%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&ref=https%3A%2F%2Fsorrelma.com%2Fnewbottom.php%3Futm_source%3Dfacebook%26utm_medium%3DSocial%26utm_campaign%3Dremarketing&top=https%3A%2F%2Ftvking.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x0&ga_vid=897778963.1635230808&ga_sid=1635230808&ga_hid=1029041341&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102001.js?31063262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e8d822877a770864a7f9f69cfb35354a7f22756dbfa278d00eaced41e2a42f8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
150
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://sorrelma.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7260 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:46:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D75A 		0
0
container.html
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 52EF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 26 Oct 2021 06:46:47 GMT
expires
Wed, 26 Oct 2022 06:46:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 93CE 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
de7bea5d-bc44-42e1-b136-703b4c6436ae
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rs
ad4m.at/ Frame AAA9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
854793ab5c74be01974d157673e73e7d0034bec09c10afa14ca28fc8770b528a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6a41bacdccdb39bd-CDG
date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Je5GiQnZWUwoVslWzurgZfn7VPVBb6VJyTTP9Zr6hrK%2FqvfHC8tbi3xPkyde%2BTGvg2nAQatpCiDkQMkW%2BvG7GX1SMHXU89I8uoLwWup1a%2FNXUtSMJ5estmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-d4ff
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-d4ff
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0qrlXUnHaTEIfQMyhw0pjqeMfQnS1PPeW%2Foet9KDKZevtz9yDkNrsWIr0yL4f1NGyhsQQZ7NnF%2Bcb9hv5yZMvRqAPa%2Bm3LB7DPkhyLxKcvEIdaMefOIz7k%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bacd9c9239bd-CDG
banner
ad3.adfarm1.adition.com/ Frame 0C47 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad3.adfarm1.adition.com/banner?sid=4662864&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html%3Fn%3D3&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/93.0.4577.63%20Safari/537.36&os=17&browser=11&userid=7023262841771980939&kid=4646472&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr%2Dbm1gPIAQmpAsWfM4y3d7M%2D4AIAqAMBqgTjAU%5FQjbNpQBk2EWkSo3zYrJser4%5FBmNrPdFNQHq6OLcPG7vLThXy9sYH%5FsaRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go%5FSWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4%5FmpJSlQbMkrtwMlwC9M0rRmwpwfyU%5F4y4KvAOeuskD15CGgqAqS6%2D1wxzcTQCDVnPZr24iuRpqq2eFuB%2D9D%5FTZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a%2DG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64%5F0qM13%5FohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca%2Dpub%2D3282547114800347%26adurl%3Dhttps%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx%2Dauction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3D
Requested by
Host: ad3.adfarm1.adition.com
URL: https://ad3.adfarm1.adition.com/js?wp_id=4662864&gdpr=&gdpr_consent=&kid=4646472&clickurl=https://adclick.g.doubleclick.net/aclk?sa=L&ai=Crn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr-bm1gPIAQmpAsWfM4y3d7M-4AIAqAMBqgTjAU_QjbNpQBk2EWkSo3zYrJser4_BmNrPdFNQHq6OLcPG7vLThXy9sYH_saRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go_SWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4_mpJSlQbMkrtwMlwC9M0rRmwpwfyU_4y4KvAOeuskD15CGgqAqS6-1wxzcTQCDVnPZr24iuRpqq2eFuB-9D_TZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_0qM13_ohgG7nPv8ZrcK9ABhUDYPw&client=ca-pub-3282547114800347&adurl=https%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx-auction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.9 -, , ASN (),
Reverse DNS
Software
ADITIONSERVER v1.0 /
Resource Hash
561f57ea6eeb1d79b67d70a401e7d1f580d2234b1579bd3311572b8e0d8f8c20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 08:46:49 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
expires
Sat, 01 Jan 2000 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 399D 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jn7rg7gz7jjj3cfz6v0vkdkfqg1kwp725zmz09dm04rx56my9dk67b96harexs2a3gge46525v0edax28a6wtnfnftte0zp390dgs763gvymg9zvbq9c957snwq9x526n5hr5zxjptb85zs2h3y4re4xm78cjd9eztwk92fa76szzn2dkwpraffdnqn4twhjyvrba3y5c64sae6x6e3ttz05p0eks5pcyff2zkamqeeh4he8zadyk1xes93bgt3ggy84zp2ywm1b22fj0e855sth65z8bbbbzbnd44xpn7095983vza626bkgznchj4vzpfecsjz4srv9zy2vj98j315baanaemvgfka4e03yv50bj2rtq9cpwqhvp6ddmd7mcdpnzs0tt60jbdfkvv8txmvbdwn78vz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jn7rg7gz7jjj3cfz6v0vkdkfqg1kwp725zmz09dm04rx56my9dk67b96harexs2a3gge46525v0edax28a6wtnfnftte0zp390dgs763gvymg9zvbq9c957snwq9x526n5hr5zxjptb85zs2h3y4re4xm78cjd9eztwk92fa76szzn2dkwpraffdnqn4twhjyvrba3y5c64sae6x6e3ttz05p0eks5pcyff2zkamqeeh4he8zadyk1xes93bgt3ggy84zp2ywm1b22fj0e855sth65z8bbbbzbnd44xpn7095983vza626bkgznchj4vzpfecsjz4srv9zy2vj98j315baanaemvgfka4e03yv50bj2rtq9cpwqhvp6ddmd7mcdpnzs0tt60jbdfkvv8txmvbdwn78vz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411083
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bacd8f14426c-AMS
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 399D 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jn7rg7gz7jjj3cfz6v0vkdkfqg1kwp725zmz09dm04rx56my9dk67b96harexs2a3gge46525v0edax28a6wtnfnftte0zp390dgs763gvymg9zvbq9c957snwq9x526n5hr5zxjptb85zs2h3y4re4xm78cjd9eztwk92fa76szzn2dkwpraffdnqn4twhjyvrba3y5c64sae6x6e3ttz05p0eks5pcyff2zkamqeeh4he8zadyk1xes93bgt3ggy84zp2ywm1b22fj0e855sth65z8bbbbzbnd44xpn7095983vza626bkgznchj4vzpfecsjz4srv9zy2vj98j315baanaemvgfka4e03yv50bj2rtq9cpwqhvp6ddmd7mcdpnzs0tt60jbdfkvv8txmvbdwn78vz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69565
x-guploader-uploadid
ADPycduDVKAqrImukjhlYteElQMkMrYqokC1rGAPP0PymAQcPIf77FwZheoKbpTUE7JfdnrrSxlzL91UZkZh2eVQXHo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:57 GMT
server
cloudflare
etag
W/"8117c73fc4e946a604517e9066dbb583"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1S%2BI3ME8WO7CBDeItFXIgt3kX4eQNxo70%2FNRUGiUU3gQYi1uMSbUqoox%2Fk19KVKKJINdfBXRt%2BLokDxcCGTSeNYPpCzME6HjeipiDVevIbQnrxdrQMzRoM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729216993678
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11927
cf-ray
6a41bacd8f18426c-AMS
expires
Mon, 25 Oct 2021 11:27:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 78A8 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:43:19 GMT
expires
Wed, 26 Oct 2022 06:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 8A31 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
ef3880e69c8145d9365f3c981b9a3c8a59e7d0ab3b6dec6a0b304b0d49cca5d8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SqT41g+z5Y6Iy8qky6ydig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:46:49 GMT
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-SqT41g+z5Y6Iy8qky6ydig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
frame.html
ad4m.at/ Frame AFF6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:49 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015225
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLvpoCbwMNrPX37rTmzVPIja7bR8FNPKuUzBWIyLmlrPsKqSH1hgXtVWoDd0TMgSGMwtelqLx0tJVVykz8ABWP%2FbM7QX4ECsve%2F4L5lmK%2B%2BWpKxkZEXYnwI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bacd9f38426c-AMS
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame E82F 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hqftp2acb8gwzezcm6gfqk1w8kgvn39eaetq9sr3twdsx89b1kb2aw62cqggyz8z6gxh2czdmjb1h033heh9wt169bdxvfaztsx3vkm3dcysg1rhat0pzd30e5y40ss1nr1gsdnp03zntsc7vda7r1jmef43h5zbbvrfk5jd9ngczz6cxhe0dy4h9gf5g5b5v79es3veg1qtyejmjwhjmv031hdynvsrktqjr2pk25xbpa9yf2zceyc8jsd4nrkeg5yrrh6pehp3qw1fa4hz8s5gfydd9xa9ypj59bwv1cmhcaz7wwckjkjaange7hehc8rva4s8p3nft88mtq4qhm9hp5whdgvax5skj8rsr24g21ak34nhbxvw1h61krgaywvx8kdv0y3yz5rmk1f8hp26f0en338c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hqftp2acb8gwzezcm6gfqk1w8kgvn39eaetq9sr3twdsx89b1kb2aw62cqggyz8z6gxh2czdmjb1h033heh9wt169bdxvfaztsx3vkm3dcysg1rhat0pzd30e5y40ss1nr1gsdnp03zntsc7vda7r1jmef43h5zbbvrfk5jd9ngczz6cxhe0dy4h9gf5g5b5v79es3veg1qtyejmjwhjmv031hdynvsrktqjr2pk25xbpa9yf2zceyc8jsd4nrkeg5yrrh6pehp3qw1fa4hz8s5gfydd9xa9ypj59bwv1cmhcaz7wwckjkjaange7hehc8rva4s8p3nft88mtq4qhm9hp5whdgvax5skj8rsr24g21ak34nhbxvw1h61krgaywvx8kdv0y3yz5rmk1f8hp26f0en338c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411083
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bacdaf3c426c-AMS
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame E82F 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hqftp2acb8gwzezcm6gfqk1w8kgvn39eaetq9sr3twdsx89b1kb2aw62cqggyz8z6gxh2czdmjb1h033heh9wt169bdxvfaztsx3vkm3dcysg1rhat0pzd30e5y40ss1nr1gsdnp03zntsc7vda7r1jmef43h5zbbvrfk5jd9ngczz6cxhe0dy4h9gf5g5b5v79es3veg1qtyejmjwhjmv031hdynvsrktqjr2pk25xbpa9yf2zceyc8jsd4nrkeg5yrrh6pehp3qw1fa4hz8s5gfydd9xa9ypj59bwv1cmhcaz7wwckjkjaange7hehc8rva4s8p3nft88mtq4qhm9hp5whdgvax5skj8rsr24g21ak34nhbxvw1h61krgaywvx8kdv0y3yz5rmk1f8hp26f0en338c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69565
x-guploader-uploadid
ADPycduDVKAqrImukjhlYteElQMkMrYqokC1rGAPP0PymAQcPIf77FwZheoKbpTUE7JfdnrrSxlzL91UZkZh2eVQXHo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:57 GMT
server
cloudflare
etag
W/"8117c73fc4e946a604517e9066dbb583"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUII6ZFB9a7%2Bulx%2FfZ8LyOb6up6z9vqJWnNSMItb27WaxozWVP5XzrgcR6L%2BLgJw9VFYUGuUwFIRApL4hqFkHJP8MK%2BW35xPaYZ07UuCcz5572h8ZbXf9cY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729216993678
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11927
cf-ray
6a41bacdaf3d426c-AMS
expires
Mon, 25 Oct 2021 11:27:24 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 38E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuR8AWKR3YYWKC9LhgAec36eIDZaB_fBln5CPiuMMwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDfIAQngAgCoAwGqBOEBT9DXZvIuVvJybDsYT7k8WkUQ75a30hvJeq2LlpK02onJpubGNrLpT8bfHc8XB97utI5ZdRzywJZNo26-Bq32ECPDkXcMl58E6FonCqXtdqtl7CChRRJYNWTlFZWFAVE2AkbNff_0v8txz5zFjT0YkWBnFUd64r6wRbr5x4KJKFk7iuGPfHy7WUE3xGmvanVKX-m69Ivp1L6HgjLlX-TVMsAeqSean6IO6incwrA44dqsRlTbbmO5lGA4zQWXwCCqv5nbCwp7yTKgAND9jmTQ3gR3qwdvaShyAWuxWj1GaN0U4AQBgAbS67HYytK91QWgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMjgyNTQ3MTE0ODAwMzQ3GJD9Eg&sigh=ybNHFxqx8nw&uach_m=[UACH]&cid=CAQSKQCNIrLMeruUA-ZA1ColdreDhl2BfJQo5SutciXmE9PeVuhiNO9hyDS3GAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
rtpixel
g.rtbrain.app/ Frame 38E2
Redirect Chain
  • https://g.rtbrain.app/rtimp?sid=7e0eb148-3628-11ec-9a5d-4aafd4d64344&d=sorrelma.com&cr=dts_gen2__23&gid=CAESEOrRm-oHGPl89DFpZVLHP6c&a=imp&p=YXekWAACxQUK4DDSAAnvnOTMk66QqosQHNQOZQ&im=1Bzxg-6qmX2rMVH...
  • https://cm.g.doubleclick.net/pixel?google_nid=rtbrain_app&google_cm=&google_tc=&id=7ea70178-3628-11ec-83b4-0e58779fcebf&source=RTBRAIN&google_hm=fqcBeDYoEeyDtA5Yd5_Ovw==
  • https://g.rtbrain.app/rtpixel?id=7ea70178-3628-11ec-83b4-0e58779fcebf&source=RTBRAIN&google_gid=CAESEOrRm-oHGPl89DFpZVLHP6c&google_cver=1
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.rtbrain.app/rtpixel?id=7ea70178-3628-11ec-83b4-0e58779fcebf&source=RTBRAIN&google_gid=CAESEOrRm-oHGPl89DFpZVLHP6c&google_cver=1
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.128.115 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://g.rtbrain.app/rtpixel?id=7ea70178-3628-11ec-83b4-0e58779fcebf&source=RTBRAIN&google_gid=CAESEOrRm-oHGPl89DFpZVLHP6c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
346
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 38E2 		4 KB
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 05:01:33 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:49 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:49 GMT
css
fonts.googleapis.com/ Frame 38E2 		1 KB
422 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Secular+One&display=swap
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f10.1e100.net
Software
ESF /
Resource Hash
f007e99aae3723e918b449d1042ce4c387b13eaa71187e12ae222f19711e8c28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 06:11:34 GMT
server
ESF
date
Tue, 26 Oct 2021 06:46:49 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 26 Oct 2021 06:46:49 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 38E2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 38E2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame 38E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnrzkyAkfnH1kyIGqvQJBTKhQ980yzm-ATeX_mytlcUZU2-xPGQaKNrUf80-RRsD5oTmDwMSzempFcevX_XWjYgu3bhA
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 38E2 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 38E2 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 376A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrbujWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTfAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctxWfuv3l3mEp6At6ZiExcHZXu7gBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zMjgyNTQ3MTE0ODAwMzQ3GJD9Eg&sigh=vubgqkkJi4Y&uach_m=[UACH]&cid=CAQSKQCNIrLM3Lyr2MDZKLkdbDIgEtQ4NaIq0KVExLrTDeGMRgtu4cQu3BNAGAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 376A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hm88brryrx299pjfkpeaga6wj5gyxf7hav2jkzvw97pfdyhc9f8q0t22c02206eznhhbvw1yrdprsntz0h5jsxs9pvfe5pnde7621kwre473y6n4vsxfqp9q0f3b8jcn45vh2x75hswte7kds4d9fwjs6cgadxn4kd9s8tv3mmesemyav0b4chw7ww7maqwnmt8j3bq7y3mg17vwh5hrvsw9ed81449zrpgjgpzmre1q9kzb2n6m08mc8b745g91g3wneh4m2psvh4sek90d5pm1zaxbdsyazteh0w172ydqtmeasaf1wyvap2n1v133btetxaykbzm4xqcv1pzndw3grw557bfp7vkz9vx87av6bzygmf4pzgww4w2g481n6x7c51r8g&b=YXekWAAFhAsK5UKhAAtxXPg7ciujyi_Z35-lNA
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame C5C2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kdwra9x5629yc226qgk405v86qkhm2bvz3t6ezrba1ew160ecy0ws9w18tfg4k762yvxk19kev0zg83y77y3pj7c20mp3vharynxxz0bqqk4b5gnttv867q2j4qzbmq823hpdcm7rngnjsqjj4x73dyx3be9avfr6v5wq8c7br5nrgxw4s14j1azrha8j28ynr1v2pahme1zvsnvygd5dsj7789dk8a7xxsbcjsfhha9ved4zv7bzkykqypf2zsh5me68ptxdjw2bajxm5jk6k9bdaztygprb7800b34bthqhr75p3nmypyq5wx7egj1p85cd6dwdcnpkg47xpe50cxem5sxzpr75912qykxar6wmgtnv6k8jqqn34spz2bb5cmedq2a0vyz9d8xzr7bghe2j0s0z5hmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYAUnWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTiAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctwUfOZlQKwD52iqoQ5ejFMrZ_o4uAngBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Sxl_WqCWT4-KzPG1DCvRWvt-YXQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a178160505b69f923fe8a09656c6db6d39dba7edb005183426f4f0d273fd3dcb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1kdwra9x5629yc226qgk405v86qkhm2bvz3t6ezrba1ew160ecy0ws9w18tfg4k762yvxk19kev0zg83y77y3pj7c20mp3vharynxxz0bqqk4b5gnttv867q2j4qzbmq823hpdcm7rngnjsqjj4x73dyx3be9avfr6v5wq8c7br5nrgxw4s14j1azrha8j28ynr1v2pahme1zvsnvygd5dsj7789dk8a7xxsbcjsfhha9ved4zv7bzkykqypf2zsh5me68ptxdjw2bajxm5jk6k9bdaztygprb7800b34bthqhr75p3nmypyq5wx7egj1p85cd6dwdcnpkg47xpe50cxem5sxzpr75912qykxar6wmgtnv6k8jqqn34spz2bb5cmedq2a0vyz9d8xzr7bghe2j0s0z5hmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYAUnWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTiAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctwUfOZlQKwD52iqoQ5ejFMrZ_o4uAngBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Sxl_WqCWT4-KzPG1DCvRWvt-YXQ%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bacdaf58426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 376A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 57D4 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44408
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 376A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 376A 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 376A 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4F77 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTqTNWKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBN8BT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelHHKmenosN7NVJkM9l3PrHGycuAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMyODI1NDcxMTQ4MDAzNDcYkP0S&sigh=C99NgNUqYMY&uach_m=[UACH]&cid=CAQSKQCNIrLMrBECPm2RD2-U3Jta7kVzKpddKF47f7XcdaWEmHWaTW8ss_2mGAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 4F77 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g1vjw27qbd5vycks19gc4cs6fe3n0n7q6j03852rdgqg1e2dyyrr5rhc7kfa06420ndyz9m4g7hhw44nq1mv7z0y328tj09zrkq3swsp16mwds2m3cy1mkjhzt4ep1pp5ye9cyasn8mjawxkd5sjsapakfgzrjw5bz1zywracr492etxxgtv56rv06spg3wn0945y4yw8brne8shqr0qjxspkn7gkwt428edvab8vpmna65ex2kvyg6wzxv5jsza9306k036sgc8cnwqr04r2gcbr0ffz4m6740nxszbwyh8tnb3afeg8kf2rspa511rfh6ewpraag02t4r5tj3yxc0bztx3nmx61tp791a6h5pvadd8ftyrjva3c5w5f8nge8x8jgc24&b=YXekWAAGSAsIu8iMAAHuhqgSvq7tYblneIkRpw
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 8B01 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jac426eaq86yk5w1xvax0jhx0g80f05zbfexbzr4vrq9ze74zcqdj9ff0edq455qpnmdb3tvtgwk747mgqph0k6zzqxmqj8r3yztxze8f314tyq7k3qnbj4p08cpveb3jynbmccphdq0f6x9hdy3dhhn37cx7wbcexrb05k9bs3yf5v2sbmebgytqx838kg6gg32hra1sz8ef99c6zzkmdjzgb6xmb096vbf15wxjp5z453fv11pr3kjvqc5367qvzrmv2y0e3g1zcpgf834b9qsma2jhfz86p9myb1x78mp1yffpw2hyygt15m25ghr2wvn2t1p06gb338sgz7n98hv5e0ca81z79qfxe7vnq9c47yq9w82hxhffx9nvg36852p9q2ntwb7pe0335vmrzq6kaw8zfnjg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_QO9WKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelDPIlHs_ZVmNnB5EYIeGPoOLZr65m-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0N4Q_l61RmBjzPIfeIbON5xTwMEQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd09ce2ba5ef76b5bc65cc58011e001a25a8c591d68722f04a35d0740e344c18
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1jac426eaq86yk5w1xvax0jhx0g80f05zbfexbzr4vrq9ze74zcqdj9ff0edq455qpnmdb3tvtgwk747mgqph0k6zzqxmqj8r3yztxze8f314tyq7k3qnbj4p08cpveb3jynbmccphdq0f6x9hdy3dhhn37cx7wbcexrb05k9bs3yf5v2sbmebgytqx838kg6gg32hra1sz8ef99c6zzkmdjzgb6xmb096vbf15wxjp5z453fv11pr3kjvqc5367qvzrmv2y0e3g1zcpgf834b9qsma2jhfz86p9myb1x78mp1yffpw2hyygt15m25ghr2wvn2t1p06gb338sgz7n98hv5e0ca81z79qfxe7vnq9c47yq9w82hxhffx9nvg36852p9q2ntwb7pe0335vmrzq6kaw8zfnjg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_QO9WKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelDPIlHs_ZVmNnB5EYIeGPoOLZr65m-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0N4Q_l61RmBjzPIfeIbON5xTwMEQ%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bacdbf70426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 4F77 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D015 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44408
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 4F77 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame 4F77 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnzgKbzei1zShDdthPbuK40SJBd8fk2O6KIlksbc7dzJTSP6WL88T1PA5w0EnpPvD0kGLGU6TaZWXmTWIKuB97FtCQAA
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4F77 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4F77 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EF5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cr5rkWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBN8BT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4pQoVbBzFW1doPaUlKj2dX0dVOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMyODI1NDcxMTQ4MDAzNDcYkP0S&sigh=J6h9gNZz46s&uach_m=[UACH]&cid=CAQSKQCNIrLMdpEf-B7OhBOQLvbKu5LaTdZCCoSxGSK7m8XCax4k6gTyTVd8GAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame EF5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kh22x4q6qe9ngyfephs2xdhjspytxgh5fez0fpyasr2qntqjxvxn7vnb78scfzhddtbz3ze7ds9mxkgr8z1w9ahe29j4f6yabdr8qaqsc624ch759n40m4wxpn9b67dyzep7nrvpzagk60ph94bm3bq8rq9ckzsezfzr1q7ame5r9yj70d3yrj5hf9zfjf8hzzdda6krzwfs6eg3xedasa0h341n22gggqzb36bfjj686g1awvzm2v5h7kpntt3gsj18hf6vkec9ensvwt955hr069yr7zzqnm719v6fw5b84z8d9zzhqpw1mahcczjv4b3s3r0en6a2vh7qz51zkx5gnm5n1xg8wyerr649ax04ckf858k9kdzagzz2y09fx3367z75m&b=YXekWAAHcmEH_YtYAAZAqjEmIJK4aZk-Mhce6Q
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 51BA 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1j9zk28smej82epga63ktbq1xasrszc8pq6mmtpdxxfa86wba1c9dny6a52k8v70kk4ar9f2ffgm9n41v6vjvn9w83wfdcyw5nf0gf9671r4dyjzkb4eft2cs7xxnw6kej4ezp64g74877berv338gt62qsz7waaay6w34tp2pydw2pqd97cdct6j72v10gtanc73ecw25d319gy016xvdav3r46e121v1fm2z5m2twnd4dthvftgv48w1yfwtsm9fgre6v2e6mv7msnzkwrfjk58ws6tbntw1nv78fn44gg6ym0b4aj32drhp7am8nywrtzrswpp137xbgresf4pqwx6q9rmm46ww2eaqyencm6nwdtsbtvjsj2szx74ed2thvsbxr5cv7pw5earzzgy2k3gcdwf41dv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUMxWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4tYqWCKkwOodaHHcAnK_548kQL0SGOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RAIrtzkQuqd0ubr5z3zDXAD9KzA%26client%3Dca-pub-3282547114800347%26adurl%3D
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ce7dfb9eca1da041bd460b0e3ae94c40c5ba93799cc48b445520de36a3b909f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1j9zk28smej82epga63ktbq1xasrszc8pq6mmtpdxxfa86wba1c9dny6a52k8v70kk4ar9f2ffgm9n41v6vjvn9w83wfdcyw5nf0gf9671r4dyjzkb4eft2cs7xxnw6kej4ezp64g74877berv338gt62qsz7waaay6w34tp2pydw2pqd97cdct6j72v10gtanc73ecw25d319gy016xvdav3r46e121v1fm2z5m2twnd4dthvftgv48w1yfwtsm9fgre6v2e6mv7msnzkwrfjk58ws6tbntw1nv78fn44gg6ym0b4aj32drhp7am8nywrtzrswpp137xbgresf4pqwx6q9rmm46ww2eaqyencm6nwdtsbtvjsj2szx74ed2thvsbxr5cv7pw5earzzgy2k3gcdwf41dv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUMxWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4tYqWCKkwOodaHHcAnK_548kQL0SGOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RAIrtzkQuqd0ubr5z3zDXAD9KzA%26client%3Dca-pub-3282547114800347%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bacdcf8d426c-AMS
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame EF5F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2159 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44408
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame EF5F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame EF5F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZ5_m3DRzNlG2Mr__ZFVz3nFlPoVulqsfFHsLR1hZE5CCaNvlqy8uG9JzBCUgEYBY9Jo-93zdGjVFtkOci2cKh2r4Z1w
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EF5F 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EF5F 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:49 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 023B 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hm873ehmnkxt6z4t2y7x7am172psh6e990ywjh17yqdxq3hx9jd8f4tb1vbj6wmsq4m3mcp361f5e361s4bg37emhb0cmndp041rc7fh37r8txk0kgjx893z6q27q5nj9agp9fzhs9a0breehw2k102wvx4vme7zvnvechzw7cm0cs8b817e3eb9azqrgqch7xk0jjq0671d07f5avdr07ntxq3agpddj66gbxz4scja1tm01rk66xg7j276ddd412s75nm6st9cxgqg32rs8fn4xz3t2y1pcqqwvh1csrcqmhxmkc5zz1wgfcnjbzfsencpvexen616es3599vjz2rme418v02cqj0rka1c57ctb62n7n3mag9c5hh7cr17w2sbkckwm1g14bs51vt3cdc8kcnp2c0b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hm873ehmnkxt6z4t2y7x7am172psh6e990ywjh17yqdxq3hx9jd8f4tb1vbj6wmsq4m3mcp361f5e361s4bg37emhb0cmndp041rc7fh37r8txk0kgjx893z6q27q5nj9agp9fzhs9a0breehw2k102wvx4vme7zvnvechzw7cm0cs8b817e3eb9azqrgqch7xk0jjq0671d07f5avdr07ntxq3agpddj66gbxz4scja1tm01rk66xg7j276ddd412s75nm6st9cxgqg32rs8fn4xz3t2y1pcqqwvh1csrcqmhxmkc5zz1wgfcnjbzfsencpvexen616es3599vjz2rme418v02cqj0rka1c57ctb62n7n3mag9c5hh7cr17w2sbkckwm1g14bs51vt3cdc8kcnp2c0b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411083
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bacddfb2426c-AMS
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 023B 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hm873ehmnkxt6z4t2y7x7am172psh6e990ywjh17yqdxq3hx9jd8f4tb1vbj6wmsq4m3mcp361f5e361s4bg37emhb0cmndp041rc7fh37r8txk0kgjx893z6q27q5nj9agp9fzhs9a0breehw2k102wvx4vme7zvnvechzw7cm0cs8b817e3eb9azqrgqch7xk0jjq0671d07f5avdr07ntxq3agpddj66gbxz4scja1tm01rk66xg7j276ddd412s75nm6st9cxgqg32rs8fn4xz3t2y1pcqqwvh1csrcqmhxmkc5zz1wgfcnjbzfsencpvexen616es3599vjz2rme418v02cqj0rka1c57ctb62n7n3mag9c5hh7cr17w2sbkckwm1g14bs51vt3cdc8kcnp2c0b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69565
x-guploader-uploadid
ADPycduDVKAqrImukjhlYteElQMkMrYqokC1rGAPP0PymAQcPIf77FwZheoKbpTUE7JfdnrrSxlzL91UZkZh2eVQXHo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:57 GMT
server
cloudflare
etag
W/"8117c73fc4e946a604517e9066dbb583"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BIw3SqQKuh5RL%2BJEzCAnNLyPhc%2BTmMS3NNWWNSm0t3SmcBxmNhCslR6KzkYgPvLVuWwFrG%2BVMLjmpI9STAZJIiaa4FUSR15pfm2%2BAMKsEBeVUbu2O5PQSs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729216993678
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11927
cf-ray
6a41bacddfb3426c-AMS
expires
Mon, 25 Oct 2021 11:27:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EA6C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:43:19 GMT
expires
Wed, 26 Oct 2022 06:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 1B43 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
3d1e0bae8a65dbd5daf2f64150f304213c2a541c69480e83fb0a2e2a1a40985d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5cLnKW3y2JzMUq0PHZ1ncg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:46:49 GMT
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5cLnKW3y2JzMUq0PHZ1ncg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame CAD2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPI_cK7fIE4XkpQ4CVn19RirjhCozw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPI_cK7fIE4XkpQ4CVn19RirjhCozwXC-JA0tgGpq-v6Mv1MxyULwJQ-6FJOITb2mCv_R9y-wRnE_aZfwnTfEn790Bx7jCM
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 varnish
server
Varnish
x-timer
S1635230809.262320,VS0,VE0
x-served-by
cache-hhn4069-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPI_cK7fIE4XkpQ4CVn19RirjhCozwXC-JA0tgGpq-v6Mv1MxyULwJQ-6FJOITb2mCv_R9y-wRnE_aZfwnTfEn790Bx7jCM
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame CAD2
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE05YFd2tdevRZn3jJDUfgg&google_cver=1&google_push=AYg5qPLmim7N9uz3ufkGYNg-GHe5H6WCFNy_2INTlePF5EMTSqF0YM8iaEmxGAERp1Gm4fRORlfOfvtJWQU...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLmim7N9uz3ufkGYNg-GHe5H6WCFNy_2INTlePF5EMTSqF0YM8iaEmxGAERp1Gm4fRORlfOfvtJWQUJ9zeMapQWLdtUXBU&google_hm=iRAq0OmjQM2sS1xqMxO7zC4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLmim7N9uz3ufkGYNg-GHe5H6WCFNy_2INTlePF5EMTSqF0YM8iaEmxGAERp1Gm4fRORlfOfvtJWQUJ9zeMapQWLdtUXBU&google_hm=iRAq0OmjQM2sS1xqMxO7zC4
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLmim7N9uz3ufkGYNg-GHe5H6WCFNy_2INTlePF5EMTSqF0YM8iaEmxGAERp1Gm4fRORlfOfvtJWQUJ9zeMapQWLdtUXBU&google_hm=iRAq0OmjQM2sS1xqMxO7zC4
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CAD2
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELiZEGIdlx_7f-I-Vq1bOJ4&google_cver=1&google_push=AYg5qPI_7J1u79YLvcITlImGWebefllsTxYQ0wAGRO8vKBhxYnuCY_ISCJR4hhQBKxEgbCCCdiJYlkfdPW5OmF...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPI_7J1u79YLvcITlImGWebefllsTxYQ0wAGRO8vKBhxYnuCY_ISCJR4hhQBKxEgbCCCdiJYlkfdPW5OmFPH9GirXFYUxQ&google_hm=hmF3pFht5znJGcFr3Q&...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPI_7J1u79YLvcITlImGWebefllsTxYQ0wAGRO8vKBhxYnuCY_ISCJR4hhQBKxEgbCCCdiJYlkfdPW5OmFPH9GirXFYUxQ&google_hm=hmF3pFht5znJGcFr3Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6177A4586DE739C919C16BDDBLIS
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AYg5qPI_7J1u79YLvcITlImGWebefllsTxYQ0wAGRO8vKBhxYnuCY_ISCJR4hhQBKxEgbCCCdiJYlkfdPW5OmFPH9GirXFYUxQ&google_hm=hmF3pFht5znJGcFr3Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D6177A4586DE739C919C16BDDBLIS
date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame CAD2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELEMrX5n7ZyXDEVy7z6rZYg&google_cver=1&google_push=AYg5qPL-spx6LVyJ9iJPQdvnAC6yp78hUsW_WziAhKYLjM1HNi9j4_RarUxdrCTL605Dkmt8VV2dNds2lcDVLJmAL3yTDBHBSA
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL-spx6LVyJ9iJPQdvnAC6yp78hUsW_WziAhKYLjM1HNi9j4_RarUxdrCTL605Dkmt8VV2dNds2lcDVLJmAL3yTDBHBSA&google_hm=MTQwMzA3NjkyMzcyMjc3MDg0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL-spx6LVyJ9iJPQdvnAC6yp78hUsW_WziAhKYLjM1HNi9j4_RarUxdrCTL605Dkmt8VV2dNds2lcDVLJmAL3yTDBHBSA&google_hm=MTQwMzA3NjkyMzcyMjc3MDg0Mg%3D%3D
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL-spx6LVyJ9iJPQdvnAC6yp78hUsW_WziAhKYLjM1HNi9j4_RarUxdrCTL605Dkmt8VV2dNds2lcDVLJmAL3yTDBHBSA&google_hm=MTQwMzA3NjkyMzcyMjc3MDg0Mg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame CAD2
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPK0EOO169jCYfKOg1PlY94EBm5i_FiCFHxnq2wXgCiMwLHyE4eEyIP8KO1JPdPo2SmWqJFMB4zICndpRVEEOqRJJ05...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK0EOO169jCYfKOg1PlY94EBm5i_FiCFHxnq2wXgCiMwLHyE4eEyIP8KO1JPdPo2SmWqJFMB4zICndpRVEEOqRJJ0515k8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK0EOO169jCYfKOg1PlY94EBm5i_FiCFHxnq2wXgCiMwLHyE4eEyIP8KO1JPdPo2SmWqJFMB4zICndpRVEEOqRJJ0515k8
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK0EOO169jCYfKOg1PlY94EBm5i_FiCFHxnq2wXgCiMwLHyE4eEyIP8KO1JPdPo2SmWqJFMB4zICndpRVEEOqRJJ0515k8
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame CAD2
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKE0YotPDqoy_b5nplnnndA&google_cver=1&google_push=AYg5qPLp3rUXdZGLW5tvxLm301f4CMyGqCmzaL0uQFp4fEDfYFVc3GheXmMT3a22R9cxIRFkAiaV_l1c8bYdbu6d...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLp3rUXdZGLW5tvxLm301f4CMyGqCmzaL0uQFp4fEDfYFVc3GheXmMT3a22R9cxIRFkAiaV_l1c8bYdbu6duXFeCpzCuhY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLp3rUXdZGLW5tvxLm301f4CMyGqCmzaL0uQFp4fEDfYFVc3GheXmMT3a22R9cxIRFkAiaV_l1c8bYdbu6duXFeCpzCuhY
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLp3rUXdZGLW5tvxLm301f4CMyGqCmzaL0uQFp4fEDfYFVc3GheXmMT3a22R9cxIRFkAiaV_l1c8bYdbu6duXFeCpzCuhY
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
JIWpJxjlJszUHonBRfmOSsYG9s8EXX1py6GWg6A4NlUxKQsVpyKP0Q==
/
cc.adingo.jp/adx/push/ Frame CAD2 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEEHKDzN5iMpIJZz-wgt0oEw&google_cver=1&google_push=AYg5qPJ35fFNNmfyrecQV5nr1pBkuC2h1oDSyN4A6IkvqgvMhZVglPFOIqAuj4Lx5C2K-3dfz1xIjTTweOuTKt_EENstvppkpe8
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.199.44.14 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame CAD2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KPcxHx3qCGbimJEL8APsIpY2WfsIt_qKchvEU3e1fEWdw_X2iG1RsmG2GD64me1NL0YVOj
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame BF5F 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENLTrHPyvsc_wKFmhT4t9R4&google_cver=1&google_push=AYg5qPJ9l6nz-vDTX0z0HQqeN87nHk6EM-rzaKuoez9E3hX-bnlFvzCKqbfI5QQjF9GXXNSY_iI6G89JZx25mRToSJb8x2fs_6ok
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.140 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame BF5F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPIY9rjyGPquxJcabQkwJhXOtHNjqH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPIY9rjyGPquxJcabQkwJhXOtHNjqHNkDIKnCIXuVnf3gHdyByN1L6WyVA8NZsBH6UZZvv0TXev400WDnw5f4cJoxSMiRnJo
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 varnish
server
Varnish
x-timer
S1635230809.275486,VS0,VE0
x-served-by
cache-hhn4069-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WVhla1dBQUFBSnRGTUFBNg==&google_gid=CAESEFD0t8pLqxfv71i8Cq2dyxg&google_cver=1&google_push=AYg5qPIY9rjyGPquxJcabQkwJhXOtHNjqHNkDIKnCIXuVnf3gHdyByN1L6WyVA8NZsBH6UZZvv0TXev400WDnw5f4cJoxSMiRnJo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
dot.gif
s0.2mdn.net/ Frame BF5F 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEO20rtuKvFbVWOk-lWWxFLI&google_cver=1&google_push=AYg5qPJqBnmgze9HrmASXdbV07Pqe1LC2oycRfLejlTl4eTFuP6vC3XeCqQv6HJjp3Y7T1nucHwMYx_YHxf7IMswtrRero7bPNBl
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Oct 2021 06:46:49 GMT
pixel
cm.g.doubleclick.net/ Frame BF5F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOTWl_FRqihe81hpW0K1uVU&google_cver=1&google_push=AYg5qPKfpaoqB1US9tk5OvGPVWErTob9TnIpNdKWye556oXVUDZBxrTLMN7v_QdWEu3hyI-JuWi1WhyKUCP-e...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKfpaoqB1US9tk5OvGPVWErTob9TnIpNdKWye556oXVUDZBxrTLMN7v_QdWEu3hyI-JuWi1WhyKUCP-eDfKhIwklVX_5T0&google_hm=b0hxYUFRdlFJbDBmdW9pR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKfpaoqB1US9tk5OvGPVWErTob9TnIpNdKWye556oXVUDZBxrTLMN7v_QdWEu3hyI-JuWi1WhyKUCP-eDfKhIwklVX_5T0&google_hm=b0hxYUFRdlFJbDBmdW9pRGtiZFU=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKfpaoqB1US9tk5OvGPVWErTob9TnIpNdKWye556oXVUDZBxrTLMN7v_QdWEu3hyI-JuWi1WhyKUCP-eDfKhIwklVX_5T0&google_hm=b0hxYUFRdlFJbDBmdW9pRGtiZFU=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BF5F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKgHrq6R5LT4cUsThnDE4gE&google_cver=1&google_push=AYg5qPJMeIYvYDEzmSv565ZbdXYpAHWF0fwsmCsIpACKvjr17hpArTH8GzrXn5V0PE_44rJoZXK98StQ7moyr_L...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tE-UdoBcQutd6jgZOPDuT9iDby4&google_push=AYg5qPJMeIYvYDEzmSv565ZbdXYpAHWF0fwsmCsIpACKvjr17hpArTH8GzrXn5V0PE_44rJoZXK98StQ7moyr_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tE-UdoBcQutd6jgZOPDuT9iDby4&google_push=AYg5qPJMeIYvYDEzmSv565ZbdXYpAHWF0fwsmCsIpACKvjr17hpArTH8GzrXn5V0PE_44rJoZXK98StQ7moyr_Ld00QIJpLYSyUR
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tE-UdoBcQutd6jgZOPDuT9iDby4&google_push=AYg5qPJMeIYvYDEzmSv565ZbdXYpAHWF0fwsmCsIpACKvjr17hpArTH8GzrXn5V0PE_44rJoZXK98StQ7moyr_Ld00QIJpLYSyUR
Date
Tue, 26 Oct 2021 06:46:49 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
sync
dsp.adkernel.com/ Frame BF5F 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEJ-xlhheDIu_o0agAehZ1jw&google_cver=1&google_push=AYg5qPLXUWq-2Jb5i3zv6-4WWXxaurtw_TSyi1F2FPVZ6wFy2MH7ZhUZlyoz6Y7qo46wuQTEMRbCkdkhvE-URa3GHvfxgyBBzyl8
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame BF5F
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFFLyjnVGRdavkUv4kfTrbo&google_cver=1&google_push=AYg5qPJLBTPo9_on8g6Tx8J7n7jxTieoFBdtWOIUrAT85oO6LLKBSGMXdYHBZXLPXtnPhV9aK3MZGXYPSWf3LgYiq1ozRP6iytME
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPJLBTPo9_on8g6Tx8J7n7jxTieoFBdtWOIUrAT85oO6LLKBSGMXdYHB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPJLBTPo9_on8g6Tx8J7n7jxTieoFBdtWOIUrAT85oO6LLKBSGMXdYHBZXLPXtnPhV9aK3MZGXYPSWf3LgYiq1ozRP6iytME
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPJLBTPo9_on8g6Tx8J7n7jxTieoFBdtWOIUrAT85oO6LLKBSGMXdYHBZXLPXtnPhV9aK3MZGXYPSWf3LgYiq1ozRP6iytME
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame BF5F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ld6f1H9mg41gNvTCwN7VLWIAI1BPvG_f1Lt1jSvu7vPsyQtCgpqykFLFnLEIlolgrZoHw6
Requested by
Host: 155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
URL: https://155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
imagesrv.adition.com/banners/250/00/db/47/eb/ Frame CB2C 		2 KB
589 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/250/00/db/47/eb/index.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr%2Dbm1gPIAQmpAsWfM4y3d7M%2D4AIAqAMBqgTjAU%5FQjbNpQBk2EWkSo3zYrJser4%5FBmNrPdFNQHq6OLcPG7vLThXy9sYH%5FsaRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go%5FSWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4%5FmpJSlQbMkrtwMlwC9M0rRmwpwfyU%5F4y4KvAOeuskD15CGgqAqS6%2D1wxzcTQCDVnPZr24iuRpqq2eFuB%2D9D%5FTZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a%2DG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64%5F0qM13%5FohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca%2Dpub%2D3282547114800347%26adurl%3Dhttps%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx%2Dauction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3Dhttps%253A%252F%252Fad3.adfarm1.adition.com%252Fredi%253Flid%253D7023262846072259801%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7023262841771980939%2526sid%253D4662864%2526kid%253D4646472%2526bid%253D14370795%2526c%253D53455%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1acda098d79709e6bc9164960a05ebf952f315e469c090ead0511d4a34e068a

Request headers

:method
GET
:authority
imagesrv.adition.com
:scheme
https
:path
/banners/250/00/db/47/eb/index.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr%2Dbm1gPIAQmpAsWfM4y3d7M%2D4AIAqAMBqgTjAU%5FQjbNpQBk2EWkSo3zYrJser4%5FBmNrPdFNQHq6OLcPG7vLThXy9sYH%5FsaRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go%5FSWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4%5FmpJSlQbMkrtwMlwC9M0rRmwpwfyU%5F4y4KvAOeuskD15CGgqAqS6%2D1wxzcTQCDVnPZr24iuRpqq2eFuB%2D9D%5FTZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a%2DG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64%5F0qM13%5FohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca%2Dpub%2D3282547114800347%26adurl%3Dhttps%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx%2Dauction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3Dhttps%253A%252F%252Fad3.adfarm1.adition.com%252Fredi%253Flid%253D7023262846072259801%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7023262841771980939%2526sid%253D4662864%2526kid%253D4646472%2526bid%253D14370795%2526c%253D53455%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/

Response headers

content-type
text/html
accept-ranges
bytes
etag
"155632299-br"
last-modified
Thu, 26 Aug 2021 12:58:20 GMT
content-length
504
access-control-allow-origin
*
vary
Accept-Encoding
content-encoding
br
date
Tue, 26 Oct 2021 06:46:49 GMT
adxSyncDone
tracking.m6r.eu/sync/ Frame 0C47
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=-lyPULOr66H5WTfz9pP_nA&
  • https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
44 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
Requested by
Host: bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
URL: https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.251.244.140 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
no-cache
Server
nginx
Connection
close
Content-Type
image/gif
Content-Length
44
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_ula=158217889,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
282
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1414 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=2546505396439370&rc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1470 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=3355200543626438&rc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 8B28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CyV5hV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE3wFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GFmEFOtP_G1dBAQPwOiyiep7wE4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODiACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzI4MjU0NzExNDgwMDM0NxiQ_RI&sigh=856X8J3uEwY&uach_m=[UACH]&cid=CAQSKQCNIrLMDPC571Reh2u6Y6Bn0BNMD3j8Uk672usAE_9GC19WqiqGSsx_GAE&cbvp=2&vis=1
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 8B28 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gd96fdprkpztk8w29byfr6f8hcbjva677f24a9he4e94bqt38xqn0r35589tyra8kzg6yk59hfzc10sxhedr5xc4fwg6fpqddk5r1z2zh4xfyrc1zb4qtvv3pdw51c6nskt1ekc1zc08s61cpm6wa0kynv7ka92r7zp6xwpepxd6d1pyassq18f8y5xbavmm3mznvesgxw63qt0s7js8fcdqt75xst1cyfsnmsjfcxrsabaaczha54b9xvmaharshadgcce8gs1xny543t2ymz4zcjyfmprjaqk8yet847r9vnsvg0hkh19xhyn9bc8qmmat0hhq7rxkm984ands46m5at3684yhhwp40btvjkh3bffj2qdwpbsfs72py5e2tz5mf2y74&b=YXekVwANihoKd58JAAh1WAfHmLyFpExdrExgtQ&cbvp=2
Requested by
Host: 405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
URL: https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.89.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
rar
as.ad4m.at/ad/ Frame 8021 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ec5732a54153490e2a9a6ea40052bb85c1d25cad483436a45574a10522a4070
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as.ad4m.at/ad/dr?ed=1jmxw3g8vnk2nw1nxk76hfm3jfrtm64tyw2nk2hx6v7tt5t3bngcg4emvja9e48j99syc7frgjat724m0sd8aake4ztvs54nj655km389cz1z3n7jtjq95dmxwm0dzxz0tgqkqqjkxpgqvwfq58by18ddvffdwzp8dw7m1aqzgqa2nfz6x3kkjzczpw45a83mhjk9h71hd4v9c35n62yz4wt344ntk96knbfr55yk27npa72h992zcwxpsr9nkyprc5pbfw3vd0tb4v2p9tx08pj8bnw16kdh3vszz7p6y46mzsn57cvw087y5vem1919kskaa4d9g8m4xcfz76001expcs3qqvjkcmgvq089qy1hb532mwn2yw1s0wtnz83643wsvthj3f2v0v4qn3acz2ahvkd9ehjkpfnbc8debkt8h0r68bsc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%26client%3Dca-pub-3282547114800347%26adurl%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jmxw3g8vnk2nw1nxk76hfm3jfrtm64tyw2nk2hx6v7tt5t3bngcg4emvja9e48j99syc7frgjat724m0sd8aake4ztvs54nj655km389cz1z3n7jtjq95dmxwm0dzxz0tgqkqqjkxpgqvwfq58by18ddvffdwzp8dw7m1aqzgqa2nfz6x3kkjzczpw45a83mhjk9h71hd4v9c35n62yz4wt344ntk96knbfr55yk27npa72h992zcwxpsr9nkyprc5pbfw3vd0tb4v2p9tx08pj8bnw16kdh3vszz7p6y46mzsn57cvw087y5vem1919kskaa4d9g8m4xcfz76001expcs3qqvjkcmgvq089qy1hb532mwn2yw1s0wtnz83643wsvthj3f2v0v4qn3acz2ahvkd9ehjkpfnbc8debkt8h0r68bsc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%26client%3Dca-pub-3282547114800347%26adurl%3D

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41baceea17426c-AMS
content-encoding
br
async_usersync
ib.adnxs.com/ Frame 7086 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c8eb7938-0ed4-4957-9c5a-0e7fcdeb3822
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 050B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJWft3FHOgnkJz80py1alGXjEctRSoZqryAQfe4uzI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJWft3FHOgnkJz80py1alGXjEctRSoZqryAQfe4uzImmuu4qEEnsr4ziAkvqxIwSdn4rwTWTx3L17v0D6vt9lSuC0V1wPCJ
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJWft3FHOgnkJz80py1alGXjEctRSoZqryAQfe4uzImmuu4qEEnsr4ziAkvqxIwSdn4rwTWTx3L17v0D6vt9lSuC0V1wPCJ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 050B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM_5LXJ2FNlA3MnbYFuUsB8&google_cver=1&google_push=AYg5qPLMN3yOvgjmw4mVDDtQWDMqKSZNQeOdsdsYCnFUcYPX2fRHSfDb9I6lTN8SuQPSyQ-7L5oaFlXYLMmByace-Vpqs2wsavVz
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 050B
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELQp2NWFqDAmJ4GUspa7HLk&google_cver=1&google_push=AYg5qPIJwI8qg7mXvoSsOZXvLyF7wbnqZ7XejlC0qgwjdOHsTuEEe4M-cqZP2IMmXejujFI-68dlFB1i2q...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELQp2NWFqDAmJ4GUspa7HLk&google_cver=1&google_push=AYg5qPIJwI8qg7mXvoSsOZXvLyF7wbnqZ7XejlC0qgwjdOHsTuEEe4M-cqZP2IMmXejujFI-68dlFB1i2q...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPIJwI8qg7mXvoSsOZXvLyF7wbnqZ7XejlC0qgwjdOHsTuEEe4M-cqZP2IMmXejujFI-68dlFB1i2qRyYdIdVnme6vm1IbA&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPIJwI8qg7mXvoSsOZXvLyF7wbnqZ7XejlC0qgwjdOHsTuEEe4M-cqZP2IMmXejujFI-68dlFB1i2qRyYdIdVnme6vm1IbA&google_hm=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPIJwI8qg7mXvoSsOZXvLyF7wbnqZ7XejlC0qgwjdOHsTuEEe4M-cqZP2IMmXejujFI-68dlFB1i2qRyYdIdVnme6vm1IbA&google_hm=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame 050B
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEAJl9XfjGV92pfjgA8o9Wkc&google_cver=1&google_push=AYg5qPKIiGxl9ygl8V-hZcnMR75hu1XdCVoa_oD8v_oRV1rCPwNwC3BWtv4v0tKw-0MxY...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPKIiGxl9ygl8V-hZcnMR75hu1XdCVoa_oD8v_oRV1rCPwNwC3BWtv4v0tKw-0MxYfkXtCetayz8n3aqYIDvLQ4rHiBAnMPC&google_hm=QTU2MUt0dTZzUVZtVndZQXgw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPKIiGxl9ygl8V-hZcnMR75hu1XdCVoa_oD8v_oRV1rCPwNwC3BWtv4v0tKw-0MxYfkXtCetayz8n3aqYIDvLQ4rHiBAnMPC&google_hm=QTU2MUt0dTZzUVZtVndZQXgwTFhZZFE=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPKIiGxl9ygl8V-hZcnMR75hu1XdCVoa_oD8v_oRV1rCPwNwC3BWtv4v0tKw-0MxYfkXtCetayz8n3aqYIDvLQ4rHiBAnMPC&google_hm=QTU2MUt0dTZzUVZtVndZQXgwTFhZZFE=
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
us
sync.go.sonobi.com/ Frame 050B 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJK65ETxnzgMHMRPY-zimQZPpE7r_z-Yv1kW7Pdwx3kP8daBObQ2N1GxAtBeZ4ROUbL_kEWeVFT0uu88ZKHeeStMnQZmtg%26google_hm%3D%5BUID%5D&google_gid=CAESEBK-x977IQKEbR9AdxThYD4&google_cver=1
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pub
cs.chocolateplatform.com/ Frame 050B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEPe_uP3BEH3eKSn9P3DFk38&google_cver=1&google_push=AYg5qPL674LyrgS8bw4WA_aHnGKjbaXwWXPofycvUkO8utFVnXk3Xxn2fpDWIRrgXsNt_QNM7sEAwzXRX-0iprQKSSDvWnyUmFgT
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.212.101.174 -, , ASN (),
Reverse DNS
Software
Chocolate Cookie Sync Powered by Vdopia /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
server
Chocolate Cookie Sync Powered by Vdopia
alt-svc
clear
content-type
application/javascript
pixel
cm.g.doubleclick.net/ Frame 050B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMLGW_0MN4VBTVnKkphQUNU&google_cver=1&google_push=AYg5qPIp1zonZ4y2YTq83r61G7yZMV0kFNbMzKdgf2dMwPnCUARRK7KSL8MOLDttpxP44xYuoG...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPIp1zonZ4y2YTq83r61G7yZMV0kFNbMzKdgf2dMwPnCUARRK7KSL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPIp1zonZ4y2YTq83r61G7yZMV0kFNbMzKdgf2dMwPnCUARRK7KSL8MOLDttpxP44xYuoGsNpzxeIH_rY839cGZX1M5i9L8h
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPIp1zonZ4y2YTq83r61G7yZMV0kFNbMzKdgf2dMwPnCUARRK7KSL8MOLDttpxP44xYuoGsNpzxeIH_rY839cGZX1M5i9L8h
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 050B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INKrVH2gsxfQLroyFuYuah-D49dAE6zqz7MoUaEFSGBOP_pkxLzv7kQj1AwfZPmZ__C0E9Mg
Requested by
Host: af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
URL: https://af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 54BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=2261141832269456&rc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9B14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=2094331154805026&rc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
frame.html
ad4m.at/ Frame 46F5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:49 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015225
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUW%2Bav3YgQm44LnYGvj3nNV58ToN6%2B0gN%2FirXgvOmBI1K%2FwKclDEJzo0CEJXJgUJJ5cb1sBYNPHds6GUPDFyfiqR2derdQ76LVmBvCLabYf%2FGRfmFdcl1iY%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bacf2aa9426c-AMS
content-encoding
br
sodar
pagead2.googlesyndication.com/getconfig/ Frame 11E4 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
de67ddc86e1ebfae5a26907587b6c323e374913db5379e6782e76b5de62e303d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8499
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 52EF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHvcXWKR3YdTcMNrH7_UP99SF2A2O4v3oYJ7XipfFC8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3yAEJ4AIAqAMBqgTfAU_Q302oYldskMq4S3qv317qt_CAqJ8TIyNyT_aOxWW6il_v9YD8xcpyJG3DC7iJNO4U3mRCeJKgH1Gs2_ftmbVX9_XctPQrCDym5mVFCJvVP_NFuVomLhWSKkk83yMqqSfYDVo3lyyxhoRDKj-QUtxy4iPn7VxBCkLtOytmG68DiACT61ZmRW7BLEEFCdrmrgQnUVjPu1Zp4kS0ntvJLRrgxehfAiOzEAS25cVbDU3Wfh_igaGMkIk6bFK7qbMqkEUskSqJPnXrMQEj-C1Q9ovBDW8cgPw6ifsG8i9Awe3gBAGABu_fnc-2h5OqK6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMyODI1NDcxMTQ4MDAzNDcYkP0S&sigh=Q3HavHyESl4&uach_m=[UACH]&cid=CAQSKQCNIrLMAov9vcSHElbZwcMLUgFH-5NJ93R7v9UaSThsyjPItGK0YVaAGAE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
nneccdbxkmpcq4yybi6bmginp4oawazykephqlc4nvvfgzyiobpquyt3kozos2du76y2jlwpvgyljhsrkda47bwznabfe52dgf7satbsq3emxmfxyxaotatzhsfpbf7cgqtm7fpmsr2sylfsja5dvwwe7rruq4tfki4es2jskzhqwkjoafkfeocjnezkm4glmbi7a...
s.kadxin.net/nurl/47/ Frame 52EF 		74 B
142 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.kadxin.net/nurl/47/nneccdbxkmpcq4yybi6bmginp4oawazykephqlc4nvvfgzyiobpquyt3kozos2du76y2jlwpvgyljhsrkda47bwznabfe52dgf7satbsq3emxmfxyxaotatzhsfpbf7cgqtm7fpmsr2sylfsja5dvwwe7rruq4tfki4es2jskzhqwkjoafkfeocjnezkm4glmbi7avkyvbennfcq75fmdx3h5rj44qvjgpnmj7ddtv4wcqemoo6dhhuwmqq3k6kuki4atajtik7uu6fnpfqubddtyezwt72kmluhscm2hguevysxiwjwbcfp5svd3kli5ka7pm3exb4vlibzji6gcewgjfqva6huzoq2avuykrgb4mquxjlesmkjnezfmt2lmeidsvcacbzbfyojoangcudykrjdrokw7jkcngldkcqfmugyjorpxyutwgpk7b5lkpiew7vykvdxsvrsjuytawlr7eyvpv2iilyhwkx2hnensmk665elzf6kkwjdxo6aqnlz6sh67kw5tk6hw2lm2v4sja45ws3lw45y3vovns7urjp3xdvvrosnnm3flx2p5rjoaucttbg3d6uiyrg4svdz4rljlqee6xv5ltddqb6ho===?1=1&data[]=16352308082720315712112770&v[]=3346697645&cur=USD&bid=YXekWAAMLlQIu-PaAAFqdxFeKWQehIcBuopLsQ&x=1
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 -, , ASN (),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 52EF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:24:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:24:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F011 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44408
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 52EF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Nov 2021 06:43:54 GMT
l
www.google.com/ads/measurement/ Frame 52EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAcYzwtLzw42Jjht18zCwn-BjLvqoApq2XnzXZa1rdTIfNWmmTMyK7OAgSVZ-p3xkkhc2d6A6xwiai0jCqkXyp25mxIw
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 52EF 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 20:55:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 25 Oct 2022 20:55:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 52EF 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 26 Oct 2021 06:46:49 GMT
frame.html
ad4m.at/ Frame 5828 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:49 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015225
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlNuo2YkKGSbYFSApoJ8XGp9AxvqmcSJrK1o3YzmMIrYylRUX82Y0T%2BcXwzWgDMF7LRFBtB5oqz1IR%2Fb7DE14nJ%2BO7jUKdtxQnVghpGTWmWdE4kJKvnNRlg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bacf4ad7426c-AMS
content-encoding
br
frame.html
ad4m.at/ Frame 9A5B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:49 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015225
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3c%2FeHTirwQ6y2NqsfVi1SCEAE8DcYPRHg2yvDfk3OE%2Bf4TLexxEKMYGz4zvfQ7iOfMjfkfRID6taIUVOlFxkXxuJB7dhtV4vto3oB8fzkA6y81dwb4uUoU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bacf6b00426c-AMS
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7C3D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 25 Oct 2021 18:26:41 GMT
expires
Tue, 26 Oct 2021 18:26:41 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
44408
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame A6FD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 26 Oct 2022 06:11:18 GMT
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame B924 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 26 Oct 2022 06:11:18 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 8B01 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jac426eaq86yk5w1xvax0jhx0g80f05zbfexbzr4vrq9ze74zcqdj9ff0edq455qpnmdb3tvtgwk747mgqph0k6zzqxmqj8r3yztxze8f314tyq7k3qnbj4p08cpveb3jynbmccphdq0f6x9hdy3dhhn37cx7wbcexrb05k9bs3yf5v2sbmebgytqx838kg6gg32hra1sz8ef99c6zzkmdjzgb6xmb096vbf15wxjp5z453fv11pr3kjvqc5367qvzrmv2y0e3g1zcpgf834b9qsma2jhfz86p9myb1x78mp1yffpw2hyygt15m25ghr2wvn2t1p06gb338sgz7n98hv5e0ca81z79qfxe7vnq9c47yq9w82hxhffx9nvg36852p9q2ntwb7pe0335vmrzq6kaw8zfnjg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_QO9WKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelDPIlHs_ZVmNnB5EYIeGPoOLZr65m-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0N4Q_l61RmBjzPIfeIbON5xTwMEQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jac426eaq86yk5w1xvax0jhx0g80f05zbfexbzr4vrq9ze74zcqdj9ff0edq455qpnmdb3tvtgwk747mgqph0k6zzqxmqj8r3yztxze8f314tyq7k3qnbj4p08cpveb3jynbmccphdq0f6x9hdy3dhhn37cx7wbcexrb05k9bs3yf5v2sbmebgytqx838kg6gg32hra1sz8ef99c6zzkmdjzgb6xmb096vbf15wxjp5z453fv11pr3kjvqc5367qvzrmv2y0e3g1zcpgf834b9qsma2jhfz86p9myb1x78mp1yffpw2hyygt15m25ghr2wvn2t1p06gb338sgz7n98hv5e0ca81z79qfxe7vnq9c47yq9w82hxhffx9nvg36852p9q2ntwb7pe0335vmrzq6kaw8zfnjg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_QO9WKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelDPIlHs_ZVmNnB5EYIeGPoOLZr65m-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0N4Q_l61RmBjzPIfeIbON5xTwMEQ%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411083
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bacfbb93426c-AMS
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 8B01 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jac426eaq86yk5w1xvax0jhx0g80f05zbfexbzr4vrq9ze74zcqdj9ff0edq455qpnmdb3tvtgwk747mgqph0k6zzqxmqj8r3yztxze8f314tyq7k3qnbj4p08cpveb3jynbmccphdq0f6x9hdy3dhhn37cx7wbcexrb05k9bs3yf5v2sbmebgytqx838kg6gg32hra1sz8ef99c6zzkmdjzgb6xmb096vbf15wxjp5z453fv11pr3kjvqc5367qvzrmv2y0e3g1zcpgf834b9qsma2jhfz86p9myb1x78mp1yffpw2hyygt15m25ghr2wvn2t1p06gb338sgz7n98hv5e0ca81z79qfxe7vnq9c47yq9w82hxhffx9nvg36852p9q2ntwb7pe0335vmrzq6kaw8zfnjg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_QO9WKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelDPIlHs_ZVmNnB5EYIeGPoOLZr65m-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0N4Q_l61RmBjzPIfeIbON5xTwMEQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69565
x-guploader-uploadid
ADPycduDVKAqrImukjhlYteElQMkMrYqokC1rGAPP0PymAQcPIf77FwZheoKbpTUE7JfdnrrSxlzL91UZkZh2eVQXHo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:57 GMT
server
cloudflare
etag
W/"8117c73fc4e946a604517e9066dbb583"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSYFf82%2B4BhBPg5hnw1g%2BeLvBt9F5SY07Iczht7EfsAzOrn2VH4KCWnxzImH66z%2BLYNswbV4%2ByfWv7tPaM%2BaBv8qqsUaPA06oeMrrbUaRzlyW00UDcQnMmo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729216993678
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11927
cf-ray
6a41bacfbb95426c-AMS
expires
Mon, 25 Oct 2021 11:27:24 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame C5C2 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kdwra9x5629yc226qgk405v86qkhm2bvz3t6ezrba1ew160ecy0ws9w18tfg4k762yvxk19kev0zg83y77y3pj7c20mp3vharynxxz0bqqk4b5gnttv867q2j4qzbmq823hpdcm7rngnjsqjj4x73dyx3be9avfr6v5wq8c7br5nrgxw4s14j1azrha8j28ynr1v2pahme1zvsnvygd5dsj7789dk8a7xxsbcjsfhha9ved4zv7bzkykqypf2zsh5me68ptxdjw2bajxm5jk6k9bdaztygprb7800b34bthqhr75p3nmypyq5wx7egj1p85cd6dwdcnpkg47xpe50cxem5sxzpr75912qykxar6wmgtnv6k8jqqn34spz2bb5cmedq2a0vyz9d8xzr7bghe2j0s0z5hmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYAUnWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTiAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctwUfOZlQKwD52iqoQ5ejFMrZ_o4uAngBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Sxl_WqCWT4-KzPG1DCvRWvt-YXQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kdwra9x5629yc226qgk405v86qkhm2bvz3t6ezrba1ew160ecy0ws9w18tfg4k762yvxk19kev0zg83y77y3pj7c20mp3vharynxxz0bqqk4b5gnttv867q2j4qzbmq823hpdcm7rngnjsqjj4x73dyx3be9avfr6v5wq8c7br5nrgxw4s14j1azrha8j28ynr1v2pahme1zvsnvygd5dsj7789dk8a7xxsbcjsfhha9ved4zv7bzkykqypf2zsh5me68ptxdjw2bajxm5jk6k9bdaztygprb7800b34bthqhr75p3nmypyq5wx7egj1p85cd6dwdcnpkg47xpe50cxem5sxzpr75912qykxar6wmgtnv6k8jqqn34spz2bb5cmedq2a0vyz9d8xzr7bghe2j0s0z5hmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYAUnWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTiAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctwUfOZlQKwD52iqoQ5ejFMrZ_o4uAngBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Sxl_WqCWT4-KzPG1DCvRWvt-YXQ%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411083
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bacfbb9e426c-AMS
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame C5C2 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kdwra9x5629yc226qgk405v86qkhm2bvz3t6ezrba1ew160ecy0ws9w18tfg4k762yvxk19kev0zg83y77y3pj7c20mp3vharynxxz0bqqk4b5gnttv867q2j4qzbmq823hpdcm7rngnjsqjj4x73dyx3be9avfr6v5wq8c7br5nrgxw4s14j1azrha8j28ynr1v2pahme1zvsnvygd5dsj7789dk8a7xxsbcjsfhha9ved4zv7bzkykqypf2zsh5me68ptxdjw2bajxm5jk6k9bdaztygprb7800b34bthqhr75p3nmypyq5wx7egj1p85cd6dwdcnpkg47xpe50cxem5sxzpr75912qykxar6wmgtnv6k8jqqn34spz2bb5cmedq2a0vyz9d8xzr7bghe2j0s0z5hmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYAUnWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTiAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctwUfOZlQKwD52iqoQ5ejFMrZ_o4uAngBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Sxl_WqCWT4-KzPG1DCvRWvt-YXQ%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69565
x-guploader-uploadid
ADPycduDVKAqrImukjhlYteElQMkMrYqokC1rGAPP0PymAQcPIf77FwZheoKbpTUE7JfdnrrSxlzL91UZkZh2eVQXHo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:57 GMT
server
cloudflare
etag
W/"8117c73fc4e946a604517e9066dbb583"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FYl1tqoRP0sM2OM3dpuP6D1vErTLCj%2BAnLYJ0D59cluCpVtHXp29mmqHlOk5XReQtbm0oUur%2BG9JGCKcHMs5n9KHYq3Ppek50xNnmkE3i3Yw8vPgv8e1q8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729216993678
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11927
cf-ray
6a41bacfbba1426c-AMS
expires
Mon, 25 Oct 2021 11:27:24 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 51BA 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j9zk28smej82epga63ktbq1xasrszc8pq6mmtpdxxfa86wba1c9dny6a52k8v70kk4ar9f2ffgm9n41v6vjvn9w83wfdcyw5nf0gf9671r4dyjzkb4eft2cs7xxnw6kej4ezp64g74877berv338gt62qsz7waaay6w34tp2pydw2pqd97cdct6j72v10gtanc73ecw25d319gy016xvdav3r46e121v1fm2z5m2twnd4dthvftgv48w1yfwtsm9fgre6v2e6mv7msnzkwrfjk58ws6tbntw1nv78fn44gg6ym0b4aj32drhp7am8nywrtzrswpp137xbgresf4pqwx6q9rmm46ww2eaqyencm6nwdtsbtvjsj2szx74ed2thvsbxr5cv7pw5earzzgy2k3gcdwf41dv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUMxWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4tYqWCKkwOodaHHcAnK_548kQL0SGOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RAIrtzkQuqd0ubr5z3zDXAD9KzA%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1j9zk28smej82epga63ktbq1xasrszc8pq6mmtpdxxfa86wba1c9dny6a52k8v70kk4ar9f2ffgm9n41v6vjvn9w83wfdcyw5nf0gf9671r4dyjzkb4eft2cs7xxnw6kej4ezp64g74877berv338gt62qsz7waaay6w34tp2pydw2pqd97cdct6j72v10gtanc73ecw25d319gy016xvdav3r46e121v1fm2z5m2twnd4dthvftgv48w1yfwtsm9fgre6v2e6mv7msnzkwrfjk58ws6tbntw1nv78fn44gg6ym0b4aj32drhp7am8nywrtzrswpp137xbgresf4pqwx6q9rmm46ww2eaqyencm6nwdtsbtvjsj2szx74ed2thvsbxr5cv7pw5earzzgy2k3gcdwf41dv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUMxWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4tYqWCKkwOodaHHcAnK_548kQL0SGOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RAIrtzkQuqd0ubr5z3zDXAD9KzA%26client%3Dca-pub-3282547114800347%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411083
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bacfcbcc426c-AMS
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 51BA 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j9zk28smej82epga63ktbq1xasrszc8pq6mmtpdxxfa86wba1c9dny6a52k8v70kk4ar9f2ffgm9n41v6vjvn9w83wfdcyw5nf0gf9671r4dyjzkb4eft2cs7xxnw6kej4ezp64g74877berv338gt62qsz7waaay6w34tp2pydw2pqd97cdct6j72v10gtanc73ecw25d319gy016xvdav3r46e121v1fm2z5m2twnd4dthvftgv48w1yfwtsm9fgre6v2e6mv7msnzkwrfjk58ws6tbntw1nv78fn44gg6ym0b4aj32drhp7am8nywrtzrswpp137xbgresf4pqwx6q9rmm46ww2eaqyencm6nwdtsbtvjsj2szx74ed2thvsbxr5cv7pw5earzzgy2k3gcdwf41dv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUMxWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4tYqWCKkwOodaHHcAnK_548kQL0SGOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RAIrtzkQuqd0ubr5z3zDXAD9KzA%26client%3Dca-pub-3282547114800347%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=anwisg==, md5=gRfHP8TpRqYEUX6QZtu1gw==
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
69565
x-guploader-uploadid
ADPycduDVKAqrImukjhlYteElQMkMrYqokC1rGAPP0PymAQcPIf77FwZheoKbpTUE7JfdnrrSxlzL91UZkZh2eVQXHo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 11:26:57 GMT
server
cloudflare
etag
W/"8117c73fc4e946a604517e9066dbb583"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WynUJ%2FPas5DM6YvR4qTnVfbK6arH9UXgbu5ZoNFlQ%2BZtXGpGnFvrSMFKRxKFjdTiMw17GcNOvODFbbF1xsP%2BviaIGsfxHii%2FN%2BeIRG0bZ3LFmRo%2BhWNq48Q%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634729216993678
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11927
cf-ray
6a41bacfcbce426c-AMS
expires
Mon, 25 Oct 2021 11:27:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 11E4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:46:49 GMT
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 8043 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 26 Oct 2022 06:11:18 GMT
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 08A8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 26 Oct 2022 06:11:18 GMT
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame CB2C 		753 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/250/00/db/47/eb/index.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr%2Dbm1gPIAQmpAsWfM4y3d7M%2D4AIAqAMBqgTjAU%5FQjbNpQBk2EWkSo3zYrJser4%5FBmNrPdFNQHq6OLcPG7vLThXy9sYH%5FsaRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go%5FSWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4%5FmpJSlQbMkrtwMlwC9M0rRmwpwfyU%5F4y4KvAOeuskD15CGgqAqS6%2D1wxzcTQCDVnPZr24iuRpqq2eFuB%2D9D%5FTZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a%2DG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64%5F0qM13%5FohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca%2Dpub%2D3282547114800347%26adurl%3Dhttps%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx%2Dauction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3Dhttps%253A%252F%252Fad3.adfarm1.adition.com%252Fredi%253Flid%253D7023262846072259801%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7023262841771980939%2526sid%253D4662864%2526kid%253D4646472%2526bid%253D14370795%2526c%253D53455%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/250/00/db/47/eb/index.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr%2Dbm1gPIAQmpAsWfM4y3d7M%2D4AIAqAMBqgTjAU%5FQjbNpQBk2EWkSo3zYrJser4%5FBmNrPdFNQHq6OLcPG7vLThXy9sYH%5FsaRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go%5FSWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4%5FmpJSlQbMkrtwMlwC9M0rRmwpwfyU%5F4y4KvAOeuskD15CGgqAqS6%2D1wxzcTQCDVnPZr24iuRpqq2eFuB%2D9D%5FTZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a%2DG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64%5F0qM13%5FohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca%2Dpub%2D3282547114800347%26adurl%3Dhttps%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx%2Dauction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3Dhttps%253A%252F%252Fad3.adfarm1.adition.com%252Fredi%253Flid%253D7023262846072259801%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7023262841771980939%2526sid%253D4662864%2526kid%253D4646472%2526bid%253D14370795%2526c%253D53455%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
last-modified
Thu, 20 Aug 2020 14:03:40 GMT
etag
"1134380014-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
style.css
imagesrv.adition.com/banners/250/00/db/47/eb/css/ Frame CB2C 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/250/00/db/47/eb/css/style.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/250/00/db/47/eb/index.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr%2Dbm1gPIAQmpAsWfM4y3d7M%2D4AIAqAMBqgTjAU%5FQjbNpQBk2EWkSo3zYrJser4%5FBmNrPdFNQHq6OLcPG7vLThXy9sYH%5FsaRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go%5FSWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4%5FmpJSlQbMkrtwMlwC9M0rRmwpwfyU%5F4y4KvAOeuskD15CGgqAqS6%2D1wxzcTQCDVnPZr24iuRpqq2eFuB%2D9D%5FTZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a%2DG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64%5F0qM13%5FohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca%2Dpub%2D3282547114800347%26adurl%3Dhttps%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx%2Dauction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3Dhttps%253A%252F%252Fad3.adfarm1.adition.com%252Fredi%253Flid%253D7023262846072259801%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7023262841771980939%2526sid%253D4662864%2526kid%253D4646472%2526bid%253D14370795%2526c%253D53455%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
201b52763c14cf8a556eef38b152e7dc46b871c7693f3334982d97b1c06968e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/250/00/db/47/eb/index.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr%2Dbm1gPIAQmpAsWfM4y3d7M%2D4AIAqAMBqgTjAU%5FQjbNpQBk2EWkSo3zYrJser4%5FBmNrPdFNQHq6OLcPG7vLThXy9sYH%5FsaRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go%5FSWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4%5FmpJSlQbMkrtwMlwC9M0rRmwpwfyU%5F4y4KvAOeuskD15CGgqAqS6%2D1wxzcTQCDVnPZr24iuRpqq2eFuB%2D9D%5FTZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a%2DG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64%5F0qM13%5FohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca%2Dpub%2D3282547114800347%26adurl%3Dhttps%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx%2Dauction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3Dhttps%253A%252F%252Fad3.adfarm1.adition.com%252Fredi%253Flid%253D7023262846072259801%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7023262841771980939%2526sid%253D4662864%2526kid%253D4646472%2526bid%253D14370795%2526c%253D53455%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
last-modified
Thu, 26 Aug 2021 11:18:02 GMT
etag
"1972226128-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1313
script.js
imagesrv.adition.com/banners/250/00/db/47/eb/js/ Frame CB2C 		3 KB
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/250/00/db/47/eb/js/script.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/250/00/db/47/eb/index.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr%2Dbm1gPIAQmpAsWfM4y3d7M%2D4AIAqAMBqgTjAU%5FQjbNpQBk2EWkSo3zYrJser4%5FBmNrPdFNQHq6OLcPG7vLThXy9sYH%5FsaRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go%5FSWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4%5FmpJSlQbMkrtwMlwC9M0rRmwpwfyU%5F4y4KvAOeuskD15CGgqAqS6%2D1wxzcTQCDVnPZr24iuRpqq2eFuB%2D9D%5FTZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a%2DG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64%5F0qM13%5FohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca%2Dpub%2D3282547114800347%26adurl%3Dhttps%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx%2Dauction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3Dhttps%253A%252F%252Fad3.adfarm1.adition.com%252Fredi%253Flid%253D7023262846072259801%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7023262841771980939%2526sid%253D4662864%2526kid%253D4646472%2526bid%253D14370795%2526c%253D53455%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
90f7df500c530563e5246b44d964dc2e4260e0699cc5f3a951ddf0ad1fe4119a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/250/00/db/47/eb/index.html?clicktag=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCrn35V6R3YfybGYPo3gOe9qCQBZKZlI1cyeK651nAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABr%2Dbm1gPIAQmpAsWfM4y3d7M%2D4AIAqAMBqgTjAU%5FQjbNpQBk2EWkSo3zYrJser4%5FBmNrPdFNQHq6OLcPG7vLThXy9sYH%5FsaRo81RPaKFAeueMzgKWup4ZV1wOrxMlOChnntWUnzMcm6GnBMCVn7f6RaEY3go%5FSWi41V2TT7UqOXyGpv3Fa0N3cZ0Li8DblawOniUr2YOTioK9pJhJOuMo473MQjrovOK4%5FmpJSlQbMkrtwMlwC9M0rRmwpwfyU%5F4y4KvAOeuskD15CGgqAqS6%2D1wxzcTQCDVnPZr24iuRpqq2eFuB%2D9D%5FTZaGGqiJIIqCfjsQqdh2KOSqKUMjDMHE4AQBgAazhJWjtJLDxGOgBiGoB6a%2DG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64%5F0qM13%5FohgG7nPv8ZrcK9ABhUDYPw%26client%3Dca%2Dpub%2D3282547114800347%26adurl%3Dhttps%3A%2F%2Ftracking.m6r.eu%2Fclick%2Fredirect%2Fslashed%2Fid%3Dadx%2Dauction%253A6177a457000726d90a77fb844302d76b%2Ftimestamp%3D1635230808354%2Ftarget%3Dhttps%253A%252F%252Fad3.adfarm1.adition.com%252Fredi%253Flid%253D7023262846072259801%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7023262841771980939%2526sid%253D4662864%2526kid%253D4646472%2526bid%253D14370795%2526c%253D53455%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
br
last-modified
Thu, 26 Aug 2021 11:18:02 GMT
etag
"1090113469-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
483
sodar
pagead2.googlesyndication.com/pagead/ Frame 8A31 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=1063323530164287&rc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame ACD6 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
47c3229f09a92f232ab9463fb29fa03a6676b15fcec4fe419432c08159fd2b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8485
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame A386 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
X-Proxy-Origin
216.131.111.46; 216.131.111.46; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
31631454-5de7-4c53-a760-4b099dc2fa94
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 57D4
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEAYq1bn9ar-62BR5452Unj4&google_cver=1&google_push=AYg5qPIX6Kcff0J-wl64KXFztqksFV2mSGkDIRMkyUqf_vM8GfSwJ2G5I-C_J9xlS1KiXEbowD74_...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIX6Kcff0J-wl64KXFztqksFV2mSGkDIRMkyUqf_vM8GfSwJ2G5I-C_J9xlS1KiXEbowD74_9-Rj1n5-B_SKaeMu6cEEGV4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIX6Kcff0J-wl64KXFztqksFV2mSGkDIRMkyUqf_vM8GfSwJ2G5I-C_J9xlS1KiXEbowD74_9-Rj1n5-B_SKaeMu6cEEGV4
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:50 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIX6Kcff0J-wl64KXFztqksFV2mSGkDIRMkyUqf_vM8GfSwJ2G5I-C_J9xlS1KiXEbowD74_9-Rj1n5-B_SKaeMu6cEEGV4
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
j9RPB8KBsRZw5tBQfSsAAA==
pixel
cm.g.doubleclick.net/ Frame 57D4
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELBRZF0bNMmxLQ2BEEHCG0g&google_cver=1&google_push=AYg5qPJ9rWDuzlsfzuw_0natc73n90femC6V5AxnPtcz1MecR1S9V19lwya6jdxSBy6RV6zuB9OVCnE...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESELBRZF0bNMmxLQ2BEEHCG0g&google_cver=1&google_push=AYg5qPJ9rWDuzlsfzuw_0natc73n90femC6V5AxnPtcz1MecR1S9V19lwya6jdxSBy6RV...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=S4RMJeirSjeTWn-HmbGX02F3pFk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=S4RMJeirSjeTWn-HmbGX02F3pFk
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:48 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=S4RMJeirSjeTWn-HmbGX02F3pFk
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 57D4
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEAkOKuOR3K6tNpRJJ7V33yg&google_cver=1&google_push=AYg5qPKcSLAww9ZM_bbRTCAtXRZbvnr_UUvxuB8ZC3ro5WjlE8TRmRJJFmP96ls4BfYzuFqUH8BZzMTP06HI6nkT...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4uGdcOA3Tyi_YQbVVm72Hw2&google_push=AYg5qPKcSLAww9ZM_bbRTCAtXRZbvnr_UUvxuB8ZC3ro5WjlE8TRmRJJFmP96ls4BfYzuFqUH8BZzMTP06HI6nkT9r6jmd3310CC
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4uGdcOA3Tyi_YQbVVm72Hw2&google_push=AYg5qPKcSLAww9ZM_bbRTCAtXRZbvnr_UUvxuB8ZC3ro5WjlE8TRmRJJFmP96ls4BfYzuFqUH8BZzMTP06HI6nkT9r6jmd3310CC
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=4uGdcOA3Tyi_YQbVVm72Hw2&google_push=AYg5qPKcSLAww9ZM_bbRTCAtXRZbvnr_UUvxuB8ZC3ro5WjlE8TRmRJJFmP96ls4BfYzuFqUH8BZzMTP06HI6nkT9r6jmd3310CC
x-host
tde-deliveryengine-production-7f8fcb5db4-jpgk8
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 57D4
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESENlU70GSasHyBJvs_8QePu4&google_cver=1&google_push=AYg5qPJgM92N6jVieovsiMhSaupmHsyG05aNTDxPIHuNb80A5JusHTkuJetnn5BiwR2pY0c1ivkIVjSVUAH...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJgM92N6jVieovsiMhSaupmHsyG05aNTDxPIHuNb80A5JusHTkuJetnn5BiwR2pY0c1ivkIVjSVUAHarXdbFZuEg2MAcMk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJgM92N6jVieovsiMhSaupmHsyG05aNTDxPIHuNb80A5JusHTkuJetnn5BiwR2pY0c1ivkIVjSVUAHarXdbFZuEg2MAcMk
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPJgM92N6jVieovsiMhSaupmHsyG05aNTDxPIHuNb80A5JusHTkuJetnn5BiwR2pY0c1ivkIVjSVUAHarXdbFZuEg2MAcMk
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 57D4
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEM69U3a1AallweLTK-DWo1g&google_cver=1&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn...
0
0
pixel
cm.g.doubleclick.net/ Frame 57D4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFFLyjnVGRdavkUv4kfTrbo&google_cver=1&google_push=AYg5qPLuljXFzfigCpDFd5WCKI_fsF_bhgQDjlQdk8dO-2mqMcUWCk24zOAQDTn9R-XPuFHWAbHHiryuwaG8P0ah0LdEmHU734yc
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPLuljXFzfigCpDFd5WCKI_fsF_bhgQDjlQdk8dO-2mqMcUWCk24zOAQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPLuljXFzfigCpDFd5WCKI_fsF_bhgQDjlQdk8dO-2mqMcUWCk24zOAQDTn9R-XPuFHWAbHHiryuwaG8P0ah0LdEmHU734yc
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPLuljXFzfigCpDFd5WCKI_fsF_bhgQDjlQdk8dO-2mqMcUWCk24zOAQDTn9R-XPuFHWAbHHiryuwaG8P0ah0LdEmHU734yc
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 57D4
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESELEqbxDXWYkmcRTkDA1hP88&google_cver=1&google_push=AYg5qPKd9YrDemNi31NVjiOI6wSqGtfEboobxb6n6mEJ1mxp8_MNfn1guozm3MYdXpx5XMuRjDLzZcNjeM01hO77KiHUYpizrWM
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKd9YrDemNi31NVjiOI6wSqGtf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKd9YrDemNi31NVjiOI6wSqGtfEboobxb6n6mEJ1mxp8_MNfn1guozm3MYdXpx5XMuRjDLzZcNjeM01hO77KiHUYpizrWM&gdpr=&gdpr_consent=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKd9YrDemNi31NVjiOI6wSqGtfEboobxb6n6mEJ1mxp8_MNfn1guozm3MYdXpx5XMuRjDLzZcNjeM01hO77KiHUYpizrWM&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 26 Oct 2021 06:46:49 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 57D4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KBT_ImgGcNBpFDa2CTeDx_YmXZbX64mc5TBmiOgzZlU5QdP6M72rGiLpeFa68sODoJcQOu
Requested by
Host: f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
URL: https://f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame D015
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEMhuV-zxyf89e83YrUSi6O4&google_cver=1&google_push=AYg5qPKSq1qhJcxQKPbmi8NdgbKe8N6yiRQ9iFbASU0PrsD4rw-OSVPR3QAy_7MmDMQj5sNU0oUEdX46KHuSYj80I9zPHEVFE48Q
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFFEblBBS2lCMGVXaGNTc1dhUjNZUQ%3D%3D&google_push=AYg5qPKSq1qhJcxQKPbmi8NdgbKe8N6yiRQ9iFbASU0PrsD4rw-OSVPR3QAy_7MmDMQj5sNU0oUEdX46KHuSY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFFEblBBS2lCMGVXaGNTc1dhUjNZUQ%3D%3D&google_push=AYg5qPKSq1qhJcxQKPbmi8NdgbKe8N6yiRQ9iFbASU0PrsD4rw-OSVPR3QAy_7MmDMQj5sNU0oUEdX46KHuSYj80I9zPHEVFE48Q
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFFEblBBS2lCMGVXaGNTc1dhUjNZUQ%3D%3D&google_push=AYg5qPKSq1qhJcxQKPbmi8NdgbKe8N6yiRQ9iFbASU0PrsD4rw-OSVPR3QAy_7MmDMQj5sNU0oUEdX46KHuSYj80I9zPHEVFE48Q
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame D015
Redirect Chain
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEKI-FTpfkI0NZbyenBhA8pI&google_cver=1&google_push=AYg5qPJE7aaDfGNqEls3ebFUxt_bRUkc43T4n85ig3glWjqqyW9tL5l8Ng0gToCS7jLOrxTZt1zX0nKgpYU0M7H4-thLLdaj3IQ
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEKI-FTpfkI0NZbyenBhA8pI&google_cver=1&google_push=AYg5qPJE7aaDfGNqEls3ebFUxt_bRUkc43T4n85ig3glWjqqyW9tL5l8Ng0gToCS7jLOrxTZt1zX0nKgpYU0M7H4-thLLdaj3IQ&b...
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPJE7aaDfGNqEls3ebFUxt_bRUkc43T4n85ig3glWjqqyW9tL5l8Ng0gToCS7jLOrxTZt1zX0nKgpYU0M7H4-thLLdaj3IQ&google_hm=opYnSXy3k00AAikABlF8u1n-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPJE7aaDfGNqEls3ebFUxt_bRUkc43T4n85ig3glWjqqyW9tL5l8Ng0gToCS7jLOrxTZt1zX0nKgpYU0M7H4-thLLdaj3IQ&google_hm=opYnSXy3k00AAikABlF8u1n-uw%3D%3D
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f17-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPJE7aaDfGNqEls3ebFUxt_bRUkc43T4n85ig3glWjqqyW9tL5l8Ng0gToCS7jLOrxTZt1zX0nKgpYU0M7H4-thLLdaj3IQ&google_hm=opYnSXy3k00AAikABlF8u1n-uw%3D%3D
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame D015 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEO20rtuKvFbVWOk-lWWxFLI&google_cver=1&google_push=AYg5qPLChsXeKH8RSnYlbFhC5MhGpX2fdR61hh5e1ye9i7RjPcI8tqcYqHsNDT8QHJ4TTtFzZv_U4dZFGkT39Az0ZI6_A5W5_-QQ
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Oct 2021 06:46:49 GMT
pixel
cm.g.doubleclick.net/ Frame D015
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPIrvZSAxEUChkj5orQV5-YW1SHOhVZ1L4UVSIc3OMRn11ccIJhLueKTpgo9m9KTzsKCsRS93-huqNNo7tiEOvKxJuO...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIrvZSAxEUChkj5orQV5-YW1SHOhVZ1L4UVSIc3OMRn11ccIJhLueKTpgo9m9KTzsKCsRS93-huqNNo7tiEOvKxJuOOESyY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIrvZSAxEUChkj5orQV5-YW1SHOhVZ1L4UVSIc3OMRn11ccIJhLueKTpgo9m9KTzsKCsRS93-huqNNo7tiEOvKxJuOOESyY
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIrvZSAxEUChkj5orQV5-YW1SHOhVZ1L4UVSIc3OMRn11ccIJhLueKTpgo9m9KTzsKCsRS93-huqNNo7tiEOvKxJuOOESyY
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
us
sync.go.sonobi.com/ Frame D015 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJG1OuFNNy6WodBvR8TRNI-GW-T1PEmhDwLRf0aFbPbXEsQ94_vTkhzeDMKt4ITpmm9vfdSzriGbazNwXJ8-31mVKUNC3GL%26google_hm%3D%5BUID%5D&google_gid=CAESEBK-x977IQKEbR9AdxThYD4&google_cver=1
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
exptsync
ads.yieldmo.com/ Frame D015 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/exptsync?google_gid=CAESEE4xiGVSR6kA1ezI2Ldeuzo&google_cver=1&google_push=AYg5qPImv0Ete8dE-LPMXpfBaC7eUm4gybmJsUAe2prHNGVOJox4gtKFdExzU8gXNuvfgrBieIf_oM1nojr_3O-W9rBctb0zqWJS
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.74.33 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
pixel
cm.g.doubleclick.net/ Frame D015
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESELEqbxDXWYkmcRTkDA1hP88&google_cver=1&google_push=AYg5qPIiJo2GL4onTEsF8ZkTjrdakDX8ho30fwZxc80mZRyc-A03wpZbJnjn6TAfTxStM5uczi2Mfb9b9vW1SMFQ_J9Q8ouscjrX
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIiJo2GL4onTEsF8ZkTjrdakDX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIiJo2GL4onTEsF8ZkTjrdakDX8ho30fwZxc80mZRyc-A03wpZbJnjn6TAfTxStM5uczi2Mfb9b9vW1SMFQ_J9Q8ouscjrX&gdpr=&gdpr_consent=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&mn_hm=Mjc4MjMyNDA4OTIzMzQ0MzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIiJo2GL4onTEsF8ZkTjrdakDX8ho30fwZxc80mZRyc-A03wpZbJnjn6TAfTxStM5uczi2Mfb9b9vW1SMFQ_J9Q8ouscjrX&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 26 Oct 2021 06:46:49 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D015 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHd5XLZ-xO2mgirtYxj7aK1Dqaj0ZMkZWLsh-a8KZ8uCl9CfQJZ2ZD4v-rlLdJvaZNCsjp
Requested by
Host: 5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
URL: https://5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 2159
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENqjNHC7y5pqBVFPKXcoHts&google_cver=1&google_push=AYg5qPJ_eQIaTBfkcPlw2ntQjrAesNSX38D746HDO6WszzL0Evvz18ooDQ...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ_eQIaTBfkcPlw2ntQjrAesNSX38D746HDO6WszzL0Evvz18ooDQma0DVQEJtZRzV7hFnpgJ8CsKYJYvl1-BRiNhRImAPi0A&google_hm=ixne...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ_eQIaTBfkcPlw2ntQjrAesNSX38D746HDO6WszzL0Evvz18ooDQma0DVQEJtZRzV7hFnpgJ8CsKYJYvl1-BRiNhRImAPi0A&google_hm=ixneLUyw1cTSkm6CyqYZsw
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJ_eQIaTBfkcPlw2ntQjrAesNSX38D746HDO6WszzL0Evvz18ooDQma0DVQEJtZRzV7hFnpgJ8CsKYJYvl1-BRiNhRImAPi0A&google_hm=ixneLUyw1cTSkm6CyqYZsw
pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2159
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJgzRrktT3ldw5hSzRNzgbTFThQ74Xgtg3sA1j6ZR1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJgzRrktT3ldw5hSzRNzgbTFThQ74Xgtg3sA1j6ZR18GnS8ZA1-kvqJv467_8oKeSyKBoqqM2nPYVkAQPy4C8WNPUQwkAai6A
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NUpwS29zengxTUZnZXM1&google_gid=CAESELWPjgogZE6Oke0RnR3OzCk&google_cver=1&google_push=AYg5qPJgzRrktT3ldw5hSzRNzgbTFThQ74Xgtg3sA1j6ZR18GnS8ZA1-kvqJv467_8oKeSyKBoqqM2nPYVkAQPy4C8WNPUQwkAai6A
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2159
Redirect Chain
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEKI-FTpfkI0NZbyenBhA8pI&google_cver=1&google_push=AYg5qPKJPU3ujaXCWiNHrIQG0tcBUh2VRRwVr37IEQtFV5ky-51np6sKr1Palbrz25rEMVWas-UKfPmzfWrz52BT8sWhwU_NEw1l
  • https://px.adhigh.net/p/gm/rub?google_gid=CAESEKI-FTpfkI0NZbyenBhA8pI&google_cver=1&google_push=AYg5qPKJPU3ujaXCWiNHrIQG0tcBUh2VRRwVr37IEQtFV5ky-51np6sKr1Palbrz25rEMVWas-UKfPmzfWrz52BT8sWhwU_NEw1l&...
  • https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPKJPU3ujaXCWiNHrIQG0tcBUh2VRRwVr37IEQtFV5ky-51np6sKr1Palbrz25rEMVWas-UKfPmzfWrz52BT8sWhwU_NEw1l&google_hm=opYnSXy3k00AAikABlF8u1n...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPKJPU3ujaXCWiNHrIQG0tcBUh2VRRwVr37IEQtFV5ky-51np6sKr1Palbrz25rEMVWas-UKfPmzfWrz52BT8sWhwU_NEw1l&google_hm=opYnSXy3k00AAikABlF8u1n-uw%3D%3D
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f17-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPKJPU3ujaXCWiNHrIQG0tcBUh2VRRwVr37IEQtFV5ky-51np6sKr1Palbrz25rEMVWas-UKfPmzfWrz52BT8sWhwU_NEw1l&google_hm=opYnSXy3k00AAikABlF8u1n-uw%3D%3D
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2159
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIwsnHAQG4TUK6b1NEMIN4U&google_cver=1&google_push=AYg5qPKF9eB93q32UhcEcDObvlwfAf5cFw2tMELfgBhr6SJ96C8qbnORH355PC4vCG2FimBgltYMmWqZJZe7wvoLUrRc...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKF9eB93q32UhcEcDObvlwfAf5cFw2tMELfgBhr6SJ96C8qbnORH355PC4vCG2FimBgltYMmWqZJZe7wvoLUrRcm25e5wsmYw&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKF9eB93q32UhcEcDObvlwfAf5cFw2tMELfgBhr6SJ96C8qbnORH355PC4vCG2FimBgltYMmWqZJZe7wvoLUrRcm25e5wsmYw&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKF9eB93q32UhcEcDObvlwfAf5cFw2tMELfgBhr6SJ96C8qbnORH355PC4vCG2FimBgltYMmWqZJZe7wvoLUrRcm25e5wsmYw&google_hm=2ltAiSeVQ4SwVHTiUMdEGA==
Date
Tue, 26 Oct 2021 06:46:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2159
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPI_6MSqCmEI4s82fh9rctx8uSkvlBVCHEfOq0Aod0vp7hapnIBU4QN4Gxw3A4izAakB99bEagDF4CcX3aQ35F4t5e9...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI_6MSqCmEI4s82fh9rctx8uSkvlBVCHEfOq0Aod0vp7hapnIBU4QN4Gxw3A4izAakB99bEagDF4CcX3aQ35F4t5e96taI8Zw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI_6MSqCmEI4s82fh9rctx8uSkvlBVCHEfOq0Aod0vp7hapnIBU4QN4Gxw3A4izAakB99bEagDF4CcX3aQ35F4t5e96taI8Zw
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI_6MSqCmEI4s82fh9rctx8uSkvlBVCHEfOq0Aod0vp7hapnIBU4QN4Gxw3A4izAakB99bEagDF4CcX3aQ35F4t5e96taI8Zw
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 2159
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPKInnx_BBIPZJ79LEi3WizKMIKATaaU4RLWuoDC5YFBiXb4-jkff1Lq1fqKVBTQeKXZ0py45NZ-...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5NDYwNDAwNDgwNDU2OTEyMw&google_push=AYg5qPKInnx_BBIPZJ79LEi3WizKMIKATaaU4RLWuoDC5YFBiXb4-jkff1Lq1fqKVBTQeKXZ0py45N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5NDYwNDAwNDgwNDU2OTEyMw&google_push=AYg5qPKInnx_BBIPZJ79LEi3WizKMIKATaaU4RLWuoDC5YFBiXb4-jkff1Lq1fqKVBTQeKXZ0py45NZ-WunQbOc2Iq4R3K92BJvcWg
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5NDYwNDAwNDgwNDU2OTEyMw&google_push=AYg5qPKInnx_BBIPZJ79LEi3WizKMIKATaaU4RLWuoDC5YFBiXb4-jkff1Lq1fqKVBTQeKXZ0py45NZ-WunQbOc2Iq4R3K92BJvcWg
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2159
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMLGW_0MN4VBTVnKkphQUNU&google_cver=1&google_push=AYg5qPJ7oRAtC_EJV2Tj2Ip03ZmUH5_4eTpmjHqDXrkbTWX9WCgJoDdbssdjgRpxkELdBIlCRA...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPJ7oRAtC_EJV2Tj2Ip03ZmUH5_4eTpmjHqDXrkbTWX9WCgJoDdbs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPJ7oRAtC_EJV2Tj2Ip03ZmUH5_4eTpmjHqDXrkbTWX9WCgJoDdbssdjgRpxkELdBIlCRARaREq2lipcxNMJjbUv5ETKu-tK8Tc
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1MWDF2UlBaRTJ1RVNOSDRLRDlpUkZlWDhpNC5xcUdyN35B&google_push=AYg5qPJ7oRAtC_EJV2Tj2Ip03ZmUH5_4eTpmjHqDXrkbTWX9WCgJoDdbssdjgRpxkELdBIlCRARaREq2lipcxNMJjbUv5ETKu-tK8Tc
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 2159 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J924JshdeEIfagZzGeHYZEwD9MIgb1FWceUyjRxTzD7t2kCoqQP9LMIJLQhUs3E0TisNfNAg
Requested by
Host: ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
URL: https://ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 8021 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411083
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bad08d24426c-AMS
cf-bgj
minify
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 8021 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Tue, 26 Oct 2021 06:46:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2647832
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdv9tyZF4dTVStbxgj6tc9lOt0Zreaot0r7mhKXNmsnJ-HaaqQCWwQNjYgGcRBLzb03pdNOdk9jylkiuz5XlqhM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSjFLeveQ4gDj5HGFZKVUhP1VBssH%2FBAchXXYKezJk7RNS8uy63pNkONHNIuryQgdz7SzHsUGtmTSk0ucLfZ%2B1%2BV7saxJJ3Ra470LM5qgngsgEmcXU%2BtcZNCtXoBeU%2BK"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:49 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6a41bad08d674c98-AMS
cf-bgj
imgq:85,h2pri
923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 8021 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date
Tue, 26 Oct 2021 06:46:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
475877
cf-polished
qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid
ADPycdsngGFBOf1NwtK5ADGe0e-Cq8Oc185wwEHc4Dtvq0CTvcq4WmELbUIWWWbstzoq3Hi2N_JiTM-T4S_zGSppaZ0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10372
last-modified
Fri, 18 Sep 2020 09:05:40 GMT
server
cloudflare
etag
"0d69fd9136fbb169fa63568d6c765a6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2psl02H9M0YIR3I%2BrTXyk7BiGE4e461TBkYhzP9Sp3taJJPdIYYAN9sq2pD2Vo4gpt5gGh7dqVW6NnwlA%2F7zFQFOJSNfAsBMsIaIxUoS2D7r7EKUm8yJEzLSYtnrAVv"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600419940053465
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:49 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12438
accept-ranges
bytes
cf-ray
6a41bad0adaa4c98-AMS
cf-bgj
imgq:85,h2pri
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 8021 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Tue, 26 Oct 2021 06:46:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1602455
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycduE4kw57FRczPzc41nU68uVFYl3T-B9ZnlwtwFgcac-lb3gJCvfhVPQP0pvGYUnXKm81fY4ihWjp8YHDc4b2ZY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KUoRgVn2rWpyTELouZFRM7lj0wdYE8X5%2Fn0kMh7yVuEJEbZ8znxeANXFK5VteupUcosSmNkdjhh8gji1%2FUcUsLG9JUwR8%2B6UnSrMM1B2gYFyMqLGehrWz5xL7HNM9NJ"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:49 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
6a41bad0adb14c98-AMS
cf-bgj
imgq:85,h2pri
FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 8021 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date
Tue, 26 Oct 2021 06:46:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47951
cf-polished
qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid
ADPycdvNLh1M_KXslA6DIgMY1sEHzqR2PUG-QFmmMl5NEmsL-TtAZUbc7WT9AhCHkcdbA0wt5NKozgPEvXDohIWYuJs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30226
last-modified
Thu, 09 Apr 2020 08:50:22 GMT
server
cloudflare
etag
"f7c8b1c28756e1f042414e043a02e1fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FSFm3FIkfr%2FxhZkvCTwJvaYqLR2EiGlaXkH5LBDb4BGqe8eBhwVF9iJhZunpq6JECDz4MAn4SpddEg9hihLqqPnTzi40aug352AHNqhBl%2FcZ6f0SO6WegL7qlzLNRi%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1586422222365290
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:49 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
81547
accept-ranges
bytes
cf-ray
6a41bad0adb34c98-AMS
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 8021
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKfxqry95_MCFcO43godwAcKOQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUkoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635230810_7f183f50-3628-11ec-8a48-2265030db828
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635230810_7f183f50-3628-11ec-8a48-2265030db828
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.139.77 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Tue, 26 Oct 2021 06:46:50 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635230810_7f183f50-3628-11ec-8a48-2265030db828
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame 8021 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date
Tue, 26 Oct 2021 06:46:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
475341
cf-polished
origFmt=png, origSize=17428
x-guploader-uploadid
ADPycdu4E7GhIqiinz8O7RvQ1LQeGCHbl_M4kVGNwyzXKL3RJWDb50FEmS0VEVEZ8TuyzSR7Oglb3u05taTYMctIYhI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6390
last-modified
Wed, 18 Aug 2021 10:34:33 GMT
server
cloudflare
etag
"26c84ef9c719f5cf615a799a8667d2e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLIlVDWMuXZZuIeZlG8zRdzDvYJn0A%2FpxMB7XJEC3uPwFX551%2F5LDpEVF8coRP0OCmOfxxqUIu4uc4flezkW7nHMbKb9FNa10O122pxRKHdUoBUk60hKfFu6RRlqhchk"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1629282873725600
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:49 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
17428
accept-ranges
bytes
cf-ray
6a41bad0adb44c98-AMS
cf-bgj
imgq:85,h2pri
8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame 8021 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date
Tue, 26 Oct 2021 06:46:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
754839
cf-polished
qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid
ADPycdveeIOPzUC9IR7cumHOj7FCZRC8bmSjifAygs48Cw2_kOPfsaZZSZZxXHKTigz1j75xAq0Wvk46jEOZ4oap1aPa8Ffkbg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28448
last-modified
Tue, 03 Aug 2021 12:47:14 GMT
server
cloudflare
etag
"6d92776609fcae3d35627b3987f9b1e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1H79b4qJqDo6s8SD%2FowUJn2O2a0YmHAP7jihDzsGPQwGaeD03YYMD76XthDOeEjdIZwsjv0L25dzmr1z7K8d9PiVrqPsdYmvJbGol9f%2F1QnR6ScF7%2F%2BGT%2BrOleCM%2BZgc"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1627994834652806
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:49 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
82379
accept-ranges
bytes
cf-ray
6a41bad0adb54c98-AMS
cf-bgj
imgq:85,h2pri
tsv
neso.r.niwepa.com/ts/i5542019/ Frame 8021 		43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neso.r.niwepa.com/ts/i5542019/tsv?amc=adnetworks.blbn.455799.471580.CRTJDe7y2sn&smc1=oneid5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
35.187.117.15 -, , ASN (),
Reverse DNS
Software
nginx/1.13.9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
last-modified
Tue, 26 Oct 2021 06:46:49 GMT
server
nginx/1.13.9
p3p
policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type
image/gif
content-length
43
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1B43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=3761144809957779&rc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame BAB5 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
01de13a87bf28fa0a92b44ae7eefc69fce048c9ca5eb598a649b551f86505c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8496
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7893 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
35bd60f0a8c0a5a421aeca7cd9ad272c748dad0dfded1c099c4cc5d8733fc131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8482
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ACD6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:46:49 GMT
frame.html
ad4m.at/ Frame 40E2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:49 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015225
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KR5tBMoG4wKYg3c0Rgv76zcXVlxKd1fz%2BpspwE4hkbmq2qCI0TPPFtSMu3n8Gv9Pb7DqqEr9XsNVR%2FUqDL%2FPFSIBubjrP7N6RgjnWKbOF6lID8k6SUyxS0%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bad11e2a426c-AMS
content-encoding
br
frame.html
ad4m.at/ Frame C9F9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:49 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015225
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PND7mCxaToNVzvLgh0rBfqjYC9v9KJEL%2BvxBYnyR%2FebmcPk4G08zFPn8%2BUNPx26BORk47nSw3t7fudC310Nf9QdGr2RTQhiZv28uK9eUOsu0ZhEbLf56RQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bad11e2d426c-AMS
content-encoding
br
frame.html
ad4m.at/ Frame 2FFF 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycduut8uxxnCmgfCgO-BXuJ1ZwEx-zUwxyKiVPQrv0F3a8lM8aysuKxos2YcZU4Snt07O1Y9WdK60q0zgWn4mL-8
expires
Tue, 26 Oct 2021 07:46:49 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2015225
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bvl8AxkkhGt%2BKGO5wApAzWWDsaHvJAM7a4fLsmwPXCdxlfJ5%2FZa2G1ATTsJMkKoZIqzK%2Bcz59HG9K4Run%2FPHTMfrQ5JG58rg72Ejy5g1oTdblPyzVayqMJQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6a41bad11e3b426c-AMS
content-encoding
br
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D47C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:43:19 GMT
expires
Wed, 26 Oct 2022 06:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
210
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 0E3F 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
5571300fc085741dee82747cc9494a5f68d68cd2793e996590337633233bd633
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TLDUoFWpP0IzjXNfEBz1IA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:46:49 GMT
date
Tue, 26 Oct 2021 06:46:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TLDUoFWpP0IzjXNfEBz1IA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 78A8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 26 Oct 2022 06:11:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BAB5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com&bust=31063261
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:46:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7893 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:46:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C14A 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
b26ffbf3e283bd62b22d1fdcffa22a01365b3968d4f1e72fc30ded771e990b3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Oct 2021 06:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8531
x-xss-protection
0
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame EA6C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 26 Oct 2022 06:11:18 GMT
link.html
track.webgains.com/ Frame 8021 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
df443491539f844f7cc2d51b2dcc180e4415d02fe15a050c7cb7847cdaa9be53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:50 GMT
Last-Modified
Tue, 26 Oct 2021 06:46:50 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1396
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F011
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEMhuV-zxyf89e83YrUSi6O4&google_cver=1&google_push=AYg5qPIaPUbUgEnhfABBb-gEOYDS5HWTbKlmEGkQWjuItHCV_cPudNxLSY7il7llS69fgDJGVnQnSXtab9upgaTz75wA9Q9O7xE
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFFEblBBS2lCMGVXaGNTc1dhUjNZUQ%3D%3D&google_push=AYg5qPIaPUbUgEnhfABBb-gEOYDS5HWTbKlmEGkQWjuItHCV_cPudNxLSY7il7llS69fgDJGVnQnSXtab9upg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFFEblBBS2lCMGVXaGNTc1dhUjNZUQ%3D%3D&google_push=AYg5qPIaPUbUgEnhfABBb-gEOYDS5HWTbKlmEGkQWjuItHCV_cPudNxLSY7il7llS69fgDJGVnQnSXtab9upgaTz75wA9Q9O7xE
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=ZFFEblBBS2lCMGVXaGNTc1dhUjNZUQ%3D%3D&google_push=AYg5qPIaPUbUgEnhfABBb-gEOYDS5HWTbKlmEGkQWjuItHCV_cPudNxLSY7il7llS69fgDJGVnQnSXtab9upgaTz75wA9Q9O7xE
date
Tue, 26 Oct 2021 06:46:50 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
242
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame F011
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELEMrX5n7ZyXDEVy7z6rZYg&google_cver=1&google_push=AYg5qPIlcI9LC-lCXjQ8CeZBbxazEVW29YgyZX75jk2wXvvyTX_2kDHvbBJ3DS79oCXt53c-YhMu_uW5ytIc4zVvApHuFL6...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIlcI9LC-lCXjQ8CeZBbxazEVW29YgyZX75jk2wXvvyTX_2kDHvbBJ3DS79oCXt53c-YhMu_uW5ytIc4zVvApHuFL6Xzvs&google_hm=MTQwMzA3NjkyMzcyMjc3MDg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIlcI9LC-lCXjQ8CeZBbxazEVW29YgyZX75jk2wXvvyTX_2kDHvbBJ3DS79oCXt53c-YhMu_uW5ytIc4zVvApHuFL6Xzvs&google_hm=MTQwMzA3NjkyMzcyMjc3MDg0Mg%3D%3D
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 26 Oct 2021 06:46:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIlcI9LC-lCXjQ8CeZBbxazEVW29YgyZX75jk2wXvvyTX_2kDHvbBJ3DS79oCXt53c-YhMu_uW5ytIc4zVvApHuFL6Xzvs&google_hm=MTQwMzA3NjkyMzcyMjc3MDg0Mg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame F011
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEAJl9XfjGV92pfjgA8o9Wkc&google_cver=1&google_push=AYg5qPJpCydfgSxlDLOaDEBtQlXvBaMaxAnp-X8ji_l5SU4lCYAFRcEJI_bYT71m0RgYo...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJpCydfgSxlDLOaDEBtQlXvBaMaxAnp-X8ji_l5SU4lCYAFRcEJI_bYT71m0RgYoSlHn1RPpfstw4W1p6LAJaBFCbtefA&google_hm=QTdBemg1Vjk3cVlfbF92UDItbn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJpCydfgSxlDLOaDEBtQlXvBaMaxAnp-X8ji_l5SU4lCYAFRcEJI_bYT71m0RgYoSlHn1RPpfstw4W1p6LAJaBFCbtefA&google_hm=QTdBemg1Vjk3cVlfbF92UDItbnBBUEE=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJpCydfgSxlDLOaDEBtQlXvBaMaxAnp-X8ji_l5SU4lCYAFRcEJI_bYT71m0RgYoSlHn1RPpfstw4W1p6LAJaBFCbtefA&google_hm=QTdBemg1Vjk3cVlfbF92UDItbnBBUEE=
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame F011
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESECnKyOoRcfut5vzhPV7MSEQ&google_cver=1&google_push=AYg5qPLXK9obOUEHBj14sn5PLnM7vkvQp-DAMtj7DXI5-0zlPFd_i3bk3y9W9tlfYsW9ed9tSfzsh7MZMpXwwU6tAJ6UoJWFR60
  • https://rtb.openx.net/sync/dds?google_gid=CAESECnKyOoRcfut5vzhPV7MSEQ&google_cver=1&google_push=AYg5qPLXK9obOUEHBj14sn5PLnM7vkvQp-DAMtj7DXI5-0zlPFd_i3bk3y9W9tlfYsW9ed9tSfzsh7MZMpXwwU6tAJ6UoJWFR60&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLXK9obOUEHBj14sn5PLnM7vkvQp-DAMtj7DXI5-0zlPFd_i3bk3y9W9tlfYsW9ed9tSfzsh7MZMpXwwU6tAJ6UoJWFR60&google_hm=aLDK9bghz6YCCaxBVzeURg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLXK9obOUEHBj14sn5PLnM7vkvQp-DAMtj7DXI5-0zlPFd_i3bk3y9W9tlfYsW9ed9tSfzsh7MZMpXwwU6tAJ6UoJWFR60&google_hm=aLDK9bghz6YCCaxBVzeURg==
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLXK9obOUEHBj14sn5PLnM7vkvQp-DAMtj7DXI5-0zlPFd_i3bk3y9W9tlfYsW9ed9tSfzsh7MZMpXwwU6tAJ6UoJWFR60&google_hm=aLDK9bghz6YCCaxBVzeURg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
bj42nntr6ee6bpcnsclerethtssc2lj0
pixel
cm.g.doubleclick.net/ Frame F011
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOTWl_FRqihe81hpW0K1uVU&google_cver=1&google_push=AYg5qPKKH_v9Wz3EUlgS7xLSmacKsqVICllAsaUjAkAzl96uXs8mEsPAlN_aSDuxUEtmac2SfX5eDVRoN1bLJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKKH_v9Wz3EUlgS7xLSmacKsqVICllAsaUjAkAzl96uXs8mEsPAlN_aSDuxUEtmac2SfX5eDVRoN1bLJUXGTHskmUlE-ls&google_hm=b0hxYUFRdlFJbDBmdW9pR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKKH_v9Wz3EUlgS7xLSmacKsqVICllAsaUjAkAzl96uXs8mEsPAlN_aSDuxUEtmac2SfX5eDVRoN1bLJUXGTHskmUlE-ls&google_hm=b0hxYUFRdlFJbDBmdW9pRGtiZFU=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:50 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPKKH_v9Wz3EUlgS7xLSmacKsqVICllAsaUjAkAzl96uXs8mEsPAlN_aSDuxUEtmac2SfX5eDVRoN1bLJUXGTHskmUlE-ls&google_hm=b0hxYUFRdlFJbDBmdW9pRGtiZFU=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
us
sync.go.sonobi.com/ Frame F011 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPI2CqMRoJ0fj7XlJnWAvX5RDVhCS-vlbwQkYyvB93tTB54KCAT8ZX-dpOqfqhA4jEIy95KmdBHwqh8BC6nGG7FVMHEsbw%26google_hm%3D%5BUID%5D&google_gid=CAESEBK-x977IQKEbR9AdxThYD4&google_cver=1
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:49 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
dot.gif
s0.2mdn.net/ Frame F011 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEED1ov7KovYknr6wrEtDxc8&google_cver=1&google_push=AYg5qPJnOGBeppjZOi6lLTrOmPDiA2jcL0B2NY4EjrhUAqrwfu5Cmu9pga38VYIYNfkClyZl7ZQMogqUMhtgwc3NTGwFgUGERlaI
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Oct 2021 06:46:49 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F011 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4ddRlrkuuGYydpJ8lNZwBbycuPSecm_fSXsmONxLg983zk4UUj8QFhyLGDmDszBQrQtB1vA
Requested by
Host: 92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
URL: https://92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 7C3D
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEAXNy8YM_WZCwUy1wNWC5XY&google_cver=1&google_push=AYg5qPLJgakh8XDrzRGaVCDygyoXMIhTVkCXRbXZtBQ3_3oA_MUiErbC8ZXh_y8Qws2xuzJuSKEpMyG8BnnyNSQ2xiNpvF29fL63Jg
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzZENjk0MDg1RUUzNzc4Mw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzZENjk0MDg1RUUzNzc4Mw==
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzZENjk0MDg1RUUzNzc4Mw==
date
Tue, 26 Oct 2021 06:46:50 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 7C3D
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESECnKyOoRcfut5vzhPV7MSEQ&google_cver=1&google_push=AYg5qPJyMTP9Q3HAaDLLgrqvc_ju-2eeqzLKOkR_cFiXEAl9rSr9Mfik-G9vGo7xps-GO99RAEWBE7hfuW2LkdpIU9lrwP7x-S5l8g
  • https://rtb.openx.net/sync/dds?google_gid=CAESECnKyOoRcfut5vzhPV7MSEQ&google_cver=1&google_push=AYg5qPJyMTP9Q3HAaDLLgrqvc_ju-2eeqzLKOkR_cFiXEAl9rSr9Mfik-G9vGo7xps-GO99RAEWBE7hfuW2LkdpIU9lrwP7x-S5l8...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJyMTP9Q3HAaDLLgrqvc_ju-2eeqzLKOkR_cFiXEAl9rSr9Mfik-G9vGo7xps-GO99RAEWBE7hfuW2LkdpIU9lrwP7x-S5l8g&google_hm=aLDK9bghz6YCCaxBVzeURg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJyMTP9Q3HAaDLLgrqvc_ju-2eeqzLKOkR_cFiXEAl9rSr9Mfik-G9vGo7xps-GO99RAEWBE7hfuW2LkdpIU9lrwP7x-S5l8g&google_hm=aLDK9bghz6YCCaxBVzeURg==
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:49 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJyMTP9Q3HAaDLLgrqvc_ju-2eeqzLKOkR_cFiXEAl9rSr9Mfik-G9vGo7xps-GO99RAEWBE7hfuW2LkdpIU9lrwP7x-S5l8g&google_hm=aLDK9bghz6YCCaxBVzeURg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
ua3ev39qeh24eqehtdmq5r1guuvrrt47
pixel
cm.g.doubleclick.net/ Frame 7C3D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKgHrq6R5LT4cUsThnDE4gE&google_cver=1&google_push=AYg5qPITSaanIgjpOXv1aqD-G-b1KFm58yInBCYwXC6F5UmRgpX9vrdPpLDUt_dYyqrvxnPkbpahMBB0oAgmJEk...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tE-UdoBcQutd6jgZOPDuT9iDby4&google_push=AYg5qPITSaanIgjpOXv1aqD-G-b1KFm58yInBCYwXC6F5UmRgpX9vrdPpLDUt_dYyqrvxnPkbpahMBB0oAgmJE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tE-UdoBcQutd6jgZOPDuT9iDby4&google_push=AYg5qPITSaanIgjpOXv1aqD-G-b1KFm58yInBCYwXC6F5UmRgpX9vrdPpLDUt_dYyqrvxnPkbpahMBB0oAgmJEkmM3UkBx8dVdcYvA
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tE-UdoBcQutd6jgZOPDuT9iDby4&google_push=AYg5qPITSaanIgjpOXv1aqD-G-b1KFm58yInBCYwXC6F5UmRgpX9vrdPpLDUt_dYyqrvxnPkbpahMBB0oAgmJEkmM3UkBx8dVdcYvA
Date
Tue, 26 Oct 2021 06:46:50 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 7C3D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA7g2GGIKbPQpyXkZOGntS4&google_cver=1&google_push=AYg5qPJlf5SZ38esdmLMq6SyOoDCDu22NnxSvFYXy6EMC9d30RpPyRg4_R5AREv4M0Un_kKaRa7...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y3UTdDNlgtSi1CMjhP&google_push=AYg5qPJlf5SZ38esdmLMq6SyOoDCDu22NnxSvFYXy6EMC9d30RpPyRg4_R5AREv4M0Un_kKaRa7tvmEsxacPiU0YMcl_JdMCzrGK0A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y3UTdDNlgtSi1CMjhP&google_push=AYg5qPJlf5SZ38esdmLMq6SyOoDCDu22NnxSvFYXy6EMC9d30RpPyRg4_R5AREv4M0Un_kKaRa7tvmEsxacPiU0YMcl_JdMCzrGK0A
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y3UTdDNlgtSi1CMjhP&google_push=AYg5qPJlf5SZ38esdmLMq6SyOoDCDu22NnxSvFYXy6EMC9d30RpPyRg4_R5AREv4M0Un_kKaRa7tvmEsxacPiU0YMcl_JdMCzrGK0A
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7C3D
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELJsxJGzPCZsQAT2_U6bzGQ&google_cver=1&google_push=AYg5qPL2ZDb3dUmibtBYLWoPP5SOufRZf7HjpA90bhVJqvzt_HanxAaR2qMOB94-vKPZyWjoVQO_EUJmGIp8Q_BFE...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL2ZDb3dUmibtBYLWoPP5SOufRZf7HjpA90bhVJqvzt_HanxAaR2qMOB94-vKPZyWjoVQO_EUJmGIp8Q_BFEo2Iix-BXCAJIw&google_hm=cf745295171a9a0440ed...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL2ZDb3dUmibtBYLWoPP5SOufRZf7HjpA90bhVJqvzt_HanxAaR2qMOB94-vKPZyWjoVQO_EUJmGIp8Q_BFEo2Iix-BXCAJIw&google_hm=cf745295171a9a0440edb135
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 26 Oct 2021 06:46:50 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL2ZDb3dUmibtBYLWoPP5SOufRZf7HjpA90bhVJqvzt_HanxAaR2qMOB94-vKPZyWjoVQO_EUJmGIp8Q_BFEo2Iix-BXCAJIw&google_hm=cf745295171a9a0440edb135
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 7C3D
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBfeb0FH5sgBRTseeaHsPDM&google_cver=1&google_push=AYg5qPJ-d8_CNhNLIMXQNm1WGqHTK3DXYZ7jA5fT5vXL7o7R6i6NHNv3...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEBfeb0FH5sgBRTseeaHsPDM&google_cver=1&google_push=AYg5qPJ-d8_CNhNLIMXQNm1WGqHTK3DXYZ7jA5fT5vXL7o7R6i6NHN...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3ZTBiMTVkMi0zNjI4LTExZWMtOTJmMS0wNmM2MzNkNTk0MTI%3D&google_push=AYg5qPJ-d8_CNhNLIMXQNm1WGqHTK3DXYZ7jA5fT5vXL7o7R6i6NHNv3Iw6CucGaK9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3ZTBiMTVkMi0zNjI4LTExZWMtOTJmMS0wNmM2MzNkNTk0MTI%3D&google_push=AYg5qPJ-d8_CNhNLIMXQNm1WGqHTK3DXYZ7jA5fT5vXL7o7R6i6NHNv3Iw6CucGaK9dnu_sZR7Y4OVa_td8XKd6Q8R253Cod22NnIg
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 26 Oct 2021 06:46:50 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA3ZTBiMTVkMi0zNjI4LTExZWMtOTJmMS0wNmM2MzNkNTk0MTI%3D&google_push=AYg5qPJ-d8_CNhNLIMXQNm1WGqHTK3DXYZ7jA5fT5vXL7o7R6i6NHNv3Iw6CucGaK9dnu_sZR7Y4OVa_td8XKd6Q8R253Cod22NnIg
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7C3D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ImcGBSyQztPBdZitvJ4GfkTbmPuKuly6TB6po3O9ds4-LBKQbagXFNNEnLPzNkBXs
Requested by
Host: f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
URL: https://f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rtimp
g.rtbrain.app/ Frame 38E2 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.rtbrain.app/rtimp?sid=7e0eb148-3628-11ec-9a5d-4aafd4d64344&d=sorrelma.com&cr=dts_gen2__23&gid=CAESEOrRm-oHGPl89DFpZVLHP6c&a=imload&p=YXekWAACxQUK4DDSAAnvnOTMk66QqosQHNQOZQ&r=712539018&ow=1600&oh=1200&tzof=0&tz=Etc/Unknown&pxr=1
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.128.115 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
access-control-allow-headers
Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C14A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3436491155956402&plah=sorrelma.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 26 Oct 2021 06:46:50 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-d4ff
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qR%2FhuiigUfzEMKWssT4XGrHKuGJpan7fr9L8WsZ%2BqTwFeyGI6qioLZgX1IZbffgREoAZqHtlSO7Xx%2B7EP%2Ft4v%2BYJqbru%2BuDzQanvQjMeSJHX8uOVOwzZ%2BDA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bad2ad3639bd-CDG
rs
ad4m.at/ Frame 2951 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b220108e1a2d543d5ad7e8b0357df23ff8caa23ec9b5d2967335eb30a61c6e43

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6a41bad2dd8539bd-CDG
date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLmfVGCZA8FW9n3i9%2FKxBQupRUJdHMK978iy0Ch%2BF%2BCYgf0sZFtmYV3H1cWH5X4Va%2BNT5W4VRaBOXVJGX4IehuZNYvD%2FSjRZpbBxYzzL8I53YfUt03274g8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-d4ff
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EEA6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:43:19 GMT
expires
Wed, 26 Oct 2022 06:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 5A78 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
fb6aaa9d96949e95aba43b687b608cde8ee3d6c5cfadf80679559ea9a8ea64cf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/BuBgsZDskTBffwBxMBD8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:46:50 GMT
date
Tue, 26 Oct 2021 06:46:50 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-/BuBgsZDskTBffwBxMBD8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1A12 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:43:19 GMT
expires
Wed, 26 Oct 2022 06:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 1646 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
3af44ecb8aad854c925aec777222c8117ec61e91715d1fc8c1f6544ab7420ca4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qtpXin4HUpmnBsG/dSX/vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:46:50 GMT
date
Tue, 26 Oct 2021 06:46:50 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-qtpXin4HUpmnBsG/dSX/vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 06EE 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:43:19 GMT
expires
Wed, 26 Oct 2022 06:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 3503 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
af45e3a4cfd2c9518f149486d58092885a4a8a8ceb08677aa62c72f5dd0aeea1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mxi1ag0SJ1NsRomAIFr4BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:46:50 GMT
date
Tue, 26 Oct 2021 06:46:50 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-mxi1ag0SJ1NsRomAIFr4BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
rar
as.ad4m.at/ad/ Frame 7A5A 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d334847d698a31cf1ca32ba991bbe25728fcc6af095acb9aff484415d6416e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as.ad4m.at/ad/dr?ed=1j5m9ym1x3bjx45yzskwjadqpwdynmz6n62fdv81jchs2q4ke4xnh567wzyvyjswvg568nay1jyymwxs72552yvqy2fkzec327ybc594ykr66ncvmnwa8gp65ff91y3ngs9a7w39kab82309tckx1b7yvm74y2y1pq2b9hdrdmb2yzswnkahjsta0jhnchfq6z888wmhv443rnzyz3q1h0azmfr9p3y756h12reg5bds35d8kv101xq05k5288twxfy7ap630bjj0f1k2eegsa8srkjs77vdn11hjvmzgj7x6f0vmm4kv09gj9ywg820avsgs33y4ew1a814gdrjk089pva5zsc3wwfsgmbwhzk982ncazdqr4dh0rk2pa4qf84g7qnw02ymxrz9n0352ndyadpb0h2fzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%26client%3Dca-pub-3282547114800347%26adurl%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1j5m9ym1x3bjx45yzskwjadqpwdynmz6n62fdv81jchs2q4ke4xnh567wzyvyjswvg568nay1jyymwxs72552yvqy2fkzec327ybc594ykr66ncvmnwa8gp65ff91y3ngs9a7w39kab82309tckx1b7yvm74y2y1pq2b9hdrdmb2yzswnkahjsta0jhnchfq6z888wmhv443rnzyz3q1h0azmfr9p3y756h12reg5bds35d8kv101xq05k5288twxfy7ap630bjj0f1k2eegsa8srkjs77vdn11hjvmzgj7x6f0vmm4kv09gj9ywg820avsgs33y4ew1a814gdrjk089pva5zsc3wwfsgmbwhzk982ncazdqr4dh0rk2pa4qf84g7qnw02ymxrz9n0352ndyadpb0h2fzg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%26client%3Dca-pub-3282547114800347%26adurl%3D

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bad3aafa426c-AMS
content-encoding
br
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 940B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 26 Oct 2021 06:43:19 GMT
expires
Wed, 26 Oct 2022 06:43:19 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame A35C 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
29854d29bb5a458278a1ddb15b0e352b6e521376fddcd5621fdb0eddd0cbc9d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-48BxkkE9cbz9s4P9OhiFZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sorrelma.com/
accept-encoding
gzip, deflate, br
cookie
NID=511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 26 Oct 2021 06:46:50 GMT
date
Tue, 26 Oct 2021 06:46:50 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-48BxkkE9cbz9s4P9OhiFZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/pagead/ Frame 0E3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=507165796166891&rc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
rs
ad4m.at/ Frame 399D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
bac1a6a9f31b61083384eef4862389aa2136172491e615d83cfbd5c679a02664

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6a41bad3ef5539bd-CDG
date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ht4JtNhq96B47P5d71BL9C4abvJULrDbreEoTERSopSPGjwzomrS90vyre1KbRQYw98acjTWRWbuhnt9iWba95TsZ%2B9HP9oOQCuAK96Iee6rb7Mh8fmlqgA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-d4ff
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-d4ff
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rL4YGOX0RTfw2yOS2233Y8eiDmr05LR5VSC5mBlG5F76%2BeNdXnU84goHw5t2vfN1TUAOaukpHG9BRd3mlFRw1f0L5rz%2FbiIt5tP7x65r6eY67No6LYhL5Dc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bad3bede39bd-CDG
rs
ad4m.at/ Frame E82F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf400b2e4d5124b09f91e66e3df10ab0d6d89daeceb53d127204ed732e454164

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6a41bad42f9239bd-CDG
date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svTfkOVnVhZIOSITKA6uo8fplFLGjQKZloBi2hPI6kKc7mWfjp3V3dnjFGPRSCpeOUhAQSJ8aXbaZtIJ6mNiED736FJ5TF94A6tAg3PY60Ui9m1bFTIQfT0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-d4ff
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-d4ff
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DytwgZtAum5EYPrwTsesr4UWcYP2FF48OSy2%2BdqJXxd3lObsR5iXaN7JkaCGPf31e%2BQKryllFPGIUwZzdXvXtw%2BQfIUY%2FXvE%2FmKw%2BtVCSE7DhUrfbOHj2Y8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bad3ef5139bd-CDG
rs
ad4m.at/ Frame 023B 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a6c1e57ec9947732b6b05c66c6c3022c33035cf299df4bfbcf86c412a3e6f95d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6a41bad42f8c39bd-CDG
date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrKh24bENkUVKDIkOVW6gqHth%2Bx7HJjZOMfjBnHlHWWOcDpsToYLVU52jDPwEZoCNKFU6xCMefZzelc1VKPD1RdZwiR3Wbhn%2B93g9tb61exnkNKryGvkuYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-d4ff
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-d4ff
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6nNig9Q29Amca7205y3Vi0Xpxix7gr%2BW9n71ViLn3LNBu78DfuJpjaDakkvxrzMseZY%2B1Z2mDqxZ3wcPTbm24nb7Spn0x9VnuqcbOVXHErAoWRLOD7wweE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bad3ef5439bd-CDG
pvClk.min.js
analytics.webgains.io/ Frame 8021 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.9 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via
1.1 3f52d342c56014599dee37446f6c9f2f.cloudfront.net (CloudFront)
last-modified
Mon, 13 Sep 2021 10:14:21 GMT
server
AmazonS3
age
4730
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 26 Oct 2021 05:28:01 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
51794
x-amz-cf-id
ERB5INGcyRXZw8b-ZX6nkWa6iaFeFFVIUzcrVnro6Y6aSQ1IXWQ8pg==
link.html
track.webgains.com/ Frame 8021 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid7AmGfqfzfGEAFrHXHgtAtr64fGT1Tr23tMoneid__asuidjz41e5Qser0clNu5wEq128axCXVkqvJ8asuid&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C22451%2C161178&b=Mm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3%2C8QjCDfM8F95bFgHJHEtxtXKQcPTwT1MUk%2C5reSXf4EsG7b3upH7HMt3t7YP8SETVTzeF1&f=64rFefw3feAxfeHmHYtECxVms2T1Tjga7%2CZQ4CwfRBF5MZamHDHDtDC6zPCVTXTDkhJ%2CpVEU1f8gfmgDkhkH4HmtJC5P2WHgTRT12UE&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=d89a6ab55e4a85a3ca8096530611bfdc%2F1348714417488852138&i=27720%2C25174%2C65236&j=21%2C16%2C52&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230809261&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g43jq021qg4efkjqtxfm4mf34farpc3mwgjvht5q00ayk3bx6cf9spyek37xzmzqgtrah731b37enn9eb9szazfgdqybhs0kxf3p8g3mx425qgxzf8pyxv6v4gzcm71xhewer4088gzgactjdr3hjhb3hwg4k3vrbzmzgz8bs4zknj7g9bp2zbarp5v3em24dwtj2nt9hahvn4wfxy8h3mppvabm9t8sxtrj762dfyjb8b4pkxsgp80d725nqmc1pwjqge4j5p4v5m75340%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCi5o6V6R3YaGtBvvDx_APpZmj-AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9B1WAVWMKEFiU_9yIDVrGeJojUro2cFwfe9TFJhOrBMa4yJAk1C0BepDXUMyXtF9bj2ybZhia24yMM28pZKh27XK64PYWA6cJ1qsYYAcX1Jz44LCJL5qWy8OWMGN7rRp1NlOA2fv7N7fvKXb4B-yJZGwPXMqhqPUhm0tElyKMfhkuvQf7obSqejsS8y-_KPoLoFXF3-CYdHEzvoWeE4o6ndcLmo7fITNDu7d-kAKFND7DUnJNFRUbZ2NIzsc4RydkfFsF70WB571_pIer9oBpZwLtq7N9czOtUgHEnD8p1M4uAEAYAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3qLhE91T6jO1DTaocp414ZZWv1Vw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:50 GMT
Last-Modified
Tue, 26 Oct 2021 06:46:50 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
rar
as.ad4m.at/ad/ Frame 6F8E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ba1e6b3b9b25df5e12b16007e0108a6379830a89ddc34d51fb07539f4f752f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as.ad4m.at/ad/dr?ed=1jn7rg7gz7jjj3cfz6v0vkdkfqg1kwp725zmz09dm04rx56my9dk67b96harexs2a3gge46525v0edax28a6wtnfnftte0zp390dgs763gvymg9zvbq9c957snwq9x526n5hr5zxjptb85zs2h3y4re4xm78cjd9eztwk92fa76szzn2dkwpraffdnqn4twhjyvrba3y5c64sae6x6e3ttz05p0eks5pcyff2zkamqeeh4he8zadyk1xes93bgt3ggy84zp2ywm1b22fj0e855sth65z8bbbbzbnd44xpn7095983vza626bkgznchj4vzpfecsjz4srv9zy2vj98j315baanaemvgfka4e03yv50bj2rtq9cpwqhvp6ddmd7mcdpnzs0tt60jbdfkvv8txmvbdwn78vz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%26client%3Dca-pub-3282547114800347%26adurl%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jn7rg7gz7jjj3cfz6v0vkdkfqg1kwp725zmz09dm04rx56my9dk67b96harexs2a3gge46525v0edax28a6wtnfnftte0zp390dgs763gvymg9zvbq9c957snwq9x526n5hr5zxjptb85zs2h3y4re4xm78cjd9eztwk92fa76szzn2dkwpraffdnqn4twhjyvrba3y5c64sae6x6e3ttz05p0eks5pcyff2zkamqeeh4he8zadyk1xes93bgt3ggy84zp2ywm1b22fj0e855sth65z8bbbbzbnd44xpn7095983vza626bkgznchj4vzpfecsjz4srv9zy2vj98j315baanaemvgfka4e03yv50bj2rtq9cpwqhvp6ddmd7mcdpnzs0tt60jbdfkvv8txmvbdwn78vz0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%26client%3Dca-pub-3282547114800347%26adurl%3D

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bad48ca3426c-AMS
content-encoding
br
rar
as.ad4m.at/ad/ Frame 3FC2 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab4f7fcb8d9e8c057d616c140dc3b17a7756ed7b81b45964bdfa130528cbb21
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as.ad4m.at/ad/dr?ed=1hm873ehmnkxt6z4t2y7x7am172psh6e990ywjh17yqdxq3hx9jd8f4tb1vbj6wmsq4m3mcp361f5e361s4bg37emhb0cmndp041rc7fh37r8txk0kgjx893z6q27q5nj9agp9fzhs9a0breehw2k102wvx4vme7zvnvechzw7cm0cs8b817e3eb9azqrgqch7xk0jjq0671d07f5avdr07ntxq3agpddj66gbxz4scja1tm01rk66xg7j276ddd412s75nm6st9cxgqg32rs8fn4xz3t2y1pcqqwvh1csrcqmhxmkc5zz1wgfcnjbzfsencpvexen616es3599vjz2rme418v02cqj0rka1c57ctb62n7n3mag9c5hh7cr17w2sbkckwm1g14bs51vt3cdc8kcnp2c0b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%26client%3Dca-pub-3282547114800347%26adurl%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hm873ehmnkxt6z4t2y7x7am172psh6e990ywjh17yqdxq3hx9jd8f4tb1vbj6wmsq4m3mcp361f5e361s4bg37emhb0cmndp041rc7fh37r8txk0kgjx893z6q27q5nj9agp9fzhs9a0breehw2k102wvx4vme7zvnvechzw7cm0cs8b817e3eb9azqrgqch7xk0jjq0671d07f5avdr07ntxq3agpddj66gbxz4scja1tm01rk66xg7j276ddd412s75nm6st9cxgqg32rs8fn4xz3t2y1pcqqwvh1csrcqmhxmkc5zz1wgfcnjbzfsencpvexen616es3599vjz2rme418v02cqj0rka1c57ctb62n7n3mag9c5hh7cr17w2sbkckwm1g14bs51vt3cdc8kcnp2c0b0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%26client%3Dca-pub-3282547114800347%26adurl%3D

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bad4bce6426c-AMS
content-encoding
br
rar
as.ad4m.at/ad/ Frame 4428 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a57a2203ae6e56c9e05e91ecfdebf81975c949687ddc6ea51f143c573b7f3d1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as.ad4m.at/ad/dr?ed=1hqftp2acb8gwzezcm6gfqk1w8kgvn39eaetq9sr3twdsx89b1kb2aw62cqggyz8z6gxh2czdmjb1h033heh9wt169bdxvfaztsx3vkm3dcysg1rhat0pzd30e5y40ss1nr1gsdnp03zntsc7vda7r1jmef43h5zbbvrfk5jd9ngczz6cxhe0dy4h9gf5g5b5v79es3veg1qtyejmjwhjmv031hdynvsrktqjr2pk25xbpa9yf2zceyc8jsd4nrkeg5yrrh6pehp3qw1fa4hz8s5gfydd9xa9ypj59bwv1cmhcaz7wwckjkjaange7hehc8rva4s8p3nft88mtq4qhm9hp5whdgvax5skj8rsr24g21ak34nhbxvw1h61krgaywvx8kdv0y3yz5rmk1f8hp26f0en338c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%26client%3Dca-pub-3282547114800347%26adurl%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hqftp2acb8gwzezcm6gfqk1w8kgvn39eaetq9sr3twdsx89b1kb2aw62cqggyz8z6gxh2czdmjb1h033heh9wt169bdxvfaztsx3vkm3dcysg1rhat0pzd30e5y40ss1nr1gsdnp03zntsc7vda7r1jmef43h5zbbvrfk5jd9ngczz6cxhe0dy4h9gf5g5b5v79es3veg1qtyejmjwhjmv031hdynvsrktqjr2pk25xbpa9yf2zceyc8jsd4nrkeg5yrrh6pehp3qw1fa4hz8s5gfydd9xa9ypj59bwv1cmhcaz7wwckjkjaange7hehc8rva4s8p3nft88mtq4qhm9hp5whdgvax5skj8rsr24g21ak34nhbxvw1h61krgaywvx8kdv0y3yz5rmk1f8hp26f0en338c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%26client%3Dca-pub-3282547114800347%26adurl%3D

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bad4cd10426c-AMS
content-encoding
br
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame D47C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 26 Oct 2022 06:11:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5A78 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=3264558835570243&rc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1646 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=556060901943839&rc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3503 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=2143231000418624&rc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 7A5A 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411084
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bad53df4426c-AMS
cf-bgj
minify
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 7A5A 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
475569
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ADPycduCLUo5Ug5XptA6NCTleQ9WDHkZACPZXFKrlA4VFUxTBTL9bJITvqzh0lOEhcBL8k8FROjw_pzmrbngRQFqgQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18872
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EowQltLgu9g4C%2F%2ByPciKehN8CW7GGYzXjLIE4xlQq99jpSJqkGq7M%2FdQe7WX%2FwcPY%2FQndN6f5kCfzDDFpdSdEssjWUY9g1ZyBBJ6PW7Q1fo71YsF8wqqx%2FQO9HdoC37"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
6a41bad53df7426c-AMS
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 7A5A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
481156
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ADPycdsUS7UGAGWeo6W4aXU9Ba01E1RUSzdqn-PVWR2NgUrrk9mfj4cAMUKJRoJnkUG8I0nTWobg0CT8O1h7z-HN6tU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1598
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7L%2BRCFgQ8rubFIChS910t4hbFdjb%2F62XtpAMQ8UuOMivsngDLOZc4LRh5navvgv3K%2BPJtH1XI1C1LqpGMElSV437ziOlgdGPbE9RbHucrHTT22%2Fj11BVRsJMpjp5sWE"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
6a41bad53dff426c-AMS
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 7A5A 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:50 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 7A5A 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
481194
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdvtWP6q6x58A87qEAkbzPQBtotKK64bo5zyar3W5_wvrByhhBFqYFjXpprZptw31f-zRHOTlrQ3IcuTacPM0bSRPUtLVQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oByAz6Ebb2fHRhgyCFTo%2FsNVOsZEjY61UKVxIpi%2Fe9Dyfixi63B7AjuJEgqGrU8A%2B8SbYPywqgZBl3y9kAwdp%2B8lemNhTq62hApy0yKohzAHyA2%2BS4HrVgPJPb3kdJdf"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
6a41bad53e01426c-AMS
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 7A5A 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
522704
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UxxYjv3YXTI3VSQfxYgQiyxu0V-Tuh2QiAbz4myGAqOeRCW_Mfa11RLYifIpQY5AqDVMF9HJ2vY8oo6L-yJ1B3lWvGYyQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
85737
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKGxppiXjWYCQsM%2F0WybHun8FybRJsFsRfAdvNDL%2Bj5%2BdaPJeloRRE56bJ%2BMO%2Bh2mCmAHzdyrHBhoAgBJ3xaNXFAnVeqot1%2FT4HTjPdTFRlgWxvTNph89pUhrvX1QSZv"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
6a41bad53e02426c-AMS
cf-bgj
imgq:85,h2pri
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 7A5A 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1602456
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycduE4kw57FRczPzc41nU68uVFYl3T-B9ZnlwtwFgcac-lb3gJCvfhVPQP0pvGYUnXKm81fY4ihWjp8YHDc4b2ZY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMrZiRERHTdUp3BOxRPu6EEjXiY4%2Bhm4nH6admIcSyaen1ol60x6hFjCzTmRBv%2Bf69PTBdo%2BWMQbIJGDU9PM9zywz5b0WWjkpqeXQShBy898VBTQTiK6mrOFwyQocPe5"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
6a41bad53e04426c-AMS
cf-bgj
imgq:85,h2pri
F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 7A5A 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1608392
cf-polished
qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid
ADPycduwzg-5pxkDuQnwzcwHHsLizGF1BrtcrMGk77V16IcjgtfqG0m43Z4evydKpz4mPlSmTSrfHV7Ha0RIsyNHjsc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35504
last-modified
Wed, 19 Feb 2020 17:37:15 GMT
server
cloudflare
etag
"9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QYB2d8e%2B5BMWo8FKwzlKNsEKabfg2SYrn8AZb0njBRqbmGPkh6X236UAe9xW5QcNwfnsEOhT7VCiNJZl2Xgz1%2FS3fT2yHcu96m3i0x4ADfkx5qVmOfjMvKdH%2BM%2F8Wme"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1582133835673152
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
40264
accept-ranges
bytes
cf-ray
6a41bad53e07426c-AMS
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 7A5A
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJ6i1Ly95_MCFc5R4AodA1cCGw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635230810_7f6d1610-3628-11ec-8a48-2265030db828
0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635230810_7f6d1610-3628-11ec-8a48-2265030db828
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.139.77 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:50 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
0

Redirect headers

Date
Tue, 26 Oct 2021 06:46:50 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1635230810_7f6d1610-3628-11ec-8a48-2265030db828
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
rs
ad4m.at/ Frame C5C2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
bf860778f7876ce450231b501e81dda7cda2d16a7eab83b4cc90e954673c60e8

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6a41bad579d239bd-CDG
date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2OOdMf9H9GqyymQtXqjCOi%2FHTFLq4Ov%2BAuZksESHxYcSZw9LwjNidVfejkb%2FEsAgc%2By7pamea3hgd%2BhgrRLbFtyEj02fJ3TlitXGPmyvEEQzWMru1MfXaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-d4ff
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-d4ff
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmuNwaRszrqCFFVtzJPB7gVsEsA6A1paDWV4lsLYQlPHiZM87u9fHzsb7qXPgEr1HfvYO0dO1Ypz0cDdhQ9DQmbOuDwIKICmkPLIKgxA3XnA%2Bh1xoKN088w%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bad5497039bd-CDG
rs
ad4m.at/ Frame 8B01 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fcf83238e7fd632f6815dd0d6c1c45c5f14058b65a7ba59f16971c6e9acb64a3

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6a41bad579d439bd-CDG
date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSMYoQNIiXhC8Ij9exwYpMrkp7ThmDsbHkUMzJiuFxyn2AsOxFDelYcJJCxLUAJh%2Bx2%2BG4ESZLmdKrd3Mqi2D6K3gUU%2BAGRAOljudh4y9w2ZRky9KK4xTG0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-d4ff
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-d4ff
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsUHgMJMpPIyILDYGzXmDSRW5I%2FMv%2Bz6u7R7FpL%2F13yqS9mApBstK4pdI2Gec8%2BtAi5W%2BnkVQXzRbSIfBuCmtK%2FX%2FgioGZtbcV8UQt72UPh7x2jqKIUYRFc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bad5497339bd-CDG
rs
ad4m.at/ Frame 51BA 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4bcbfd05dd5bd99c264d4167f55cd4f4f3ebfd999d458a93a93562123c59a927

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6a41bad59a0739bd-CDG
date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33l3OKj3bKxCDijfjqhFxZ55iBZ12CV7zSWt6eBOLvUK6jSP3f3VmazBFKPK5vboM8cxptnTLbBEJxtG%2B5hA6rhltwsx0wRoRcOGptFL16CnrtWs7v2Cr38%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-d4ff
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Server
172.67.74.129 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-d4ff
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71ZwYT5%2BiQsBKgRA%2FROFCiiBTwOsKbfOhQYlWASFsIAB0spr4Udm4uLrwDwscm1tM%2Fu0ijnwti3NwQwQmZDBds9J5Ez5JUoJ%2BerIoCGpDrYGUtE58v8WRjo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a41bad5497439bd-CDG
sodar
pagead2.googlesyndication.com/pagead/ Frame A35C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=3528714001232785&rc=
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame EEA6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 26 Oct 2022 06:11:18 GMT
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 1A12 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 26 Oct 2022 06:11:18 GMT
link.html
track.webgains.com/ Frame 7A5A 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fponeid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&viewref=oneidr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhdoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=ba99126be4914b17acba8c1d89474ba5%2F3762291456428057855&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810089&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gdx17axgx2dhh5ya87rq621qc0a94t3fwe26tdchdyzg7n8mpxrjymwarpj6ewb0d8dxpzdppxeqnnf6w9j0k7851dstpwppgvta0q5rfc6yktvz8m1dwf27fyzmx4v3jhmb26y5wr3ar82crrekk6qqrtk5tr8fy5h6y840jc1dq3t8mtp51sx6378rsypgqbanybezy17thmeck107gnb0zdghxwkhn18w379bakmspxqey2hcdaen800644egj909b3qsb0k4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLpUHV6R3YcLMJ4Xs3wPu14DYDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0HS11wmFTCEH97mhwz_8pqPOrwkgQHsTB-HnfuFXJWFUDdDx3Jeiyi489exwdPu6TEbl-wFAcRU97b-qi48YKvGUp5UU16QfGQIbQft-2gFqQOgttmfbmeFVdQts5cgUIjOxAWqUA8lIHscjlrJUnSScOIGfYw9JEl0k2Md3o5645d9izzAG1GXZrO_l9UPvglGfeMm-Y0OwwN36J_NGKwhR-bHNHX7BcIo8M8sRUAZvT6iyiNpqGhkiksx0zyLV9zprs5-fWATckwhmAZk8MnFqEyexk2Da2CmEPXQ_m-5c4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0VYrbAObWDTg7WgVU3WaTLSL5BSw%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:50 GMT
Last-Modified
Tue, 26 Oct 2021 06:46:50 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1390
Expires
Mon, 26 Jul 1997 05:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 6F8E 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411084
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bad5ff28426c-AMS
cf-bgj
minify
D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
assets.ad4m.at/logo/ Frame 6F8E 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D54F5BF8250014B560DDA5528F9EFEFB9AD1D25B1E300CF26DFD2216A03F59C60D5DB96B13EDCD12B59FEC4E8E1B8D03E4412DEC334D0CAAD669E250C70E8914
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=zQSWoA==, md5=JshO+ccZ9c9hWnmahmfS4A==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
475342
cf-polished
origFmt=png, origSize=17428
x-guploader-uploadid
ADPycdu4E7GhIqiinz8O7RvQ1LQeGCHbl_M4kVGNwyzXKL3RJWDb50FEmS0VEVEZ8TuyzSR7Oglb3u05taTYMctIYhI
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6390
last-modified
Wed, 18 Aug 2021 10:34:33 GMT
server
cloudflare
etag
"26c84ef9c719f5cf615a799a8667d2e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5h2wV7cnGveuAxWc%2BYo0BFuSR5mcoONnCNLbl836d5hX9G1sLw8UhSf6oXvXDtvhMWccxI43vJSPc5xs%2B56GUgTsXg4y8NV4wiXk6dPn8dr%2B%2Fmew5lX%2Fs3doNyAlajJf"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1629282873725600
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
17428
accept-ranges
bytes
cf-ray
6a41bad5ff2b426c-AMS
cf-bgj
imgq:85,h2pri
8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
assets.ad4m.at/product_image/ Frame 6F8E 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/8F6DB649B36119992977635B7DFC1AEC8038789E2BA57D893E4D16BD92088067D7790231E30A7BA7222FA8CB262652272D022B0227B6C5782927768B42292C97
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=nSkqBw==, md5=bZJ3Zgn8rj01Yns5h/mx5Q==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
754840
cf-polished
qual=85, origFmt=jpeg, origSize=82379
x-guploader-uploadid
ADPycdveeIOPzUC9IR7cumHOj7FCZRC8bmSjifAygs48Cw2_kOPfsaZZSZZxXHKTigz1j75xAq0Wvk46jEOZ4oap1aPa8Ffkbg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28448
last-modified
Tue, 03 Aug 2021 12:47:14 GMT
server
cloudflare
etag
"6d92776609fcae3d35627b3987f9b1e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2o0hKXjbbJYLBg%2B6e91JZRFSd4SlBTnRWlMXsocddUNJPAwQ%2B6SLFiyicTZQeFqMH4IBtQJz9twdTrTlqdFwf%2Fty0bzW%2FW%2FGHAhC11TmrwRx15IpfZTxqfZ0x%2FPMaqq"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1627994834652806
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
82379
accept-ranges
bytes
cf-ray
6a41bad5ff2d426c-AMS
cf-bgj
imgq:85,h2pri
tsv
neso.r.niwepa.com/ts/i5542019/ Frame 6F8E 		43 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neso.r.niwepa.com/ts/i5542019/tsv?amc=adnetworks.blbn.455799.471580.CRTJDe7y2sn&smc1=oneidzmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFWoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
35.187.117.15 -, , ASN (),
Reverse DNS
Software
nginx/1.13.9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
last-modified
Tue, 26 Oct 2021 06:46:50 GMT
server
nginx/1.13.9
p3p
policyref="/w3c/p3p.xml", CP="NOI CUR OUR STP"
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-type
image/gif
content-length
43
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 6F8E 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1608350
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdviOajA2mjKHfh0ORiZtJ_9HkO5WOHfazLnprg646eD8pU4zxzoWd5RM7etz7LE3Vr4LwRHtewkRD5uigMqxvZl7rx3Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOsLG3vaeB1KpYXAFcXAImpT%2BGp3uPznEGrERMWe5lk6FwkRvK38Y4NznRxfhcv0ZhX7IcjANHUt61Dm43%2FroevcXwn7zdzPXY9l%2F23SldK8Coj7fEBlrCl%2FX2MlKPgl"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6a41bad5ff31426c-AMS
cf-bgj
imgq:85,h2pri
109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
assets.ad4m.at/product_image/ Frame 6F8E 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/109EE3CB1BE1B04C85A5224FE47F7D1E6FD7C4CC910F5788D57230F6604B337EE8DFD5BDB0744F893DBC4BBF672B71FDD0A7B81C19E57D2AE8FA59F3BBFD7681
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=HwscaQ==, md5=QEKMkuOfQyYKQIg2TmID3Q==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
589187
cf-polished
qual=85, origFmt=jpeg, origSize=109711
x-guploader-uploadid
ADPycds3qYytU_5BcyTD_XUQwbtrP_TIQPRHERchOSPvIcUCU67EMZajSi6YTGS5mAIQf7IocREortrE-aXgUcQrkzQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20822
last-modified
Tue, 19 Oct 2021 11:01:17 GMT
server
cloudflare
etag
"40428c92e39f43260a4088364e6203dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fp%2By0H3c%2BVZVJN3ui1sBLu%2BeqxU%2F0jvn9sQkzEcDC1L9sCIK%2FpwFyaruNsDctSHB3G5pnnkIn%2BNH9LPBIpcTgkuY8QW%2BR%2BD7Z%2BrPwvWxNysCha3aBGx8zA9pPnnR%2FPyR"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634641277633965
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
109711
accept-ranges
bytes
cf-ray
6a41bad5ff32426c-AMS
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame 6F8E
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneid8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tkoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneid8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tkoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021102608465057693622797X117663V1225131106MSoneid8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tkoneid__asuidaRk-xK3z...
0
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 6F8E 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
475636
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdu75l7cXdWOmsa80kMOA4JZpZYt_g-gtubu3IqX8yxDRm7I04eV-XThPXq83N4b0wQorZkqbzmmMLsczwDfIQoZ-Vpk3A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vrbEUagwqahrTe0A7RWHFGCAxALu6B0hKoUH7Q3mBiVGv27WcSJbDdYYPA9ApQdkB7MPA48HuL63uyp679%2FckNNBNjT7vlUtLCIaWyAUzQnEehK7kB9GAarFSvIqqvR"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6a41bad5ff35426c-AMS
cf-bgj
imgq:85,h2pri
26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
assets.ad4m.at/product_image/ Frame 6F8E 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/26828D6A2B7AB8CBF0BD7B12A4C4174B36788EB53D97F67629064D2A25EF1C665B2713B39242B63E13EAC36EB9351683292AFEA0E72E0EB1131F26ACCAD28AC2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=161178%2C161594%2C19877&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2C8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tk%2C7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuM&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CZxJfwfBfRe2wcmHDHDtDCJJwHVTXTx3qaJ%2CEjeTDfEf8ZEHzHAHjt6C441HqTVTZAGT7&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=104638558f937b4f5a44d1f44c611db3%2F11647827269618735568&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810246&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jwxa19y76bcv7dpbcgs9qtanvgw8g4jnsdaymzw999p3ryg8qvs3y9968hgvzbmntz2xgxdcdhq58sca2861mcjcfk3d239ns2q485sym3djk5s1bh2y28cbxb46mbnzk5amq46z0sm73s2ey6hxsgzvechvysdh3h4v13r0vbxhrr971f10hq5d02b6q5rsge7rvtthftqc6hptw4hz1zf2t96cpd4a1gya41m84gtxc899nc8jz8d3j9zax70hfc68jjfcps9r%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCDHAxV6R3YZqUNom-3gPY6qH4BJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQIywPOHj3azPuACAKgDAaoE4gFP0IV3XMhgxCh6Hs6UAP1qhW7tos_WTnlo7cQHM9pkhP2yjHgAHqTjdGbJWrWZK2HFjkZIT3XHw1TQfyC6nEEvtSVojQdYCvDlCBbUWu6Gx46ewOkOv9lrH1etrfanLGYx-jQvCB9C3_MqZ3NR5MSG77fwMV8CpqmilHe07cEezWy9jiCWYgjkYXnWeWGJtKd003WFZbzYIyP3E9pn0SiANIaAs4nb1P94B_jmCGR2C6IzQ_KuctTChBETwPHvtwDEyOyaSegV831Sr9GF2kNDJigTUpCIx7SYUWEMVYUQ1vlJ4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_05tKYXjszMqXYthtSnjQCnfX8N2g%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1189ccbd0346d7aeb090d8769592e0285599a29122ffd5a0a0ce9c039412387c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=UIcfng==, md5=WdNWx4gdrvbwTy1Z36jlTw==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
473716
cf-polished
qual=85, origFmt=jpeg, origSize=80186
x-guploader-uploadid
ADPycdtwb8efxTmqfSG7nTrLIB9WCtsMWh4mKjuP3qbDkpGQNkzcvyNmGhMmQKWjpVC19kxznMQkxNh_blbbvOv6t_Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31900
last-modified
Wed, 10 Feb 2021 09:05:09 GMT
server
cloudflare
etag
"59d356c7881daef6f04f2d59dfa8e54f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZQws%2Fkn0DqVMKMdOPmAq6k9FZSs62cf4D0UrcFYiQLsWE7DcHCv4YCg%2FrcbbR4pLHvHMlKUbpkVx%2FRnwsTB3PEAVgg78STvXqX2HmKpDLldPmivKlq3frllu859j4A9"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612947909004757
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
80186
accept-ranges
bytes
cf-ray
6a41bad5ff36426c-AMS
cf-bgj
imgq:85,h2pri
/
partner.o2online.de/a/ Frame 6F8E
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneid7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuMoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneid7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuMoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021102608465057693622795X117679V1226132702MSoneid7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuMoneid__asuidaRk-xK3...
0
0
rar
as.ad4m.at/ad/ Frame DD2F 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=56666%2C765%2C19840&b=9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2Td%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAGT7%2Cm3AsefGfARbfmHZHZtzt6rQtDTwTX8AfA&f=13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7MjfA%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQT9%2C7QZTqfzf16VCrHXHgtECkZ5SGT1Tr9ZuM&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=2239bd0826168675d51c52c5466b5264%2F9327653644529426845&i=22427%2C1676%2C22610&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810491&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kt1y4jt0nvh2jf6yr97v6f7j67xxjkx7dqa0a57be6eag1xwgcaxg3d5cegvf8c5kmew4s2jt7c3cg1wznb2n7atf6332yx50p12zxgwzaz6n707arzkvjyjaekdkqjxxk9f2hwmsqmgea6qkdzb0vzc4hqtw2yccnkvnrc5sg7sztdwmj9v1zvfdbdfq9rf8ck1hpx33es8y5va82d15wk11h1ec4qzaemrtpd2dbhkgpdqcvjqq4sck59m8bqehj98vxqke4g4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYAUnWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTiAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctwUfOZlQKwD52iqoQ5ejFMrZ_o4uAngBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0Sxl_WqCWT4-KzPG1DCvRWvt-YXQ%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=56666%2C765%2C19840&b=9jeTMfmf11YBaKHBH2t7tG5zSwTmTZY2Td%2CEjeTDfEfgVhzHAHjt4tq6daqTVTZAGT7%2Cm3AsefGfARbfmHZHZtzt6rQtDTwTX8AfA&f=13ZsbfKfDDY2U9HdH9tpC6M4uRTKT7MjfA%2CADeFYfqfBRuAHRH4tMCeYbC7T4TDVQT9%2C7QZTqfzf16VCrHXHgtECkZ5SGT1Tr9ZuM&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=2239bd0826168675d51c52c5466b5264%2F9327653644529426845&i=22427%2C1676%2C22610&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810491&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kt1y4jt0nvh2jf6yr97v6f7j67xxjkx7dqa0a57be6eag1xwgcaxg3d5cegvf8c5kmew4s2jt7c3cg1wznb2n7atf6332yx50p12zxgwzaz6n707arzkvjyjaekdkqjxxk9f2hwmsqmgea6qkdzb0vzc4hqtw2yccnkvnrc5sg7sztdwmj9v1zvfdbdfq9rf8ck1hpx33es8y5va82d15wk11h1ec4qzaemrtpd2dbhkgpdqcvjqq4sck59m8bqehj98vxqke4g4%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYAUnWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTiAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctwUfOZlQKwD52iqoQ5ejFMrZ_o4uAngBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0Sxl_WqCWT4-KzPG1DCvRWvt-YXQ%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as.ad4m.at/ad/dr?ed=1kdwra9x5629yc226qgk405v86qkhm2bvz3t6ezrba1ew160ecy0ws9w18tfg4k762yvxk19kev0zg83y77y3pj7c20mp3vharynxxz0bqqk4b5gnttv867q2j4qzbmq823hpdcm7rngnjsqjj4x73dyx3be9avfr6v5wq8c7br5nrgxw4s14j1azrha8j28ynr1v2pahme1zvsnvygd5dsj7789dk8a7xxsbcjsfhha9ved4zv7bzkykqypf2zsh5me68ptxdjw2bajxm5jk6k9bdaztygprb7800b34bthqhr75p3nmypyq5wx7egj1p85cd6dwdcnpkg47xpe50cxem5sxzpr75912qykxar6wmgtnv6k8jqqn34spz2bb5cmedq2a0vyz9d8xzr7bghe2j0s0z5hmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYAUnWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTiAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctwUfOZlQKwD52iqoQ5ejFMrZ_o4uAngBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Sxl_WqCWT4-KzPG1DCvRWvt-YXQ%26client%3Dca-pub-3282547114800347%26adurl%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kdwra9x5629yc226qgk405v86qkhm2bvz3t6ezrba1ew160ecy0ws9w18tfg4k762yvxk19kev0zg83y77y3pj7c20mp3vharynxxz0bqqk4b5gnttv867q2j4qzbmq823hpdcm7rngnjsqjj4x73dyx3be9avfr6v5wq8c7br5nrgxw4s14j1azrha8j28ynr1v2pahme1zvsnvygd5dsj7789dk8a7xxsbcjsfhha9ved4zv7bzkykqypf2zsh5me68ptxdjw2bajxm5jk6k9bdaztygprb7800b34bthqhr75p3nmypyq5wx7egj1p85cd6dwdcnpkg47xpe50cxem5sxzpr75912qykxar6wmgtnv6k8jqqn34spz2bb5cmedq2a0vyz9d8xzr7bghe2j0s0z5hmg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYAUnWKR3YYuIFqGFlQfc4q0YkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzI4MjU0NzExNDgwMDM0N6ABwq7o3QPIAQmpAsWfM4y3d7M-4AIAqAMBqgTiAU_QXyKKtpim_oOgmQ6LJcy9BIepAAcSLpcsgm61B3o8bamw0BrUC6aBusRqWEO66gMtsAu8KMVRr4TOkHASkEnOLXjIHDJlgpwooTV8LLF5wGtnfPKUETuWyH2QWLkSzh9ccd0F_yPeUEKa2u0qLm1fMAvN59tN_51JTNpn6GWX7r7LnH3O7UoZl5CwtgD-zaHXgQu0jD4wlXNZi2s-T-Q1BpBovBkO3ouGRbAuT7yhWvllv9ffkWKAfuzRZPMTLfb7_8UZRmPVWZnCctwUfOZlQKwD52iqoQ5ejFMrZ_o4uAngBAGABvG6vsHMg5-1_AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tMTE3Nzg0MzYxNzcwMDU4OPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Sxl_WqCWT4-KzPG1DCvRWvt-YXQ%26client%3Dca-pub-3282547114800347%26adurl%3D

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bad5ff3a426c-AMS
content-encoding
br
rar
as.ad4m.at/ad/ Frame 578C 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=af13e495a88df0eea36838b00d59c3bf%2F17593796819662339678&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810494&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k3hy1bg3yrjrf59v3n8kz5d710z9pnqtfe1dfgnaspy0bekczmc1wfem53gs24x3e4csgk0y3n2hsq2bywbrf1y5bmaxas0bvdegtc8k4bmswcx1xsz8gxwhz0rr9dtsyc1gznys9vcwy932h5t8b71tmsxj0kv1e17wt27nbzcegqnnz9g8ee9spjyeyvw29bfmzp5cxemh9x864k4xjapq5kd3vz3s50gevctm2xvq60fh8x9nq1ww78d1bnat9r8ntzjcc4xr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_QO9WKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelDPIlHs_ZVmNnB5EYIeGPoOLZr65m-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0N4Q_l61RmBjzPIfeIbON5xTwMEQ%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C24673%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8Ja1%2Cr2GcQf9fd3jTAH7HjtqtBwxu5T8TKxdhd%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJs7&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8rFV%2CPxefBfbfRbzh9HjHbtgCPzEHZT9TPM7Fp%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKPfJ&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=af13e495a88df0eea36838b00d59c3bf%2F17593796819662339678&i=25007%2C20430%2C25174&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810494&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1k3hy1bg3yrjrf59v3n8kz5d710z9pnqtfe1dfgnaspy0bekczmc1wfem53gs24x3e4csgk0y3n2hsq2bywbrf1y5bmaxas0bvdegtc8k4bmswcx1xsz8gxwhz0rr9dtsyc1gznys9vcwy932h5t8b71tmsxj0kv1e17wt27nbzcegqnnz9g8ee9spjyeyvw29bfmzp5cxemh9x864k4xjapq5kd3vz3s50gevctm2xvq60fh8x9nq1ww78d1bnat9r8ntzjcc4xr%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC_QO9WKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelDPIlHs_ZVmNnB5EYIeGPoOLZr65m-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0N4Q_l61RmBjzPIfeIbON5xTwMEQ%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as.ad4m.at/ad/dr?ed=1jac426eaq86yk5w1xvax0jhx0g80f05zbfexbzr4vrq9ze74zcqdj9ff0edq455qpnmdb3tvtgwk747mgqph0k6zzqxmqj8r3yztxze8f314tyq7k3qnbj4p08cpveb3jynbmccphdq0f6x9hdy3dhhn37cx7wbcexrb05k9bs3yf5v2sbmebgytqx838kg6gg32hra1sz8ef99c6zzkmdjzgb6xmb096vbf15wxjp5z453fv11pr3kjvqc5367qvzrmv2y0e3g1zcpgf834b9qsma2jhfz86p9myb1x78mp1yffpw2hyygt15m25ghr2wvn2t1p06gb338sgz7n98hv5e0ca81z79qfxe7vnq9c47yq9w82hxhffx9nvg36852p9q2ntwb7pe0335vmrzq6kaw8zfnjg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_QO9WKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelDPIlHs_ZVmNnB5EYIeGPoOLZr65m-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0N4Q_l61RmBjzPIfeIbON5xTwMEQ%26client%3Dca-pub-3282547114800347%26adurl%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jac426eaq86yk5w1xvax0jhx0g80f05zbfexbzr4vrq9ze74zcqdj9ff0edq455qpnmdb3tvtgwk747mgqph0k6zzqxmqj8r3yztxze8f314tyq7k3qnbj4p08cpveb3jynbmccphdq0f6x9hdy3dhhn37cx7wbcexrb05k9bs3yf5v2sbmebgytqx838kg6gg32hra1sz8ef99c6zzkmdjzgb6xmb096vbf15wxjp5z453fv11pr3kjvqc5367qvzrmv2y0e3g1zcpgf834b9qsma2jhfz86p9myb1x78mp1yffpw2hyygt15m25ghr2wvn2t1p06gb338sgz7n98hv5e0ca81z79qfxe7vnq9c47yq9w82hxhffx9nvg36852p9q2ntwb7pe0335vmrzq6kaw8zfnjg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_QO9WKR3YYuQGYyR7_UPht2HkA-Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCgkGuhSN3sz7gAgCoAwGqBOIBT9CVR2Wl4jnJqGPei1j9HwWXi8ivbeIJtkFLR_rkepO7ixFhzSv_9ENpb3owRHfcFzounA3cvbMWkGTvcaRw0zGMo8PgC3b9JF7pZMnda3oDNVu4CRhLZ8QjiRONG5XfkWCwM4i7CcjQSFkVtAovm4xMh-Xn9N3QNKWi5ZQ15E4sGN4JYDtnu3ZTH0b_0mpfKaBg7NED7RhEWtJjhT97LaZooqygb3aVnZj697qT2KBY825lErIlKKd3KLijWiKt3MzP-2pHxnDdDYBelDPIlHs_ZVmNnB5EYIeGPoOLZr65m-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0N4Q_l61RmBjzPIfeIbON5xTwMEQ%26client%3Dca-pub-3282547114800347%26adurl%3D

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bad60f3e426c-AMS
content-encoding
br
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 06EE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 26 Oct 2022 06:11:18 GMT
rar
as.ad4m.at/ad/ Frame B117 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=161178%2C37798%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=663fe86585a1b99aa877f767806f4e2a%2F11435454982926394521&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810508&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h7mnxe3gt4bt6ze26zww85apdtz01a3tnbavfyevaynywjrdpb6r1e4vdktgdxd52fennhrzz1wrang0jnpr48t3bwtepeh3mj1zc4zhpkrs5qk3gpjdq1skzc001ka4rby3wejyga5hwsgkw5aa3jvz6e0xd8n27dqcd0jzdmbqq9bhvkjgn8594d1p7q7vad5hs41ar2f1ba4mb1x5m99gn31bf5f9hc338y0tccak0380nj7rzr1vcaavnfpc2970dd0tvnzy%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNUMxWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4tYqWCKkwOodaHHcAnK_548kQL0SGOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0RAIrtzkQuqd0ubr5z3zDXAD9KzA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=161178%2C37798%2C157265&b=zmrcRfYfkMQACpHBHMtqtPVedCJTwTgBqFW%2CADeFYfqf5Y5CAHRH4tktMMGs7T4TDVQT9%2C9jeTMfmfVzWgCKHBH2t7trr9UwTmTZY2Td&f=8RZUDf8fez45TgHJHEtqCeA7gCPTwT8J9Tk%2CMxefzfrfqgqsWHEHGtQC661t9T4Tb6ku3%2C13ZsbfKf6A9kC9HdH9tpC22rhRTKT7MjfA&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=663fe86585a1b99aa877f767806f4e2a%2F11435454982926394521&i=65236%2C20773%2C20774&j=52%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810508&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h7mnxe3gt4bt6ze26zww85apdtz01a3tnbavfyevaynywjrdpb6r1e4vdktgdxd52fennhrzz1wrang0jnpr48t3bwtepeh3mj1zc4zhpkrs5qk3gpjdq1skzc001ka4rby3wejyga5hwsgkw5aa3jvz6e0xd8n27dqcd0jzdmbqq9bhvkjgn8594d1p7q7vad5hs41ar2f1ba4mb1x5m99gn31bf5f9hc338y0tccak0380nj7rzr1vcaavnfpc2970dd0tvnzy%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCNUMxWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4tYqWCKkwOodaHHcAnK_548kQL0SGOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0RAIrtzkQuqd0ubr5z3zDXAD9KzA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as.ad4m.at/ad/dr?ed=1j9zk28smej82epga63ktbq1xasrszc8pq6mmtpdxxfa86wba1c9dny6a52k8v70kk4ar9f2ffgm9n41v6vjvn9w83wfdcyw5nf0gf9671r4dyjzkb4eft2cs7xxnw6kej4ezp64g74877berv338gt62qsz7waaay6w34tp2pydw2pqd97cdct6j72v10gtanc73ecw25d319gy016xvdav3r46e121v1fm2z5m2twnd4dthvftgv48w1yfwtsm9fgre6v2e6mv7msnzkwrfjk58ws6tbntw1nv78fn44gg6ym0b4aj32drhp7am8nywrtzrswpp137xbgresf4pqwx6q9rmm46ww2eaqyencm6nwdtsbtvjsj2szx74ed2thvsbxr5cv7pw5earzzgy2k3gcdwf41dv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUMxWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4tYqWCKkwOodaHHcAnK_548kQL0SGOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RAIrtzkQuqd0ubr5z3zDXAD9KzA%26client%3Dca-pub-3282547114800347%26adurl%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1j9zk28smej82epga63ktbq1xasrszc8pq6mmtpdxxfa86wba1c9dny6a52k8v70kk4ar9f2ffgm9n41v6vjvn9w83wfdcyw5nf0gf9671r4dyjzkb4eft2cs7xxnw6kej4ezp64g74877berv338gt62qsz7waaay6w34tp2pydw2pqd97cdct6j72v10gtanc73ecw25d319gy016xvdav3r46e121v1fm2z5m2twnd4dthvftgv48w1yfwtsm9fgre6v2e6mv7msnzkwrfjk58ws6tbntw1nv78fn44gg6ym0b4aj32drhp7am8nywrtzrswpp137xbgresf4pqwx6q9rmm46ww2eaqyencm6nwdtsbtvjsj2szx74ed2thvsbxr5cv7pw5earzzgy2k3gcdwf41dv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNUMxWKR3YeHkHdiW9u8PqoGZwASQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjgyNTQ3MTE0ODAwMzQ3oAHCrujdA8gBCakCMsDzh492sz7gAgCoAwGqBOIBT9Ck09OkcBjF_sbHRdmr0AB1GcFDy-P-Ujwz1mmDuUpIidl85aF3B2-JO2c5YD64op8ukXHm9PTNxDgid7wfpd7z8bsCL-OLc6nG-QBjHpEMsymKIs-ifjZxdqJp31einvLEP0CDqcPboreyANZqW5BFMixIzncpWTuAJ5t44_EdI6Oulnn3TOd7RmKM4_c17s3cTVAJCenq0ff8-fmuWhRACyHzQzT8zLv68v9WSZceoMtXuwCghH-uvD28QWLEiV4IObNk4VWojiYa4tYqWCKkwOodaHHcAnK_548kQL0SGOAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMTc3ODQzNjE3NzAwNTg4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0RAIrtzkQuqd0ubr5z3zDXAD9KzA%26client%3Dca-pub-3282547114800347%26adurl%3D

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a41bad60f54426c-AMS
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 3FC2 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411084
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bad63fb9426c-AMS
cf-bgj
minify
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 3FC2 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2285650
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ADPycdtaPLhXvvlICSmMWj_6M80hoC7YDlUBZ1QkvXfgwTsRAbArQ-TXo4Kr0CH1esuPNozOWqE-Lzn-rRxBu4nc2xc1aamQng
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39202
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cICifP8%2BkfFbEYF%2BzcwmruAwblPHQXOf6ieSfickXlzeOwzco7bt1yFzfnB9ckvLWDLiGw5eDZupUSCdfOzV%2FoHtFfKI8FflX%2FLb9O3OcPpv9s5%2BrDpMMrPQiDRTxkVD"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
6a41bad63fc5426c-AMS
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 3FC2 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1602640
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ADPycdtzuNE1_8YAZwoiuhBD8k1uLboMGa_-yLYhLFHz83YVMKvEqYZmq88FOBtO0ydQBRj28DJ5_mG03_m0OQwlI34
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
115268
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQT6UyGEMEHd7jagc1cwgLyBy%2FytB63sdbBAqutusp%2BEq2tw4OLsp8IT%2F4N1N4gGqFd27eJ0nQ6jkLplbeaQqE88KPkqcSr51zSFwyIxJYKRWn5hUrKpQMkLYJrdpzVA"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
6a41bad63fc8426c-AMS
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 3FC2 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:50 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
assets.ad4m.at/product_image/ Frame 3FC2 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/BC76DD0E919620099EE85B1BDE4022C4E2E111558142CE52A7FEF9001FC27649B8883EE48F8FD78E42741673890C9FCB712B21CE460E771077051351A3574B7A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a428978ac6d6e099ebe300a285fcd25f9bb91facf7210a830b5df228524b2bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=XpYYSQ==, md5=hUTvKH3ITIHGC57UiHB42A==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
475300
cf-polished
qual=85, origFmt=jpeg, origSize=91728
x-guploader-uploadid
ADPycdsY15j5kuqpwTN_UNNQqQX7uq_7iDDVQBVpHyH-s_fIVotmvqYZ_0rbeYiBJ2N0i8h_9FRdkz6qxzMwFj5HJf4VEPpvZg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33156
last-modified
Wed, 25 Mar 2020 13:46:38 GMT
server
cloudflare
etag
"8544ef287dc84c81c60b9ed4887078d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfHRvp3wiCB%2B7L8OHWbtgktJ6UiSzTkTUwndmIF%2FCyytXGnycC3EKRw4n9U663%2FUyk28XMxb8lgmCo9VdETGrAlGk8EEmHMjm7npYPzBocrHzQ5bbJWTNb4ApaH3%2BUhP"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1585143998277875
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
91728
accept-ranges
bytes
cf-ray
6a41bad63fca426c-AMS
cf-bgj
imgq:85,h2pri
63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame 3FC2 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=6d5z5w==, md5=vnImUageZAe9/YM5SlniMg==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
482743
cf-polished
origFmt=png, origSize=15890
x-guploader-uploadid
ADPycduPnZIvSz-8NTPW0F_KV2Yr0-k7j9_BCn4t9mbRyR_bn4y5c3oM-SPPYqprlfYdOVE4w9FmVRtq6kUyd7oGodc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6208
last-modified
Thu, 16 Jul 2020 06:05:30 GMT
server
cloudflare
etag
"be722651a81e6407bdfd83394a59e232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNHIpM9Yk2jxKdWIR72PnfGoDHYc75WqzLsVW%2B2BH2JMa4r8jjIjFRtESOSyhk1ftALTso8o%2BtWKhDycOXNQylRNHIh1w8pwupVTz2T%2Bqnj2DX%2FPUOcFX%2BH3WMw4JfVW"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1594879530502671
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
15890
accept-ranges
bytes
cf-ray
6a41bad63fcc426c-AMS
cf-bgj
imgq:85,h2pri
1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame 3FC2 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=z6IwRA==, md5=1A70ndCinKDnYB0bQF1NeA==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
478801
cf-polished
qual=85, origFmt=jpeg, origSize=25987
x-guploader-uploadid
ADPycdv2FiEZa5df23PCJeHzt_wOkUQ3Vu_O7IbUJd2nixjxHL-qzmYXtIz-15ZYZNjNA4NSPbTjKgW-hZc7kRkVqCc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8886
last-modified
Thu, 17 Dec 2020 12:29:34 GMT
server
cloudflare
etag
"d40ef49dd0a29ca0e7601d1b405d4d78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2Bqe%2FNWpMpUWWyXc3LT6zn0FHMVIZNGpWj2dEX8OXW9TgQk6256JUtWPzDqhW7Nk325xjJAtTe6m8h1b3YAMDpBmto7Rd%2Fegj4qY%2B%2BHctGPXhnnSAqz1O0q3pHnrXn%2Fg"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1608208174589657
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
25987
accept-ranges
bytes
cf-ray
6a41bad63fcf426c-AMS
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 3FC2 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneidZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:50 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
/
www.autohaus-koenig.de/htlp/ Frame 7C81
Redirect Chain
  • https://campaign.mobility-ads.de/highTrafficUrl/1.html?idPartner=39&idCampaignAd=0&subId=&subIdentifier=oneid9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Tdoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_...
  • https://www.autohaus-koenig.de/htlp?coyotetrackingid=386115884
  • https://www.autohaus-koenig.de/htlp/?coyotetrackingid=386115884
531 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=386115884
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C22472%2C64769&b=e7RC3fVfYpcjHZHet1tbrzUjTQTx8Ja1%2C9jeTMfmfAgXuKHBH2t7tJwPTwTmTZY2Td%2CZxJfwfBfJk4xamHDHDt3tX4XfVTXTx3qaJ&f=DjeT3fwfe9T3HmH9twCEjxTWTmTk8rFV%2C13ZsbfKfrkxU9HdH9tpCbJEtRTKT7MjfA%2C9jeTMfmf12zetKHBH2tzCRARawTmTZY2Td&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=9d8bec757071ef03d4de6dc8f0912df6%2F13179035448654932248&i=9719%2C27323%2C27835&j=16%2C50%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810273&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kax7e17zvr3m7rp3b8qpjkc8mgkpx4mjv8jms1f4hd8gnpbk45x356mza7zaq3x03qjnec0j1g513yare10srccb2v3efsbm3vqxb6q35rmbvvvnd91gx1y3adswenzn847phzkmhv2513qyc8n7enm188varpx20ns4r34z95ywpmqpcygh4ce4zmrj5yvn6d79msdjkwky3nhp0kzazb4vgep74sgkhb1dyvzrjm4dck0kygdm77smkq2j72qmhrm48q3ezq70%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyZ8TWKR3YZjWA67F7_UPpcOlYJDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0Njp_oQNNbO_tQA7bQd0AAPWWiGxWz2xvEeSUrMmSwSDw3M5Zn5afG6-AQm3tXPYduG81SxD3gArDww6XgGBIBJ3xxutg8qnnolXmmcktT0CsoUKBWOmbfhRz0wBUUh-OOmWXmjNTV7uDQW7oYahQKvINTGHMnN6ZWc3RaipBr2xT81RrBgzJ8Yc5FMKbXqZMCAtYquMENsqlcAxDk77hsWpEC50he6BKco8uVQSNoLmmDKiPfOoWijLvDW-jB0SjcF62_o1oArhOLtbfScM2Oc7WDMFBp1A6flRrgos6_5p4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2MQgYpY8_szERYg1jwJz_C6QwYhA%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.218.101 -, , ASN (),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

:method
GET
:authority
www.autohaus-koenig.de
:scheme
https
:path
/htlp/?coyotetrackingid=386115884
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.20.1
date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/html
set-cookie
mobilityAds=386115884;path=/;expires=Thu, 25 Nov 2021 06:46:50 GMT;samesite=none;secure
content-encoding
gzip

Redirect headers

server
nginx/1.20.1
date
Tue, 26 Oct 2021 06:46:50 GMT
content-type
text/html
content-length
169
location
https://www.autohaus-koenig.de/htlp/?coyotetrackingid=386115884
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 4428 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:46:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
411084
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=65497
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 21 Oct 2021 12:35:26 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6a41bad63fbe426c-AMS
cf-bgj
minify
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 4428 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2647833
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdv9tyZF4dTVStbxgj6tc9lOt0Zreaot0r7mhKXNmsnJ-HaaqQCWwQNjYgGcRBLzb03pdNOdk9jylkiuz5XlqhM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDnXEIkncCi2x8TMsRHw4RNk6cVposgrZUuuNGi%2BugOnZpZHrzTqd660RmPLRM%2Bp2Iw2UoHCgbmHs5nNC4i0Gt6ItqO6A17gcdTpHdKt7fJ7g5ezQm7Rc496n9gh4WSw"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6a41bad63fd1426c-AMS
cf-bgj
imgq:85,h2pri
923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 4428 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
475878
cf-polished
qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid
ADPycdsngGFBOf1NwtK5ADGe0e-Cq8Oc185wwEHc4Dtvq0CTvcq4WmELbUIWWWbstzoq3Hi2N_JiTM-T4S_zGSppaZ0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10372
last-modified
Fri, 18 Sep 2020 09:05:40 GMT
server
cloudflare
etag
"0d69fd9136fbb169fa63568d6c765a6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYr%2F1uw7xoLf0G1RKItMS3WDp%2F%2B9YofMYSrRS1OgfgR4JFVf8wLObkZr2oTZtLG%2Fxo0YIyZDSqWr5hmbS%2FTcqzLXVQPYGXYBBRor46N2Z6z%2B2K%2BR3eaL%2B%2B3wUDzOjn5D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600419940053465
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12438
accept-ranges
bytes
cf-ray
6a41bad63fd2426c-AMS
cf-bgj
imgq:85,h2pri
60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
assets.ad4m.at/logo/ Frame 4428 		192 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=dyeWTw==, md5=eBhBXL35Vn6m9QiEHE/ipw==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2287398
cf-polished
origFmt=png, origSize=706198
x-guploader-uploadid
ADPycdvUmtc2GQoKuM6yrn-k1-Pgr8Kkykmtm2AKY5rydeef7nKLQQ9v2-s_lXD4z9JnGWHoXA63apIkBY7dRqw0Qb4SStGXKA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
477790
last-modified
Tue, 03 Nov 2020 16:12:21 GMT
server
cloudflare
etag
"7818415cbdf9567ea6f508841c4fe2a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtKePywUoUGXlC7tHAoYh916g9xV1lafazLfNGH4RqUhmjS01m6MT7fzP%2FNiB8KGQ9qkESL7Tqy5SP4KRnoLZaWpPxoGLDxPgPFeGpCj1tA%2BR4GhqXGQCdqCKqod5f%2BY"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1604419941958117
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
706198
accept-ranges
bytes
cf-ray
6a41bad63fd3426c-AMS
cf-bgj
imgq:85,h2pri
9F637870B202E83C416D18B7C8C6414C6CC6C839C93C9E3047F21FBF3529E7FD9FDEC26E45A2E6A5FD60CE245E3F8FC0ABDC4E84823E1B9C8078BC61486093AE
assets.ad4m.at/product_image/ Frame 4428 		192 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/9F637870B202E83C416D18B7C8C6414C6CC6C839C93C9E3047F21FBF3529E7FD9FDEC26E45A2E6A5FD60CE245E3F8FC0ABDC4E84823E1B9C8078BC61486093AE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=/E/1JA==, md5=XmHcGh4x861X+SRmEFC7yQ==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55482
cf-polished
origFmt=png, origSize=321978
x-guploader-uploadid
ADPycdvWwQMAdv0xopLRR2g5nT8JBpzjb1qRGuIO0SXwaQiz2S00ltfr8kxhcc7Ddc905Af-xzoy7LHiOX3QpX8LwBxZdyJqug
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
217072
last-modified
Fri, 22 Oct 2021 07:22:27 GMT
server
cloudflare
etag
"5e61dc1a1e31f3ad57f924661050bbc9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkItYK6aMX7q%2FaAaKiIB%2Bs9MWBzuZqa5PzhY%2BZ%2Fk%2F6r5EKWhYFONVk2js%2FMGsrT0KZcHElaWY79t%2FCQBxAmKtX7oLAgR1ZXqVEIuUdAjoTENLe3XB1UBlzP4p58OF4i7"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634887347622867
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
321978
accept-ranges
bytes
cf-ray
6a41bad63fd5426c-AMS
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 4428 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2660098&v=14702&q=365825&r=412871&pv=1&pref3=ak21oneidm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfAoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:50 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
A9E9F13CD34C6176561B2A3A1512DA8C7C70105FEF038B1211F596B09F01FC7E333FBAD31F58F67BB7B118D699ACB8676EBCAAAC9719A61B310A69D3174D07E9
assets.ad4m.at/logo/ Frame 4428 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A9E9F13CD34C6176561B2A3A1512DA8C7C70105FEF038B1211F596B09F01FC7E333FBAD31F58F67BB7B118D699ACB8676EBCAAAC9719A61B310A69D3174D07E9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=To/Z0A==, md5=KhBt45iUESpR/gNmK/6mLw==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
480678
cf-polished
origFmt=png, origSize=42492
x-guploader-uploadid
ADPycdvpx-b8E9rEsK61_ZlsrEjWmXK5wzcNub2I2IKRaSAxgXRc7q8EXN-RHrB9IhXSE41116DizCMZjexVCE5WIvfvGj7auQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20462
last-modified
Wed, 22 Jan 2020 13:07:53 GMT
server
cloudflare
etag
"2a106de39894112a51fe03662bfea62f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZmvirKc%2FTbTpdSoVoS62k6t5iEytiReCwhBAv6YzaG%2FMgP6JSwQvtj%2Bd3rOYTWOYncQXRbWx9Elq4MCobPLxeZ7l%2FqsdhfhuSHwcaLmiaDlVIFXBZNaIHDZvuRzscF3"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698473273442
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42492
accept-ranges
bytes
cf-ray
6a41bad63fd6426c-AMS
cf-bgj
imgq:85,h2pri
7EAC6CF7EF6B64BB10610B54E5B6965DAEF1C036945F4235B33B17D07F7DFB9F26C3931CF6B5CFE42C5E728E6808B9AEC192FCA63F8A7B192DC57E243E417A46
assets.ad4m.at/ Frame 4428 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/7EAC6CF7EF6B64BB10610B54E5B6965DAEF1C036945F4235B33B17D07F7DFB9F26C3931CF6B5CFE42C5E728E6808B9AEC192FCA63F8A7B192DC57E243E417A46
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=qNATdQ==, md5=rtrnh66lL12Rx8tGiazR5g==
date
Tue, 26 Oct 2021 06:46:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2286631
cf-polished
qual=85, origFmt=jpeg, origSize=136044
x-guploader-uploadid
ADPycdvFMWpwrLjjFUtvHLEjCsTlfERmxmFpmyjL7ubcVcVPJfU_ZyalIiL9t1jthaspep-oIpkHSfVq8I1Z3W42tn0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41838
last-modified
Fri, 04 Oct 2019 10:13:18 GMT
server
cloudflare
etag
"aedae787aea52f5d91c7cb4689acd1e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35DCLQqOk%2FOXx8IoNtxY%2BQH9Db%2BJqDnhtzoKO2LsZkbH8biGM8kZ6qAzLknXZS7hospAxfA9X1ohYQG2IJx%2FsMPVKOv3Q5wYP83rsybjOBqGtMzAdVEVciMwUh5V1nxY"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570183998426851
content-type
image/webp
expires
Wed, 27 Oct 2021 06:46:50 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136044
accept-ranges
bytes
cf-ray
6a41bad63fd9426c-AMS
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 4428 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2578359&v=11671&q=344795&r=412871&pv=1&pref3=oneidEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7oneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C14969%2C13833&b=xEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSA%2Cm3AsefGf2AqhmHZHZtztJ9maDTwTX8AfA%2CEjeTDfEfAJktzHAHjt4tQXYuqTVTZAGT7&f=YxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcr%2C7QZTqfzfd1WUrHXHgtECV2EhGT1Tr9ZuM%2CADeFYfqfbVkuAHRH4tMCdzVS7T4TDVQT9&c=300&d=250&e=aRk-xK3znZpBhvwc1yelGbGiCEPeZdGw&g=f405b1f1d0a745cd1c7bacab9fddb776%2F9076591982532599190&i=27720%2C21630%2C17743&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=&r=1635230810278&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hv7w1ajtga8t9j9cse9xgvcz9rkck6197f2jaj2q9294gnpx0prr2r5ph61bf6enjc87bpabxdhg5xddra0c4ctztwae4xt754dm94vqzbga8evvw8j2xk47egj0wac2436rb8x5q1jc3xc30n07fmaew8063q6h950rm175cxzkk7a3p0cnxx3ajhdjg8awdrxq905jzmy2xgg255heep0c8pzzbx4d9rrx1ztaaycvf0t16tnfx46ghhq0xrqerm96k655vsdw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCYE1wV6R3YbbiNYmHgAe28paIDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTMyODI1NDcxMTQ4MDAzNDegAcKu6N0DyAEJqQKCQa6FI3ezPuACAKgDAaoE4gFP0LBOR2H8o0RasRRjaA1Uzc7pPvnRCRimG0h3JNsfZ-y_kcbKoGuwF25ipxw4pzqhsDdNiCQkIlpAlvDOevbXqqL3RRqhiJrYzgQS0dm1ayNA08Ci8b-W3MA3sv6NGKaaRv3eVwvBnSL0l4XK4sSoLgo3NKuprW8y5XT09htawDjwEXFdPRTGPPbCCNUgaVmfLAxRLNTS6abSQoNAqsI8_M7rfGYo7yz6bekZMcFuYww0wJjZ-ALVfoAR7eJz3Amkm9vmSFd4zdUIh5W1xGOtyowcn0g0U5kM4qe0X7FY6Tzi4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAHyCBthZHgtc3Vic3luLTExNzc4NDM2MTc3MDA1ODj6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3IGH0Ma4p3pqRsDUibJuv6FpPQ_A%252526client%25253Dca-pub-3282547114800347%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Oct 2021 06:46:50 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
pagead2.googlesyndication.com/bg/ Frame 940B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Zz7DT35LXmuokobBJJC8eUu-TFeGwi-w65YEXeY0QRI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 06:11:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
2132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13325
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 26 Oct 2022 06:11:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4DC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=2546505396439370&bg=!9vWl9bHNAAbUs_yW1LM7ACkAdvg8WmnMS9krzVOsDRp2AGBdqOSBnZkeCTO7vvrWedz3zjweS1xEjgIAAAKhUgAAAG9oAQcKAHWBWsl8cm6XreZAaQnXcJsn2e00-6UJjmqF2nqYOqqLc4YXvWaNokE4h2PHt43yXPYPFjHrxtfCPWkj_ILi8ouSQMBWn_5vea09u1IA9-8MtQBVT7uUg0R1Aq3cX-mF6XYzslAbVAP69JQ3NWn5itvhg6jwsBuZAvpRhweR8iaUAbjHvxBZJ8k6V1m4dnHGL-ibxODVmu3--qntjbO-qYhPQCua5ytjHlX-ESqDSrLmLERL0KWut6Ccl7SVCrB_ansV64TZf_TH0MALJHDQ1JstCHvUf0txVfw8INb2kGu-B3uWFPRDCy_kBI39_PNqrWIhCJ3H5I2G6eyFHvIcEFd9YuTGbm8NbMONgFKJ-OGrQPkoKA8gm4VoK7azsnoc7ppfgifZYWl1wh4NGjPzls4H8ShTb7jWYKnMGdylRIHQ8wlZ_7NUuY7_ZyJS60bCJcy0uk0jERtGp8Pr4wO4zNXwDnWup3QS96JuQOufjrBdz-A2njgHLG9D_FW0YaZyt-T-8sbojRo3C14A5SzgHXK4x6GfHc2iflnncUBmrR48CghBhFfYjdY1zpv2ls-NFsJLMYgYeBgIQs6R9nfgOzNf_Xddx8WGEYrGGyC00HYRbj4443ioFPAFGZjNCVvwzOTkKpkL1vNbyNNSc04hpWeeI6e7BXpPYfs1gtXO3y2MV5pnFaGSG49d0cxg5cZTG5bwjJFZajUEP36hNrTVZJVY1-7PwpD0UCvSxYi-0kxmD4xGcJGyKiEBJFZxX3t-Nd4X8AFtY4hdZyVNKlBnN4YTASOLmRWVzi1MK5Gs-AaAEIOE0t-Jui3y720r7HH0CUPpXUbx0DEezAlG92Btek5Ky1iqE8MPH7GA6g8X0yWKWfKh-ACgyoqklPXlVrEYp9t_PgWjpAHn3Cve07oDf6ljd1ZW_2zWFjw7XPCgs2umaQAo1oqVMSsSrJICUEHhiLa7zGVM305Ek3E00gB7IrRDhtxKzbyXFOaVnl5q26JzTmpga64IITS6X6_ndEcosOrVjTPoMyCXvWhR16pC4oEuCxRm-v3JTCCHY6fSayjinaITXXoZNdg91OoNnZ3-3ivGlYV8cZinVpLDVk1__cfMwwafvufMSn31oWCLrBMkNJ2kuOTYqiHOheLX_bvf9HXqqe2ZUIU8Ek9gRDoyMLTZJy8
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EA1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=3355200543626438&bg=!qKulq-_NAAbUs_yW1LM7ACkAdvg8Wt12mJku24sZieB6I9HaqWtl-iWH5dttdYOvopwhqKZSn3W3JAIAAAKOUgAAAGxoAQeZAxPc32ou_Ts0Rhg_Lomzn4TUF6q6tQ6Vze5pji-3fZwWLmmYWYAzUuEJGAtXRFN2y78LXHm7W7iJoN106cJ8Fp7Y_Gwfk3NNWhwkttign1xzrqzrRMOX1Kv0g3Cgq5Qcshubi-nyZ81QODtNtEgJdkmfcGq9t70fheO9n8JPlALaSMMaMlG9VLQL2bCFDZ5_zYuUapvrpPF2EWUyZSiHSSZU7g3tdKVKNWGoHEsYTidw14WaOKdScFhH2nhBoR87lAdLnAH_vJSLR8U1NaquuBCV5d3aengYC0N1VGouoO1keBC2wa-FhjYeKLznaEPR1Y2p1u6M8a0z1mDNbxtCuLBQ9Vwy8uAmwtatQOMiHMLHLD6vbD5J2PEmcU-T623UZr9SnXC-ptkK4oYgXORnEDS3hEphANTQfZd-upBNihVj5tR-sUVFhsAWj_NwXUT_9Rt6KnR0gAjwtHyTKhvvG9tFeJ-Eq8W77milKjY-sOaNhru6-UZxiPIl_4uYtyHP-MBN7BY6KhZ21ldp1NL_jdulTYenqBybko87O8O19bvpwL0uD9iEF36rRWLTxv3dt86Kb8PyrYYEWvrw5zwV9WOV2GIVlbVhqf7Qa9QpO1LjTa5W3TDpoXGSSx2RHRlW8ssg8gQWfiyE_8IXe1H31IFkX0fMy2aI5ID3iWVX5T_-FcpHgfFBZ3xZUvgnvOfId3fY-eDJLa2HMqOaHUlNxi7Pywnv2b8RgLwQjTKBl2pA6D3s_gjlbRnDSdK_JSmhGnvqm7VNUqgk7_6QXFmmZbjGHM5AVD7cjJ_VU7ko_GDkTWCeQ6A74h2etdv2h3XunER8s9igSAv_jehakoN8anDCVb-lqG-bY8Ynav5hWOghOXF-DnVoJ6dtBAI4-sjDTQlEMKsWiU8A72ruDYnkigE0I2NOWsMmW_R0Uvr-PBCInyF6axF7sEREu9kZKblLEbNcGyR6jwNWLcoFvgMcPPoHIXIprK9Xh-O9dvXPNXgTvkf4-TwzcN2KsRVKR6-9ZYuOPUvzbZTDB5kMwpGpiKQCJEMh
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C7C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=2094331154805026&bg=!fX6lfjrNAAbUs_yW1LM7ACkAdvg8WkmLlVZnkwCkLauaattiYcrQ7Rj73LLybUCapD2p1RgdL5yBqQIAAAKIUgAAAF1oAQeZAxWLoZD-ZOoj5v488IUKz6fSDU4PIKrHVtPlf8pLhEOftJDoMtWlraV0vblnsqSVroXWOgGZPuEyOSBruHe_Ryz1Zs_rGmVQBzvh1CcDaQBQvy8WoOluiA_I-O9ufHYHOM7E_FlXLH0_T7SmgiNBDHL3Y68IlhaTTYWsyqs4KtTAN55oSgb_f-tt0-Gn-bdU6UvPRfJotYOtTLlMkzEVZL25ZDhkV1TH1IFHku9-a_uto0Jq7Ed2P9lpGvZlEl18kP7mtrfa71DuRWWKVSl_tdi6ISvmvntgADyY0PBBzu-yLQmMxoiBzMczf6bd1Hc0L8shxKt1DDnqdl9uDWgzpKmsEhPCyHd7gp4EUGsnS-zrrle-a8_5lFPHdfIp0qT8W9tHyWv82CU9ywQnzMrzX98sBNtu594C0q5IPi2oFS3gxNE0BCGVNETI1-5jq1A0GrmH4e4G0VMrJ4RYfidFD18MLN5ncF9LK0EybSCoQ9STqZ4uoTm5CPeO4Puu5SKIUJevu5JJCVQkheDYKRfsrowDiscChCdtryZjsGwMsg-CTRrv8mAk2-8aO0WgUR75LDQwV7h1c7qjhmDQ5nGanxYZ6fS9PSYTh5ndTdbmGSrpemO6DIbDUTML85Dkkf0WpFvuYf_pKYcjduAIsxWKVmTCEsybEP--AmJYV6z5fekZas9e-BdsOE6rVZbGDUn6V1KX2L99nxFQqghVMlToyuTLSDtXpilmQcbn-EHMkCdauMZTra3Nan2e6d8JMaZIe0RPeQohxzgbqG2LwBJOHrVNfKYGQQNxL9SzZKiJCZw2K-6tIlSjnrbt9U5B-tPL2ebxK9PVIgjSdTDvuEJEOxeuzjvwVFHdkyc5f_qst4QMUgtjXcfruCyou0RbXIrvG34xHnjne0nTW-bSHv7_mTlZwZgfdZ5m2sNhKua0P2Eyc8qN_ZqBbB4KILC7VBN_ec1hleqZeTJZLB8SPOWMjBp2Tw8LVvWROE0ZOsD-U9CFjAWcFJ_BORIaUiUKA3wB2D718OG3xpZvFRJOfwTnSLqXFq1v-Js
Requested by
Host: pinoytambayansteleserye.su
URL: https://pinoytambayansteleserye.su/its-showtime-september-16-2021-today-hd-episode.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sorrelma.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Oct 2021 06:46:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
link.html
track.webgains.com/ Frame 4428 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzZENjk0MDg1RUUzNzc4Mw==
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEKgHrq6R5LT4cUsThnDE4gE&google_cver=1&google_push=AYg5qPLBzzthLZXYO-t4phYQ0D3KlQF-T6ezAfhKF62XvgKaOxmYZoXAmhudJmb7bxlrCdVLPg3SDH6dZcZUFIaDNTRXwmF3fSWn
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=UjVXaTE3R2RJdmw3&google_ula=2046794&google_push=AYg5qPKJJqr_1F6IwSA4gM5Iv4bWi7_2Bx095XNIbZidLohHKzSkLM9a8Ktm8KdLqZrCzwuYl2n45d7ckDK-5n-EhVPETB4XgByNXg
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLls3iZxyoVfNsjN2yWeAc6sLqJ2BNi0d-hvEQGrC3M3FKpblqMsdr3FH0vJ5UkmpDaSXIjcwJkSPhXk1HQkt8ZTfsX0WqZ
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4BBC99F38D2A46BF9B24531513E07064&google_push=AYg5qPJERL3HO9QAt4xAUG-dDgBGVosOTh_iwEm9oQE88-rQ_0vcWzH73pd3SUwtiR3L7SoGJccmpargQbrc9eUrC-TDOHBqOdM
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMzI2Mjg0MTc3MTk4MDkzOQ%3D%3D&google_push=AYg5qPLJo1cuogQMADunaE3reFBXZvt-1q_fekrsu0broQojedzIdKpWF-Mv-voazmIGY6vq7EWybYMc6Q_V6EaaUsJDCyFdIU8G
Domain
d5p.de17a.com
URL
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEITOI3XNr23DoTE8uE1F6cE&google_cver=1&google_push=AYg5qPJ2BgZ3BCQmtkKKGDhuielMqyAiqvR-EQK1teDQ9ODYb-SrSjfp64l6SlBgX2aKNxdGWlD6c1z-6Yt9KREY-qfVS6EUrtGX
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPJu1e2SqQ4FL4ZTN8ZtnG2ZIPD6NySP2HB98IXPAeigRcPZ34b6EXQIlpt1Q9LcX_n9eihKj3TOVTm2Sg3G0AmTnDd9LFnx
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTA0NTAzNzY3NTkzNjE2NTAyMw%3D%3D&google_push=AYg5qPJLEghW9NhpSOwKBT7l73dnp45inX6xtTls4Q_DWp1MDlcgq6pb1nQpSE7Pr0zK4h0BGylXZz2SlUhqdg5zsClYoMSnjsV7
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17DE5C7B864B46579AE4222FB6BB3A3D&google_push=AYg5qPIKgyLWFnhRoA-KVRuJdPiDLuStB11osIHs1CjPDiVXEL2KNopoEsFAI0fdduCLuHEfnhIBf3-KTu2wUZpHKCJQ0DwW4NL0
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELEMrX5n7ZyXDEVy7z6rZYg&google_cver=1&google_push=AYg5qPJU_cAILZppY9AQ8MeD5SCi6cqO34k-JMzVgNLdqVEtk57nv862A5nA_cmOAaNzyZaNMwZqZ-1LOyiX5l3Jm0yRPrjRzXR9
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBQCN2L6QEzRJpyQJRvhtc4&google_cver=1&google_push=AYg5qPKstH5UbFVVUyKWY218GfPlzDtHuIMVt2yu0xKlEwjF7mUqsk-zJ5mT2oUV-m8RreOpHyaWyhDxK-gd_0rXmDM_njxVfR_sZQ
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOTWl_FRqihe81hpW0K1uVU&google_cver=1&google_push=AYg5qPIh3fYgeJy6kpFyNfSwwTPrEveBgLBpmPOsw1VFtzlU7KgegK3NDVwhWcMoD8j-or-IZTGSCOMCIOQuDZh0lT8vBPSRCxkHvQ
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGSDuE06tgkOg71rqq2hkDY&google_cver=1&google_push=AYg5qPJsYo6Qf00uxdKx-Drhc7uyj6AXQuOFgv2xueXxp_8ndV95XdcsTXgVUrdX3ra74rQRpY7U7wElMVG6BsPSCTGuXrdp6wqF4A&rdf=1
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGwLMKeNUNuB7l63rIK4STU&google_cver=1&google_push=AYg5qPLiWpUd0C_EysTKdDiCevQY9ym3drgZFujpg9k8su0W1mkDvCT-Kbo72xtviR2NTvdwJgL4CGzJ63BSece59uxEsurVqXIhUA
Domain
a.c.appier.net
URL
https://a.c.appier.net/gcm?google_gid=CAESEMhuV-zxyf89e83YrUSi6O4&google_cver=1&google_push=AYg5qPKqpKh6ijfSTEGihUM8EUBA5MrPAOXscjhsIWEAdtELUDisgy4u8awhW-sQv7g-fWwy1vt0-ZElGW5RSn6vUFeAqU43yyubDg
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXekWCieGtnP6ifADr2TcgAABHcAAAAB&google_gid=CAESEPJrNbP8IUu0R67rVXo0W7k&google_cver=1&google_push=AYg5qPLg7aUijGv9wsPyZu7w0YSwxJAw2jnk9FP5PqfcTu6RDWe9f6jrGssH7e7THoP0T-eZai3IXH3NNE-wdApzuJUYj3y5_LVbMQ
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOTWl_FRqihe81hpW0K1uVU&google_push=AYg5qPJewVEtad6I0-143t41woO9M8h8xMbVwRxa_JeaIns4TnfrzqaBajhHYzNrvIRCIImkr90j3ll3Q2vgwDnhxg-59a4wMw&s=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubZ0kN1_jUfymUE6WR3hcweDhoJGB2wGP0rio34dCJSL3jj_MTt0gcI_SjdIR6DUfLhVb7eirAA6KFMbWt2QA-Rw&sig=Cg0ArKJSzMbrS8TWOb9qEAE&cid=CAASF-Ro5D77Qywme5IptLPPRlDUmcNWYNcU&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=2026580777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1635230806998&rpt=944&ec=0&met=ce&wmsd=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth5VQm8785vQ0Ns3ShwiCNXzFNnfrNtERsGjdl9VfFK_Iz-lWhsnzphebo9xM-G2yHmxv6Bwn6Uz0_NfWu5-YhnQ&sig=Cg0ArKJSzE0ifYspS7v2EAE&cid=CAASF-RoPk8tSoLQA7CeBgX3KOdbZslBbvNE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=2026580777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1635230807069&rpt=928&ec=0&met=ce&wmsd=0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA
Domain
a.c.appier.net
URL
https://a.c.appier.net/gcm?google_gid=CAESEMhuV-zxyf89e83YrUSi6O4&google_cver=1&google_push=AYg5qPJPfMj2ECcBKE6ZTZci1HchrnI3CARX-_7mpsTIJu9aYpgN95ZGsC9YqDX33VYcEUSoWY1vaebjoxWUQIzXyBRlWRaT6J78
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=tE-UdoBcQutd6jgZOPDuT9iDby4&google_push=AYg5qPL4H12NMT65aRZVFuk12fhMHlcXvN-xMEUQOPbU5becIqx1mmbuuWWmaNLZo2qoHnBw1ZJDG-uLEGQI2klSEpVq4SILDeA
Domain
cc.adingo.jp
URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEEHKDzN5iMpIJZz-wgt0oEw&google_cver=1&google_push=AYg5qPJpSiCLeTu2IU_azsfEHsp_5FEcbAwbziq5aR6GwGgS8mCxtED1Gg1yU7MeuSic5ZGQFSFt2MFsz02r-qbpNITEsT98rE-G
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpMty7YTBNWZZ25NcYfWtg43WJkLx3m8lhpfkBFBnvbWgMOV0X2Da0S23D1H52ZQuOEiS9p6SwUgsmhha_keg-bA&sig=Cg0ArKJSzKBBoR6FwRLCEAE&cid=CAASF-RoOuOwWnUQ4IGUxQ-_MMv1AFrdF-4f&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=2026580777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1635230806981&rpt=977&ec=0&met=ce&wmsd=0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPI1o6XV_HVofBGcHvnLywKgpwcsB_T17lsuXOLDgpzla2OPMtVM2ekcTBwxgALlVRmBIZMK6ckRKdKtudsB1vM99XE2MzWw
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupcVjB8yI6x224L2BQDd6NQAAFwvB0khb99hOMXYH4wbhVDGa9gfGkNhA54kUf2tm4l017wgSZ2cmIjpX_vN9i9g&sig=Cg0ArKJSzJQgkrNX0Zp9EAE&cid=CAASF-RoBZx9c9kN7ULnWCGgXuLggBgGNROd&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=2026580777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1635230807192&rpt=864&ec=0&met=ce&wmsd=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssf5J6eDHhOBz5C-gSuuCMH9mp-UrhA27cfP9b9QehqYHPOOa60SMfUuly5u9o6_hPwoUYhTP2CD6NRpW1rTr9R4g&sig=Cg0ArKJSzDCWW_Zx2zBQEAE&cid=CAASF-Ro3QYyLwpMyfHEuiAyphco1DBxDBP_&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=2026580777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1635230807494&rpt=719&ec=0&met=ce&wmsd=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurQhObXUCl0ZWhaggmO3mTEjsHNPZtLShkEhLvPs2kmkKZ1BFVPMXXmpaa48JuXgwl8Bo2RkcZRNCb7ZNFweYJvQ&sig=Cg0ArKJSzPLHvrX02hSfEAE&cid=CAASF-RoUakc1C2qbfOjW56UqfPtyOuz_te0&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=2026580777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1635230807261&rpt=810&ec=0&met=ce&wmsd=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhHQwidzWDzqXCm6fTMnDVAEaJHPtWRHTPRs_h5wkvcNF-L0UDYFZ3oFSex4kAzTWM1WDhp9IqpIcKPkjm9C9d2w&sig=Cg0ArKJSzK2D1tSoX-dfEAE&cid=CAASF-RorrPfxTpYC0714Og4b9pjdroEvU22&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=2026580777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1635230807521&rpt=722&ec=0&met=ce&wmsd=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUGn4E6HrTn5iYwCxuLi1LWHVEwvPazMQ7MoZP8FzSX95u-05_o08fGQGLnjRwJVI39WLZ3fJM5ZisoZaPBRSeLg&sig=Cg0ArKJSzN-1OwTZ8uCDEAE&cid=CAASF-RosALHFq_GPRSDSQvOdbJgBqO-6jjE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0&if=1&app=0&itpl=20&adk=2026580777&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=3&r=u&rst=1635230807732&rpt=743&ec=0&met=ce&wmsd=0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GxBw5O5NTMSGSvB9Ncw2ZA&google_push=AYg5qPIW0uH71LfnY-noC3VRa2F7yrgKQ123FAtON-gaeiwk5Pu6DWD9IlV9sSt-Rf0UEJeJharm_F9__B2Deqn7_YOCB-SZpkRq
Domain
partner.blau.de
URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021102608465057693622797X117663V1225131106MSoneid8RZUDf8fezjDTgHJHEtxtkk2UPTwT8J9Tkoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid
Domain
partner.o2online.de
URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2021102608465057693622795X117679V1226132702MSoneid7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuMoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&spid=2021102608465057693622795X117679V1226132702MSoneid7QZTqfzf1rjfrHXHgtAtVVefGT1Tr9ZuMoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&wfid=117679
Domain
track.webgains.com
URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidYxGfrf3fwBgTVH9HetgC1JWSAT1T4pJcroneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&viewref=oneidxEbfQfAf6gJUPHdHztQt3jqhJT6TqkxSAoneid__asuidaRk-xK3znZpBhvwc1yelGbGiCEPeZdGwasuid&gdpr_consent=&gdpr=0&gdpr_pd=0

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery object| viewsCacheL10n object| addComment object| mts_customscript object| wp object| twemoji object| FB number| PIN_18926 object| __twttrll object| twttr object| __twttr object| PIN_1635230803451 string| value object| key object| PinUtils object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

28 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=ixTJvkv92gQ_t_qIQzZOmZw6NNEdyLhuZ05m8D1Iubcq71ICKPNtQ14cQMORWBemH-dgiIekuBwmA8u4LISqQHOfoDstBFwwQ21qEOJaIijxpkLVLn5RYEdkyJ0ET46Y8Yd6hQINJct3LdbxrIZuqztqpaZj8kEMlcIOaZWLCVk
.adnxs.com/ Name: uuid2
Value: 3976595427479291674
.doubleclick.net/ Name: IDE
Value: AHWqTUnFdN5cjo8N6RUVtbz1ZaHLhdBmvIsa47F-CxfvOxLSJ1POw-FvK9jbni_bqYU
.theadx.com/ Name: uid_7da156c0-3628-11ec-804b-39930959a641
Value: 1635230807596
.adnxs.com/ Name: icu
Value: ChgIzYVEEAoYCSAJKAkw18jeiwY4CUAJSAkQ18jeiwYYCA..
.3lift.com/ Name: tluid
Value: 9045037675936165023
.adfarm1.adition.com/ Name: UserID1
Value: 7023262841771980939
.simpli.fi/ Name: suid
Value: 17DE5C7B864B46579AE4222FB6BB3A3D
.media.net/ Name: visitor-id
Value: 2782324089233443000V10
.media.net/ Name: data-g
Value: CAESELEqbxDXWYkmcRTkDA1hP88~~3
.media.net/ Name: gdpr_status
Value: 1
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.mathtag.com/ Name: uuid
Value: 2fa46177-a457-4300-bdd4-42d457fb72bc
.mathtag.com/ Name: mt_mop
Value: 4:1635230807
.blismedia.com/ Name: b
Value: 6177A4586DE739C919C16BDDBLIS
.de17a.com/ Name: guid2
Value: 1.8792849088249690638
.yahoo.com/ Name: A3
Value: d=AQABBFikd2ECEKaK7C5_ePWhTBMdJ7k156AFEgEBAQH1eGGBYQAAAAAA_SMAAA&S=AQAAApEUAOCOTm23jOc6D2kudR0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F372CFA5-9D8B-400E-ACF5-288F9BB860EC
.casalemedia.com/ Name: CMID
Value: YXekWCieGtnP6ifADr2TcgAA
.casalemedia.com/ Name: CMPS
Value: 3238
.bidswitch.net/ Name: tuuid
Value: da5b4089-2795-4384-b054-74e250c74418
.bidswitch.net/ Name: c
Value: 1635230808
.bidswitch.net/ Name: tuuid_lu
Value: 1635230808
.quantserve.com/ Name: d
Value: EHUBCQHJJIEA
.quantserve.com/ Name: mc
Value: 6177a458-1be71-ac1f9-ccaea
.adform.net/ Name: uid
Value: 1394604004804569123
.m6r.eu/ Name: test
Value: true

13 Console Messages

Source Level URL
Text
network error URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fpinoytambayansteleserye.su&url=https%3A%2F%2Fpinoytambayansteleserye.su%2Fits-showtime-september-16-2021-today-hd-episode.html&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.de.9OTyQk26M2k.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCPuDOC8AEIosPspkJjmhdkmCzbu_Q%2Fm%3D__features__#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1635230803498&_gfid=I0_1635230803498&parent=https%3A%2F%2Fpinoytambayansteleserye.su&pfname=&rpctoken=41464172
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.blogger.com/video.g?token=AD6v5dyWvTOnbljcDUDvVtPVxVN9ku_DvfH5tDuBf74sOPJ9qfWD5WpUXWtKmaV2viU0ERzyLSVZ1BfVf5Dq7Fm7MMeV0xW7wd77CJ75a4NN_sEBPfW-dDSGOU5WYmS06Dt91XV4j8ZD
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.blogger.com/video.g?token=AD6v5dwbo6WmQHoWlTRjvl8xjhThARiuHjrJTFnLvW401gQGqo5l-v_mvyxalZNXxqrK1tEiCeIA7setQvHHCv6yjgIaYYVK03C5tQU7SdUm7MtyjRyyfU-WtWZY7sfwNLyTApvOZk0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.blogger.com/video.g?token=AD6v5dzFToud6eOwF6DDN_USuHvgzQ7lyQayXzWoZpEr_XMHSdVgBch07eiHeEvB49bNeIMoH-UhY5HrVRYjv6MKhjyTKTV5EM-WZyosM3tUQyIWVoY9yLNmzfkZM1fmfwzNuGsa4akb
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.blogger.com/video.g?token=AD6v5dwA0HvO9ySrTA4AtnTmz6rg7pDmVi49eCSMfoAiCYVq5bGD4MrdyazUj1pySxr15OFEIQBmLCD8GWGqrbD78iUY9dC7YJRRkIyh_SkWhXS-g_C8C_at_CN8wiofN_tUj5R4KdM
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.blogger.com/video.g?token=AD6v5dwxP2r0VzVZJOiHaYWOT5pF7hV52_dbHqHy9vN6mbVgYQUfGwlDe4hTClZuL6AKr1UmECAGRl6UZ3Hh9FrbY6HOjSs_TOChMvEfR0ll9nRYrWFSXgLknoDBsf2CtcqMy9hBVL4i
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.blogger.com/video.g?token=AD6v5dyu-KDYiQjmrzsOv5XKYtVCe8iyczSnjMGwhCVgBCRQWv8Mt4EJlQuFtZHNmH_UpGZ3YfqXI8wSf1qD0EnaVbFp_V5XW8BVbE9FAIXTGBSgwT7pSedo4jIMNkVP735lFcSx9r0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.blogger.com/video.g?token=AD6v5dy2V4Pr2u83-ANpjVMPvEGUg44Aoq_OUnsTzL9ty_Ypqnetmu8E2zCDBiwQQo1MkrHzsLsaOn2Df0MCHzeSA1HxC1USc55RnkLYU_HWjNKELvVZ9w3-EOZ3hS5TXmMAPayNRNkw
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.blogger.com/video.g?token=AD6v5dxOziquq0qY23ht3patikEdWb-M4mcdu5vwv_9MvMME7iLKK229_DmigxG4BnRjjLWDdftCAlLeIaNMLHIf7Fj26cKz4w1KDxVLf4xTHEp9J25i9Rh72nnBQBwgmKNa-rKM0G3V
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.blogger.com/video.g?token=AD6v5dwO3cqciAyv5mT48Kc-GWghHqQxkL24ngctktDhTIHV-JJFmxYbzf40dAybudLmbkD1h3Cj-R9D71fC19ROhNfaV-GsebFWi2D8EnCGMR-DVMxDxDDoL5gTbh09xQJKM8Jfers
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.blogger.com/video.g?token=AD6v5dxqy7I0uiLMlz2vz-5QJwBFvf2BaDqL80icaKCXOxLU9GQSt7p91CVfkjF8DIbzsSoAJid-U5nxdBBe14M7Ycwgwn0Twp80t4QtC4nrSf8sjL-TESfe1nFG1Q0RKVNIk9_4P_Bf
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.blogger.com/video.g?token=AD6v5dzYtFM2KnRS7vtOZwJx9JW3NsSuamg-_-8CX2zBB8atVqL-f4Fj3dBj0cQ7kg8bfkvOmZl_zU50azldLUxv0UYOiMN8nq6az46LJCYwLbXyIXXsFqCdDT0Cna7RtiMAFq9b7UaS
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMDBjMGYxZDE3NWU2NDA1MDViZTBiODMyYTAwYjhmNmI=&google_push=AYg5qPJ2Rqqv-7weKvgtkRpWIN9f13YRgvd-ee_EI0LHChJ8by9Gtz7CD1bKBA4nMNKgemm5BlFfs1QCgEUz__L1MS68yDPJCzlGAA
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0f2a9ca94eaec6e2e650b4562539e994.safeframe.googlesyndication.com
155358bf66c13bbc5b186360bea2899b.safeframe.googlesyndication.com
405cca31200ff5fa2931a6b4fc038ddf.safeframe.googlesyndication.com
5a2e6faf111d9c14b6926c60d513d453.safeframe.googlesyndication.com
92a040cfaa55786f76faadff1e7dd3d9.safeframe.googlesyndication.com
9b537e271b0772ef312bf8fe6b92ba7c.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
a.tribalfusion.com
accounts.google.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad3.adfarm1.adition.com
ad4m.at
ads.travelaudience.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
af7c48a5f3a57706524016780021358f.safeframe.googlesyndication.com
analytics.webgains.io
ap.lijit.com
api.adinplay.com
apis.google.com
app.theadx.com
as.ad4m.at
asianembed.com
assets.ad4m.at
assets.pinterest.com
b1sync.zemanta.com
ba736371e8ac27b5ee419a0a73d2e06d.safeframe.googlesyndication.com
banner.congstar.de
bf286f63a4c630945322cb9389e9b947.safeframe.googlesyndication.com
c.eu1.dyntrk.com
c1.adform.net
campaign.mobility-ads.de
cc.adingo.jp
cdn.jsdelivr.net
cdn.theadx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cs.chocolateplatform.com
cs.media.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsp.adkernel.com
eb2.3lift.com
embed.dramacool.so
f61b92f386b31d46cc41d18037dd1cc3.safeframe.googlesyndication.com
f6e5e0fd0dcf7dc3b86c7ddce65d2fa0.safeframe.googlesyndication.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g.rtbrain.app
gcm.ctnsnet.com
googleads.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
imagesrv.adition.com
log.pinterest.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
neso.r.niwepa.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pinoytambayansteleserye.su
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
platform.twitter.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
px.adhigh.net
px.ads.linkedin.com
rtb.openx.net
rtb2-useast.e-volution.ai
s.ad.smaato.net
s.kadxin.net
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
sm.rtb.mts.ru
sorrelma.com
ssl.gstatic.com
ssp.adriver.ru
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
syndication.twitter.com
tech.rtb.mts.ru
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
tracking.m6r.eu
tvking.net
um.simpli.fi
ups.analytics.yahoo.com
widgets.pinterest.com
www.autohaus-koenig.de
www.awin1.com
www.blogger.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.c.appier.net
ad.turn.com
b1sync.zemanta.com
c1.adform.net
cc.adingo.jp
cm.g.doubleclick.net
d5p.de17a.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.blau.de
partner.o2online.de
pr-bh.ybp.yahoo.com
sync.srv.stackadapt.com
track.webgains.com
104.111.239.217
104.16.87.20
104.18.12.5
104.244.42.72
104.26.10.209
104.26.9.222
108.174.11.37
13.248.242.197
135.125.160.77
136.243.207.61
139.162.78.222
142.250.181.227
142.250.184.198
142.250.184.233
142.250.185.130
142.250.185.141
142.250.185.198
142.250.185.225
142.250.185.226
142.250.185.238
142.250.185.65
142.250.185.66
142.250.185.98
142.250.186.130
142.250.186.99
142.250.74.194
148.251.139.77
151.101.0.84
151.101.130.49
157.240.20.19
159.65.196.12
169.50.137.190
172.217.16.138
172.217.23.100
172.217.23.99
172.66.40.190
172.67.151.84
172.67.190.56
172.67.74.129
174.137.133.49
178.162.133.149
18.192.95.190
18.66.112.34
18.66.97.9
185.29.132.241
193.0.160.129
193.232.148.156
195.154.207.225
195.201.218.101
2.18.232.130
2.18.235.93
2.21.141.169
213.133.107.215
213.155.156.166
213.19.147.44
213.87.44.187
216.52.2.30
216.58.212.130
217.66.147.170
217.79.188.11
217.79.188.9
3.120.29.221
3.126.56.137
31.186.14.221
31.220.27.134
34.102.128.115
34.95.89.54
34.96.105.8
35.186.193.173
35.186.253.211
35.187.117.15
35.190.0.66
35.210.53.219
35.212.101.174
37.157.6.252
37.252.172.249
44.194.225.67
46.236.13.147
50.31.142.191
52.18.203.148
52.199.44.14
52.49.74.33
54.175.198.118
54.93.151.69
54.93.162.63
64.158.223.140
66.155.71.25
69.173.144.165
72.251.244.140
76.223.111.18
81.222.128.215
85.114.159.93
91.228.74.226
93.184.220.66
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
013bb1de95202e40e489f72c7a9c5e3b15e20f7163487f078a675482502a39fb
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
01de13a87bf28fa0a92b44ae7eefc69fce048c9ca5eb598a649b551f86505c9e
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
031627e2b1467583d62e5923230cc5629a9380f899092a40deccda4298fafb88
04cbc0852faf80b98370ec34f4e2c36b8da18b2a7ecf1a5cb24c34c51c4b439f
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
07f76a04a2ebe72a0e7c355ce7e4e7616b62258dc78885d74c6fe903b6f89304
07f8f576c1548b90cfe75b37d60529274db1e2fa24158c2ebd7984945b66e70b
09f58582c4ce1789a058697d2149b4ebb0523197184ec67ff5c48340f32fa776
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c863fc135c7af37eae40fb8d2ee824fcbdbf66bf49baa187f59cedac183e27e
0d3705e2472c9be9870e7b28e512582e796b006cc3025bec72c94427210a0b5c
0d49a0aaa894d807789c575f995630a47178c2ffc42a02429356a3ced3a73b2c
116adf28abdb115d993292c9ce4761c202a7207c76e8acc0c3cfd99213bb581a
1189ccbd0346d7aeb090d8769592e0285599a29122ffd5a0a0ce9c039412387c
11d334847d698a31cf1ca32ba991bbe25728fcc6af095acb9aff484415d6416e
134c94437474a391b3f477213fa8b8f4d7435a2cf7053952dcbdb14a6f0ad8dc
136f336d0c5e8c08d6c03a973b2e8d16cf7459b71a0fb60d57aa30b7f2918d6d
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1453bf9973d7a5f036de806193894a36df7296fac0c5b9c5ad0319bbdba87953
14bc679d644ad69cf1510ecfb6ec3b27ef1d40c452900edbeeeb4658f761fa1c
15ed1dacbda492eb508ced36d2a0b0f7ba0c0ada7990e564b38e60fc16a852ae
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
16dc5edfec3c800b3cfb11b9deba2b8eb4fcda05324ae8426da3ade93b209fcf
186ef01aca1c73789f73c2f4388a26387e38e5fd8a05f4f1c3785709cec25f66
18fa61ac88a1157f1adcf1880d1062c6855751dbc5dbd231aa7469bdf24a2ca3
1d0bf89dff246831b5859a6777c8f11e3a48ed2f23bf6b4bc3b4778b1281e7ad
1efe86e6074b7b39fb12b9215d0ef280839cb3b5be8b5a1786d85b00e120b9bf
1f2a124b772e2d03edc7e430eeb89c6cdceb6c9a07f67790ffd179eeb01aa651
201b52763c14cf8a556eef38b152e7dc46b871c7693f3334982d97b1c06968e7
205ae2737b9cbdab75942d268e6b2d988f2cee77174897449814dc205b67ef31
2225afd62ab21bba128c4f5ab05706d90d1ad070ca23a4c967025fab62d97293
230849fb8e0efbdb97aaa2c77269c7d873be1a8d23a2c70a46760b1174f58012
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
26e18f9b0e4b60adcb16c2414fc48a26a72b888de86dc68eea1ddf5d21e8e796
29854d29bb5a458278a1ddb15b0e352b6e521376fddcd5621fdb0eddd0cbc9d3
2bee9a925452c1f4713bbf9b0e20a7b38f5bda0688a7251d40a7e521fd28f941
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ec5732a54153490e2a9a6ea40052bb85c1d25cad483436a45574a10522a4070
315124a1c80ef3c682f34e36aca57e118ce2309c5734ef0b383e9e72691991ee
31e4ae2c47a3d43e38baf5f07a5f27cdcc36c3f85c5d3ee31931979d6f0d875d
32413cd8d96bb10561920eb59359968bee8c2445085d818c4523ad92af73960e
35081c2d3741a657479e91f528ce41aef5844c20c81d7974a916e84d9c0cc370
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
35bd60f0a8c0a5a421aeca7cd9ad272c748dad0dfded1c099c4cc5d8733fc131
38b94d14be6ce5e0f3675657743e0b888d6e87d8d51db91863e0ab89adecc2ad
396cdddcf926c2ac943117991f190e50741a31d18f63de44b3234018d5a4c237
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3af44ecb8aad854c925aec777222c8117ec61e91715d1fc8c1f6544ab7420ca4
3b54a2d91eb20dffe721af23f5378d01b404a936ea58cff2ddd2bd7d42eed41d
3c5bc6576b8ef55896b5eb8fcbafb1b6beaa00e33331db90bc56a93c4a0fed94
3c5e218316fa5c99201e30bdfe9c3e5044a45dcb060e14fa12d026a48a53d740
3ce7dfb9eca1da041bd460b0e3ae94c40c5ba93799cc48b445520de36a3b909f
3d1e0bae8a65dbd5daf2f64150f304213c2a541c69480e83fb0a2e2a1a40985d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
43c8b22454fed63fab8f8b06a78f6c73cf1c25189fbbff27506f758d85191e8e
45fde59e6c3998939e2171898db21d8af9c7cdfd260bc38722595efffaca032c
4685064dc487036d5f1604383df79768b73090e1d9d5a6d26a41c55b645c006f
47c2a064595a04eef284052f1c0e2a6eb32c61f04a5238d09ebca7ad16a7c617
47c3229f09a92f232ab9463fb29fa03a6676b15fcec4fe419432c08159fd2b98
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
492294eb78fb67898f1202f544c863c64aa5c79639792740af38afb59474a20d
4b5ed269529aa40268044786c0d3936d6ace2a524dea3015dc75d498e585d199
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4bcbfd05dd5bd99c264d4167f55cd4f4f3ebfd999d458a93a93562123c59a927
4d33b318991e3377aacb24f4f641a4e133d4433d7b0e61f0bbe2fee20abd1f1a
4ea2e619c99231908d6923f542c82afde953ae0680a61af7b4cfc27d93232b6a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50312b216f25ff012bcf3edc5df33b6a92a974b1dbd612cdfef9652a4e291e1c
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5571300fc085741dee82747cc9494a5f68d68cd2793e996590337633233bd633
55f98a30d9736a4ff8493ea589ceb68ce8d4612d4f21ec4d21b2de2753393285
561f57ea6eeb1d79b67d70a401e7d1f580d2234b1579bd3311572b8e0d8f8c20
5696759b7d3d53a36280590f6547b84b5fe2e5eb8a589033da5329007bcee14f
59364725933cdef62ac2c898d9584732be838248862615e2490046b1cce79ca2
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5a57a2203ae6e56c9e05e91ecfdebf81975c949687ddc6ea51f143c573b7f3d1
5a9ae4b724d5e6483a536bd17b1e73d75eb4f98cc0579e810c4f9d6c2a2c346f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5ccab48f1c3eca083d98eb28d02e0c904a278187bf061452b60700300f26b8fd
5d21f6e59514e46c054dc772250efd9d5f32d2f52029e8ed0899526636aa8692
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
60a134814229e23aa2ed1da03a6c9bb606e5cf8d3f2cf4541ade9b0b8564accf
611be0baf2ea50053918643c592afe12a3ba905c564e0841f0dba8154d1d9787
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
64c7c94850bcf993b77e8f8704c00cded4a0c18580d94ebb2c5265f9855fcd2e
673ec34f7e4b5e6ba89286c12490bc794bbe4c5786c22fb0eb96045de6344112
69ba1e6b3b9b25df5e12b16007e0108a6379830a89ddc34d51fb07539f4f752f
6ac8af5a62b0600dbe8262559a94429086a4bc2d762a165521d346c6d7e918d5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f
6f199810c89f705977342b9320f75b9bc35ee84b3bb7d1f59da15bd100d4f2b5
7072c25798bd9320d7fc373f555a8b0a231edea5d7ea7e816245468ec5e005f8
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
71138f095af89cc7dc457ab7d298d1c591944e5b4cf4061d12edd614528c254e
7178e1edceeb8e6ec028888acfcb8b3f8f9678911d0d0239d201992d17541fba
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
749dde7ea65e311c5879e09460045893d0c034594441e21c78bdf42a02a59462
75ad585dd9aeca2614593614f6fd317e98b267e6595ffc18e9675e1c744b7a03
7746c1c5183c0461a0296140659b9c16d75cc4b274861ff009585bc1a0fc7142
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
795534a47cda8149a867c710d77cc20ac76f4554468e632afa23a2faa7f7489e
7957b0f9e5b5b44db55a2ba885dfceeddfae3655eaa533c09058424fab3feda7
798ee3b11097ec24ec25ddaa5573702ebfeda1c3742133e8078a287176b75f02
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7ab4f7fcb8d9e8c057d616c140dc3b17a7756ed7b81b45964bdfa130528cbb21
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7ea6fac3a627c2f31b049af49f0cd8ebb384cfc5a91efa4dc3c6e1ea0af67419
7f3bc7b4be6099584627703c3a0054021b3045faca29c270dde716ed62be9537
80979b94ac7b493bd5c78d559b196de8142463ddb0b87c1ea7c0db97fb2618b8
821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56
82856fcf5dfcdf1a2cc684b7d6db55430e41d6d72f8ff7bffe06719c8dd41c21
82d05798bba6af103ffb18280f2064f97177ccbaf5f5d56e505777184084cab6
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9
8517df26f4879185698dfce061af13f661f021721108590a3e3a68f234fcc3fe
854793ab5c74be01974d157673e73e7d0034bec09c10afa14ca28fc8770b528a
85919f212239c89da29326732909318c57e55ac385e9a6df9e1be00b75de66e3
859adbfc48bb0b06c58fe109db4909585fbca5df398d49185fc0f486bad1ac96
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
897211354bbbae29c006fc3a2eada1ce96279b4b0f50c87eca72764f3276c9ff
8a04e75aa24f06678db6430dc7cd3008236db0553ba6d69bd0f9e365cdb84111
8aa724b4e1fee16d0907d9e600270c6d2c5b92b92fee9dfa86739427bb41145b
8d58c751f457783137834d253633dbaebcce59931c18ad5a6dcc8b3c9bd328df
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f0814404fd437b1558f0e577e5404e3d2636551a8914c0f18bb6743152b5609
8f5b01eea41b3e6c77b9291ef782277c6a8c6fd511ddd898bb960539b9afc1cd
90460476ece91e96a8c19c97102fd1425e7212ab787aeef3cf23892f1a18f999
90f7df500c530563e5246b44d964dc2e4260e0699cc5f3a951ddf0ad1fe4119a
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9251ad8e436d54be0398fe433c665125f99d4f8e28e56d27aae11c5c4c95b04e
938ec77d8622c766bd53998877ba6826b9420ba614d7f9b95fd888e98c99edfa
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
9614f6a4d52eaa5bed3bf717516848ef92fb3dadc5290a3135d33cf13a596156
9660bc3fc184263500f63203061e633f1b3048b50650f4580e5cdcc68605f7b9
96c453ce8111a7ecf20aef999147583521db637dca5e7e4cc3523e2d58385342
96e7caa17c222a2ae2c3c02399c69e3017120cbf77f389d4e78b7142c062a985
9706c1c3c631aa7f63196da4b35852a4984b7d6bd8407f83ac501180c4ade3b0
98dd141a6b8a71eca0ac179f7879d18b7fc6b6522598bc15eb4bec2d3ce0208a
98dd71dde731c6b493dce39a77e2e605f5dce3e84411f1f48c5cfcc97cf594c4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b81223c9ae18f233d049b6653984c1a40d37574ffb18f3093faed9f89de3dd6
9e773633689e3114bce010648744f723a65228e2da4a18be83b2ee1a684a8a99
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a178160505b69f923fe8a09656c6db6d39dba7edb005183426f4f0d273fd3dcb
a1c0f40e229c0b8fe57814d79102dea0f892e053967f66783f67b9c035f278d3
a2897118847c53328ba44d989951bd92a8af19ee5f47cc5f41d585946eb143ca
a2d03a54eaab2a50ce9ad558bab3f88d8fe3e5e5137ce58524f08e36957a882d
a428978ac6d6e099ebe300a285fcd25f9bb91facf7210a830b5df228524b2bc4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58d6fe6ff2d86a7d6defa65c7c5d4ef552366a7b4454bb73dbe4b9dfce5d707
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6c1e57ec9947732b6b05c66c6c3022c33035cf299df4bfbcf86c412a3e6f95d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a905ccf5e6206eef0947abb5e92845a131418a008ec427eab88c8657d41886df
aa48dec78a0c69ebc4867e474e9e68d379ffdb8500710f6e13246453db63c864
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
aa8ab2153beec5132d9268e321035fbee7f935ddcf90294ceb3424f7fe3e5405
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae6d27b8e68c71ab19353ed1ce29fbfbbd640c99d5e5fd854ce4932b111bc747
af45e3a4cfd2c9518f149486d58092885a4a8a8ceb08677aa62c72f5dd0aeea1
b10f796cd4fd81dbb1a7d9c96e7e661dcc52019930b64f4e4da9c7e22646b823
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2146538296db586c0d292da53ac3f34e9e757f123f34ce511394cadb363f41e
b220108e1a2d543d5ad7e8b0357df23ff8caa23ec9b5d2967335eb30a61c6e43
b26ffbf3e283bd62b22d1fdcffa22a01365b3968d4f1e72fc30ded771e990b3e
b31c78186330f87cb0574768a97d262d1d6cff22b9965edd6ed66e545407d8a0
b54777126e9c740c61e9108b19f2e04dd8cbd15e9fd389842fb738828a1bee95
b57c56b3cce79b87247db023162b2906cef6b417ffc15abbc23a8f085ce3f258
b6233685afc11110e694e7ad31c8270c190a7cfdc7e6ec1f513b44b909822a63
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b927edf1265f2093056926ed02d2dc129ea192dc8c01419165f41ccbcf9f9024
b9919de95c42a17aa0277a1552e81c7940256876aec0a5f8332066e339fede92
ba79d2e52b5472b20bb52b1e16d8f9177872c2da393d1b14288c1849c65fd111
bac1a6a9f31b61083384eef4862389aa2136172491e615d83cfbd5c679a02664
bbbc7d59d262467d2edcf1fa496f2ab3c5cf0ef9c419e949e4971a9652750601
bd34bb6ab60052bec78b792a0645cef8212b7e9a1dcdaa5fd402d8cfa3376e70
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdcc2d96d84b3d2481ab11b76a9509c927c8fc601bcd9d191e3192901fba2231
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf860778f7876ce450231b501e81dda7cda2d16a7eab83b4cc90e954673c60e8
c1acda098d79709e6bc9164960a05ebf952f315e469c090ead0511d4a34e068a
c294981d52e77b4f57540d3cb6102146c37f100932605283af8feda953138a00
c4b7e5c41694a58d2c18eefa4d7897bdc10568fc3fc634d4d2c67f30ef732724
c4d7add0cab9dd1ba2dc9bc31591e9f7f1f1df9eff3a34ff1ffbf0b03359c6ef
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7228e8c18366eb7a1a9fe2d4ec1406b40223f30ddc1de468b32237bf326e0f1
c92ef7f4dee726ce16783eb291e298ebd77f5ffe00ddfbc3b82427600512f50d
c9671c66e5ece29de88b9499080ccafa75f547ea2c34edb347d1d239f68b05b4
c982ffd815bb6a9254d1b2a1c538e0c006254edb4576a34b72a7f1b33a229dd6
cb954ef7bc6823e7375fc1d7468666a557448274d0f289f4acc207e1c17e78a7
cc4ff7808b7926245dd76e73f8eb28e57ce0eeeb1f4713856ac8883d8a9b31dd
ceb0e23a140ca8d615cccb1abdbc2bdad2ec66f96ad2ab32ba73aa981e560c67
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf400b2e4d5124b09f91e66e3df10ab0d6d89daeceb53d127204ed732e454164
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf64a1c5fe0a589f22663a9c5766281b24d4ce079a43e73e36e68f67e8a9fa43
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d4f7712ca2d31ecf8056bfde29f31bc69ed86ff1388c5c14e134c211ec7a66bd
d6c5ee6bcce826db9a49505228faa7c52d58457ad42ac0970bdf95967f8779a4
d94cce9ec0cffd5417657d26aa1741a7e3b2b0a5f4232a80d789c1a254c4e2ef
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da0a763cb88419837ee68bec4fde133a4646df0b7ef8de75b953ee09f39c4f76
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
de67ddc86e1ebfae5a26907587b6c323e374913db5379e6782e76b5de62e303d
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df443491539f844f7cc2d51b2dcc180e4415d02fe15a050c7cb7847cdaa9be53
e07e888c40252af49d8bbfdeaba326cdd6d811cfa04fd465944da4c8da00519e
e09e03517424a8ee433640b77d9b2b891919d0a2cf4a01a5d3847b535777a104
e1f3df0344bff995d8fac523f87240b8a08e8675925438d3f3ef785e414141cb
e3174e00c2838db0ad4eef9db201439c4f76fa784b2e965e61c3957ebf4f44a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44684a48d596b56cba6492df2821b18b56fd0b488a77240d415f0eae918abe1
e55db8c8216170be34f4055ae640d88e27ece72c5483453bcfe05cc31dccc6d5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b96fb9f35d81136afe0e19327c54a84adf30b48fad7c5ee9d910662c59fa30
e85af27feceea9b0d42d59458b326b55a15841af68b54b44bedda943bf658563
e8d822877a770864a7f9f69cfb35354a7f22756dbfa278d00eaced41e2a42f8b
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c
ea7fcfb5eefafcfc03481fa3e3c9d6df3d2e2d4cd46a3d0152a520d651274fa5
eacf7ceb775728a12507eabf5e1d345412c992c8e8eea84eeb7ccdce7c192686
eb4369fd4035cfcdb0909dfe5bd140d66231b1f4c6fab17c2b802a4edbf54449
eb72de3f054ecfe84350d5022993fcb749f73e81d6c3a5ba250e925f600b659b
ec34a090e12214c0b4bab7b052961a1ba19abe7d586e9e061956539b58593af6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1997c9e367340679136114a8c59155a3cf2c6746bbaad85cbac72885b3a1d3
ef3880e69c8145d9365f3c981b9a3c8a59e7d0ab3b6dec6a0b304b0d49cca5d8
f007e99aae3723e918b449d1042ce4c387b13eaa71187e12ae222f19711e8c28
f1574cd3fb6f72dc56d5486ada7e7452397d5fa6410139fd04dcfc7210a63b55
f2c535076f890decb7daa0915da7a8b1b3fe5a74ac0ccb86c109a25764121367
f39b3d6563b376a1a313c71860bf85556fd27cdc932388f9b40a8c511ca05dfe
f3aa6e81410c41bfcb0bff1627c0c39b4ca590671054f6af5984ed833c9143a2
f3f59269b56487c644969a6622e30336d2e9167da860552b4bef0f11085d1dcd
f5711e4959eb0f311e3005e867f10b2fdb68f9052d0f7534512805495efdb18d
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb6aaa9d96949e95aba43b687b608cde8ee3d6c5cfadf80679559ea9a8ea64cf
fc7839ea7f4f4b3783abe6b75401d534ad60b3f96e1e54b1d05a3e61c516d8d7
fcf83238e7fd632f6815dd0d6c1c45c5f14058b65a7ba59f16971c6e9acb64a3
fd09ce2ba5ef76b5bc65cc58011e001a25a8c591d68722f04a35d0740e344c18
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75