www.gaflaquiz.xyz Open in urlscan Pro
2a02:4780:24:9ad:b4:fee5:a15e:6e24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gaflaquiz.xyz/
Effective URL:
https://www.gaflaquiz.xyz/
Submission: On November 28 via api (November 28th 2023, 12:36:58 pm UTC) from US — Scanned from DE

Summary HTTP 583 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 77 IPs in 11 countries across 50 domains to perform 583 HTTP transactions. The main IP is 2a02:4780:24:9ad:b4:fee5:a15e:6e24, located in Meppel, Netherlands and belongs to AS-HOSTINGER, CY. The main domain is www.gaflaquiz.xyz.
TLS certificate: Issued by R3 on October 11th 2023. Valid for: 3 months.

This is the only time www.gaflaquiz.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a02:4780:23:... 2a02:4780:23:fb38:ca55:149b:7fb4:e5a3	47583 (AS-HOSTINGER) (AS-HOSTINGER)
21	2a02:4780:24:... 2a02:4780:24:9ad:b4:fee5:a15e:6e24	47583 (AS-HOSTINGER) (AS-HOSTINGER)
7	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
93	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:249... 2600:9000:2491:b800:7:6b7b:1000:93a1	16509 (AMAZON-02) (AMAZON-02)
41	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
5	2606:4700:303... 2606:4700:3038::6815:ea93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	103.231.212.226 103.231.212.226	18229 (CTRLS-AS-...) (CTRLS-AS-IN CtrlS)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 11	52.210.22.122 52.210.22.122	16509 (AMAZON-02) (AMAZON-02)
39	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
13	51.79.79.65 51.79.79.65	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3038::6815:ea92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20 30	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
7 17	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 12	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:400a:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	66.102.1.157 66.102.1.157	15169 (GOOGLE) (GOOGLE)
17	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
5 7	34.242.245.123 34.242.245.123	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:223... 2600:9000:223f:5e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
50	2600:1f13:800... 2600:1f13:800:7780:af6f:8685:5ae:f455	16509 (AMAZON-02) (AMAZON-02)
5	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
4	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:ac00:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:d200:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 4	138.201.63.150 138.201.63.150	24940 (HETZNER-AS) (HETZNER-AS)
54	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:64::a	15169 (GOOGLE) (GOOGLE)
1	52.48.81.28 52.48.81.28	16509 (AMAZON-02) (AMAZON-02)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3	2a05:d018:d29... 2a05:d018:d29:3602:d09c:564c:cd27:b30c	16509 (AMAZON-02) (AMAZON-02)
4	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
12	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2 3	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.42.155.83 13.42.155.83	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.28.119.39 52.28.119.39	16509 (AMAZON-02) (AMAZON-02)
2 2	50.31.142.95 50.31.142.95	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	54.144.205.34 54.144.205.34	14618 (AMAZON-AES) (AMAZON-AES)
2 2	216.52.2.91 216.52.2.91	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
3 3	188.42.105.220 188.42.105.220	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.94 99.86.4.94	16509 (AMAZON-02) (AMAZON-02)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	18.134.20.61 18.134.20.61	16509 (AMAZON-02) (AMAZON-02)
17	51.79.72.196 51.79.72.196	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:6e::9	15169 (GOOGLE) (GOOGLE)
583	77

2 2a02:4780:23:fb38:ca55:149b:7fb4:e5a3 (Meppel, Netherlands) 2 redirects

ASN47583 (AS-HOSTINGER, CY)

gaflaquiz.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:4780:24:9ad:b4:fee5:a15e:6e24 (Meppel, Netherlands)

ASN47583 (AS-HOSTINGER, CY)

www.gaflaquiz.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

93 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:b800:7:6b7b:1000:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdki.truepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
videos.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3038::6815:ea93 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.231.212.226 (India)

ASN18229 (CTRLS-AS-IN CtrlS, IN)
PTR: static-103-231-212-226.ctrls.in

sdk.truepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.210.22.122 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-22-122.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 51.79.79.65 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns568718.ip-51-79-79.net

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea92 (United States)

ASN13335 (CLOUDFLARENET, US)

targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.185.98 (United States) 20 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.64.151.101 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.89.210.244 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:400a:803::2003 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.102.1.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.242.245.123 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-245-123.eu-west-1.compute.amazonaws.com

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:223f:5e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2600:1f13:800:7780:af6f:8685:5ae:f455 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ac00:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:d200:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.150 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de

hal90008.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:64::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5e6nsy.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.81.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-81-28.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:d09c:564c:cd27:b30c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.155.83 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-155-83.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.119.39 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-119-39.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.95 (Hickory Hills, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.205.34 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-205-34.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.91 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.220 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.134.20.61 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-20-61.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 51.79.72.196 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns567732.ip-51-79-72.net

h5.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:6e::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr4---sn-4g5ednsd.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
129	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com ade.googlesyndication.com — Cisco Umbrella Rank: 301	1015 KB
89	doubleclick.net 21 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 bid.g.doubleclick.net — Cisco Umbrella Rank: 802 ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 154836 pubads.g.doubleclick.net — Cisco Umbrella Rank: 401	576 KB
77	adsafeprotected.com 11 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 unified.adsafeprotected.com — Cisco Umbrella Rank: 1595 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570 pixel.adsafeprotected.com — Cisco Umbrella Rank: 736	535 KB
59	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1136 trc.taboola.com — Cisco Umbrella Rank: 705 vidstat.taboola.com — Cisco Umbrella Rank: 3029 am-trc-events.taboola.com — Cisco Umbrella Rank: 16673 images.taboola.com — Cisco Umbrella Rank: 1923 videos.taboola.com — Cisco Umbrella Rank: 6288 imprammp.taboola.com — Cisco Umbrella Rank: 15442 am-match.taboola.com — Cisco Umbrella Rank: 15833 wf.taboola.com — Cisco Umbrella Rank: 3148 am-vid-events.taboola.com — Cisco Umbrella Rank: 15082 vidstatb.taboola.com — Cisco Umbrella Rank: 5039 pips.taboola.com — Cisco Umbrella Rank: 1694 cds.taboola.com — Cisco Umbrella Rank: 1933	1 MB
57	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1173 r5---sn-4g5e6nsy.c.2mdn.net	2 MB
36	vdo.ai a.vdo.ai — Cisco Umbrella Rank: 23484 analytics.vdo.ai — Cisco Umbrella Rank: 22394 targeting.vdo.ai — Cisco Umbrella Rank: 25220 h5.vdo.ai — Cisco Umbrella Rank: 24763	5 MB
24	gstatic.com csi.gstatic.com fonts.gstatic.com www.gstatic.com	49 KB
23	gaflaquiz.xyz 2 redirects gaflaquiz.xyz www.gaflaquiz.xyz	357 KB
17	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	11 KB
12	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	9 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 447	505 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38186 hal90008.redintelligence.net — Cisco Umbrella Rank: 263856	38 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	446 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	566 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	86 KB
6	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	29 KB
6	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4351 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	10 KB
6	truepush.com sdki.truepush.com — Cisco Umbrella Rank: 84147 sdk.truepush.com — Cisco Umbrella Rank: 109569	22 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 us-u.openx.net — Cisco Umbrella Rank: 522	1012 B
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105	2 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926	8 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	69 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 30616 api.webgains.io — Cisco Umbrella Rank: 91573	19 KB
3	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 30346	1 KB
3	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 44040	2 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	445 B
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	588 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 683	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 580	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1403	326 B
2	media01.eu pb.media01.eu — Cisco Umbrella Rank: 74479	696 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	34 KB
1	googlevideo.com rr4---sn-4g5ednsd.googlevideo.com — Cisco Umbrella Rank: 81546
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	2 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 107304	436 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 689	1 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	146 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 795	717 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 62639	2 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 18131	703 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 217997	923 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1383	5 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
583	50

	Domain	Requested by
83	pagead2.googlesyndication.com	www.gaflaquiz.xyz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com fw.adsafeprotected.com 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com www.googletagservices.com imasdk.googleapis.com
54	s0.2mdn.net	www.gaflaquiz.xyz s0.2mdn.net googleads.g.doubleclick.net imasdk.googleapis.com
50	dt.adsafeprotected.com	googleads.g.doubleclick.net www.gaflaquiz.xyz 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
39	tpc.googlesyndication.com	googleads.g.doubleclick.net www.gaflaquiz.xyz tpc.googlesyndication.com imasdk.googleapis.com 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com pagead2.googlesyndication.com
35	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.gaflaquiz.xyz 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
30	cm.g.doubleclick.net	20 redirects googleads.g.doubleclick.net 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com www.gaflaquiz.xyz
21	www.gaflaquiz.xyz	www.gaflaquiz.xyz
19	csi.gstatic.com	imasdk.googleapis.com
17	h5.vdo.ai	www.gaflaquiz.xyz a.vdo.ai
17	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
13	images.taboola.com	www.gaflaquiz.xyz
13	am-trc-events.taboola.com	www.gaflaquiz.xyz
13	analytics.vdo.ai	a.vdo.ai
12	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
10	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com www.gaflaquiz.xyz
10	fw.adsafeprotected.com	5 redirects googleads.g.doubleclick.net www.gaflaquiz.xyz
10	cdn.taboola.com	www.gaflaquiz.xyz cdn.taboola.com
9	static.adsafeprotected.com	googleads.g.doubleclick.net www.gaflaquiz.xyz 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
7	googleads4.g.doubleclick.net	www.gaflaquiz.xyz
7	unified.adsafeprotected.com	5 redirects imasdk.googleapis.com www.gaflaquiz.xyz
7	www.googletagservices.com	googleads.g.doubleclick.net www.gaflaquiz.xyz 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
7	www.googletagmanager.com	www.gaflaquiz.xyz www.googletagmanager.com a.vdo.ai adv.office-partner.de
6	cdnjs.cloudflare.com	s0.2mdn.net
5	ade.googlesyndication.com	www.gaflaquiz.xyz
5	ad.doubleclick.net	googleads.g.doubleclick.net www.gaflaquiz.xyz
5	imasdk.googleapis.com	googleads.g.doubleclick.net a.vdo.ai imasdk.googleapis.com
5	fonts.googleapis.com	googleads.g.doubleclick.net client hal90008.redintelligence.net
5	a.vdo.ai	www.gaflaquiz.xyz a.vdo.ai
4	eus.rubiconproject.com	imprammp.taboola.com eus.rubiconproject.com am-match.taboola.com
4	hal90008.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90008.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90008.redintelligence.net
3	pubads.g.doubleclick.net	imasdk.googleapis.com
3	www.youtube.com	a.vdo.ai www.youtube.com
3	sync.gonet-ads.com	3 redirects
3	pv.medialead.de	2 redirects hal90008.redintelligence.net
3	pr-bh.ybp.yahoo.com	am-match.taboola.com imprammp.taboola.com
3	match.adsrvr.org	am-match.taboola.com imprammp.taboola.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	bid.g.doubleclick.net	imasdk.googleapis.com googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	a.vdo.ai securepubads.g.doubleclick.net
3	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net
3	sdk.truepush.com	sdki.truepush.com
3	sdki.truepush.com	www.gaflaquiz.xyz sdki.truepush.com
2	api.webgains.io	analytics.webgains.io
2	onetag-sys.com	1 redirects 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
2	ap.lijit.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	5994599.fls.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.google.com	8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com tpc.googlesyndication.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	pb.media01.eu	hal90008.redintelligence.net googleads.g.doubleclick.net
2	am-vid-events.taboola.com	www.gaflaquiz.xyz
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	r5---sn-4g5e6nsy.c.2mdn.net	www.gaflaquiz.xyz
2	ups.analytics.yahoo.com	connectid.analytics.yahoo.com am-match.taboola.com
2	oajs.openx.net	1 redirects www.gaflaquiz.xyz
2	8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	region1.analytics.google.com	www.googletagmanager.com
2	trc.taboola.com	cdn.taboola.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	gaflaquiz.xyz	2 redirects
1	rr4---sn-4g5ednsd.googlevideo.com
1	yt3.ggpht.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	sync.srv.stackadapt.com	1 redirects
1	x.bidswitch.net	8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	track.webgains.com	googleads.g.doubleclick.net
1	pixel.adsafeprotected.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	vidstatb.taboola.com	www.gaflaquiz.xyz
1	www.awin1.com	hal90008.redintelligence.net
1	adv.office-partner.de	hal90008.redintelligence.net
1	mug.criteo.com	www.gaflaquiz.xyz
1	imprammp.taboola.com	vidstat.taboola.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	gcdn.2mdn.net	1 redirects
1	id5-sync.com	cdn.id5-sync.com
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	videos.taboola.com	www.gaflaquiz.xyz
1	www.google.de	www.gaflaquiz.xyz
1	stats.g.doubleclick.net	www.googletagmanager.com
1	targeting.vdo.ai	a.vdo.ai
583	100

This site contains links to these domains. Also see Links.

Domain
popup.taboola.com
search.onetag.com
nwcw49.qmggzhj.com
tracking.mb-trk.com
rfvtgb.housecoast.com
88fd29.llsdzktnxwnnr.com
bestoffersalways.com
vdo.ai
trc.taboola.com
mustreadmoment.com
www.tippsundtricks.co
daremessage.xyz
www.facebook.com
www.instagram.com
twitter.com
www.bestfriendquiz.xyz
www.gaflaz.com
www.flamesgame.xyz

Subject Issuer	Validity	Valid
gaflaquiz.xyz R3	`2023-10-11` - `2024-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sdki.truepush.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
vdo.ai E1	`2023-11-11` - `2024-02-09`	3 months	crt.sh
*.truepush.com R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2023-08-28` - `2024-09-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
wrapper-vast.adsafeprotected.com Amazon RSA 2048 M03	`2023-09-17` - `2024-10-14`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
pv.medialead.de R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 56 frames:

Primary Page: https://www.gaflaquiz.xyz/
Frame ID: 50B7A62D0A90D80C5492A9ADE05523BE
Requests: 159 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: C012973873893FF380DB4D28E73E5475
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=90&slotname=7951882379&adk=4164559049&adf=1839787983&pi=t.ma~as.7951882379&w=728&lmt=1701175007&format=728x90&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007196&bpp=3&bdt=328&idt=184&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=8115316249199&frm=20&pv=2&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195
Frame ID: 27968388B29770B94596CEC3E2804C12
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=9578285275&adk=3645834497&adf=3077256435&pi=t.ma~as.9578285275&w=750&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007199&bpp=1&bdt=332&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197
Frame ID: DFF1E0DEC700BCDB85B9CD424628F82C
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200
Frame ID: FE2C07EE7B834B9034767BF15EDC79C3
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&adk=1812271804&adf=3025194257&lmt=1701175007&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007216&bpp=1&bdt=348&idt=186&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280%2C360x280&nras=1&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=195
Frame ID: AD48C6A33573264E43E685D378A2177F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNU9mLlbcfJ7cJ4AgR2p4_kic_PHLw4QMEtcX_xPVx1TCAWhnzlt_hTDnRntzDrkMM_ztRTpaTogCvs5T9ygjYOB1k0UHtGT64CMIJ_v6Bdhk9S08xzHnnhuFx9xNYw8SOkPQkVFUIpFzBynxByCszUVy3tTi1M9qnXn0ik1QNCUPbaE2lg
Frame ID: B2E44EC9E3FBF33035B8FAF840505310
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWron_z0rnM8bmkV4XK3N_l62yA0iEPKsYJp3ZyalIcc0QgDnx-hIou57574Fazsn5KHG6af8p3zp5mLdTge9XQ5acqcFtvSAjWFKHAZMrT70WfNrdxMMFUFi_Sb271zR_C2S-huM8lsKYMVKVyupyEpYuo267q7oK7cgwuMilho46rXdE
Frame ID: 5175EACD22A01E37895590292EDBFF1A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E19B55F1B11027F9DDBE2CCC54B8B6C1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 43DBDE524E9667B2248606DD689C63FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1B52C374ECC2F72B94549FFCEDB18A6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: DBBD9FE4DC236A9AB820A11078C348F3
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNVpuoTpvI0n2h4IPIXGzc_bDxhlYmdfpRGjUuaC83nN1FlwTQOYRXCPTyLHhKkCxSDjvQogvKEloTFnygH8TNO6VMw2AiZ8McD6U1wDR9H-2seg-YKdw8KRZDGQqrBDjP-3bIJUJ8vEUB5u4fDpGVHk6kuXYBnxsDUcj9cUAZ904-81tWc
Frame ID: FD096C6CE941694944B24436E56262B1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B222BA48845E93A12C10D0A27D1918E0
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNX2ABD-kQtjr0LkTAFY1BxCT87fjEjoU4aU8yiAMp8a_OzBwLFTRSb8QfQQdOmXWzaXFDKfaiKX2IsgZheiYjr-X1DEEBJOsGBneio2Gt_a22hqvWB_shpNm4nI_CX7Bbg1eBnoc71JfDw4xlJkgJox0NWSTncDrrKMnSQiM_p7TRNxN1g
Frame ID: 3E2F742E0BDE7D1C6E6CB575454AB0A7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: EC1874263D233898054C00552B52BAF0
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNWWqbB_FPRI5kWSbuk4noPIahAfCC5DRSVhk89WYU7ppm5hjHCVffUOnrxxGHB_BjrboPixK2m_GCH3dw7-b_movoxzTwP1pZOyH1hdaVx7s5GD9_c9BOPw_y3yvJ6vFQuzY_SUlp7tYOuFa8mCq7xqocaCEmQTf_VsC3BSWV0tdosc60g
Frame ID: 6B874F957EDFA6EE53EE23F0CED09071
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C0960CB9DFC38C9D147A957472DF431A
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 4C860612A84D6136B78253B4B126CB2E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C2CB45F219CEA317C0927A571A2F9A7E
Requests: 3 HTTP requests in this frame

Frame: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E7961BAC70DB35D6E7CF72708CE13254
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 61D970859A4D374CC84AAC541DC7ED22
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: D389DF1284D0E3C808A9FDC270D8D430
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&cmcv=&pix=undefined&cb=1701175008651&uv=148355465&tms=1701175008651&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!uftchrwf_vC!ul148355-465_vA!unf_vC&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=a3681b2f-be07-4848-9b64-e8f97f5a9f88&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 5282020819958EF0D6F831B665E5A092
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: FA6CB140F06E174222F91F90518007E6
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.gaflaquiz.xyz
Frame ID: 7D210982F8407F0BD87D013BA15E945C
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
Frame ID: 7883B3D5D5B7E82B64D49FE5BFA9284C
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 8C25FB9875946ED89DD5E2A0FD7E2AC6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 5F1CCE21DC5847F5E656E6952833AEC2
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3D035BF5C9173A9B9E874767587A8617
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: A74B05651D6898D57585765CCF311916
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1885E58A91FE8414233BCA505589497D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
Frame ID: 1AE16AE9733C12B4B1C469956425B2B3
Requests: 14 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CD7FE9A945F872D2889378F77F701C31
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BE29E267D991C25844CD1FF36C6523A6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
Frame ID: 13630308CF2538F910E57D9BFCE66622
Requests: 14 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97448700089785004444550012522008&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 296AEF53A6F7FE183BE942BE0D2F73A6
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 150EADDD30A5D3A9BA4F9E82B0F1AA21
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2DDD5C1D8F227BE86B8738A580859F5F
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 91224AFD86888809F1E36AD33FC15386
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 7D02848C7B36E751A050E01ACCFC0FF1
Requests: 1 HTTP requests in this frame

Frame: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F95E414B9D3B454961C36053B31025BD
Requests: 31 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: F9B47F648CD3EB164196077DB618FD02
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNqU3_QBMAE&v=APEucNVzt-pyBTd9hG_WZ5fCDo52z4nelCm-uGBUpXzsoU5LMuv6w02MKmQkbA4e7_ZxASDVnxu3G5FNx6kdGzsrFoCCL5K1lFFTtiBI1ojRXuMjV7JQvzLFoyqZeKCULqCczmI3H2bzLnKFmJ_cvEUhJHm_sQIbzpCxjJiIn2JWCqUFUGFZehkSCPtGCzvZ7GgPGRfRt1BGYlTA1kXz-FhkTbCSNeUBMg
Frame ID: D6E85BC905CA75D688FF868C850ABD50
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
Frame ID: 6116EE033517F240722A00813F4C0EC5
Requests: 7 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO73nOHa5oIDFepSkQUdlLQJqw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4025007127999.656
Frame ID: 77B23F81245A38FE935F03D865F0F42F
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=97448700089785004444550012522008&a=e5139f04
Frame ID: 45036E1454B9D508DAB90D0402DC51C3
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 88D55377C738F08EC9BA6C8993F20F0D
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6DFE36154CB7B6A2F0FA7D7D1FE79998
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 564F810C2D0FCCCC831A2EB934AC548F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
Frame ID: 67EAC5F21E2016F594E76F25C7ED7866
Requests: 14 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 6E12E45690C008370AA71081768760ED
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6E8C35DE8F28DBD5AE0264919A209D3D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 71526C04C686D77A46A6843512ADE6F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7A7FC709D841DE870D7B11199263405E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 4EA775C50A57C13029F57FEBBCF4B7C0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gafla Quiz - Love Calculator, Friendship Dare, Whatsapp Dare, Secret Message

Page URL History Show full URLs

http://gaflaquiz.xyz/ HTTP 301
https://gaflaquiz.xyz/ HTTP 301
https://www.gaflaquiz.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

583
Requests

92 %
HTTPS

47 %
IPv6

50
Domains

100
Subdomains

77
IPs

11
Countries

13339 kB
Transfer

29424 kB
Size

40
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=secretmessage-gaflaquiz&utm_medium=referral&utm_content=thumbnails-below:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://search.onetag.com/search
Title: Buichhaltungsprogramme | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://nwcw49.qmggzhj.com/
Title: Antifaltencremes | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://tracking.mb-trk.com/
Title: SUV Angebote | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://rfvtgb.housecoast.com/worldwide/auto-hacks-autobesitzer-ta-ge
Title: House Coast

Search URL Search Domain Scan URL

URL: https://88fd29.llsdzktnxwnnr.com/
Title: Elektroauto | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://bestoffersalways.com/cf/r/65415df76b473e00197f8133
Title: Treppenlifte Preise | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://vdo.ai/contact?utm_medium=video&utm_term=gaflaquiz.xyz&utm_source=vdoai_logo

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=secretmessage-gaflaquiz&utm_medium=referral&utm_content=thumbnails-right:Right%20Rail%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/secretmessage-gaflaquiz/log/3/click?pi=%2F&ri=2c1fde698da3f3e8340e9e640e7650af&sd=v2_234532c2daf90f5c5bd288120ec3e8cb_2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f_1701175007_1701175007_CNawjgYQj8BWGP2zuq_BMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABoi7KQoMnujt4ucAA&ui=2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f&it=text&ii=~~V1~~-5602559405384189683~~yAjXuzUomIOz0UW3evF-sXusLvzymXRea6Cj3MOB9s43wOLd7oDEDwhx6AIn0BIe8SMWcidVX_lf5kXyk8dgwHRWjspL8jo6Fo3VBOY9U_GFnAQIAgTexK56Uo4AOCynTZmfHmbmRr17o5Ad-JuTyCJlE4JDOSlHPk-_ybC02U0&pt=text&li=rbox-t2m&sig=993d9d5b35584b0a68761b5b519bcf118276618837b7&redir=https%3A%2F%2Fsearch.onetag.com%2Fsearch%3Fq%3Dbuichhaltungsprogramme%26source%3Dtaboola%26tbc%3DGiBdLEtERm8LpV5YYNO1VbFf3lyM3BKji8j-LFaTjtiHGSCyx1EoxsLsyOHiyMO1AQ%26campaign_id%3D29388190%26site_id%3D1417231%26ad_id%3D3843055765%26t%3D1%26m%3D0%26pa%3D1%26st%3Db25ldGFnX24yc194bWxiXzI1OTBfYm9vX29uZXRhZ3NlYXJjaA%3D%3D%26n%3D1%26c%3D1%26cc%3D1%26pal%3Dlist%26pap%3Dbefore%26h%3D1%26ts%3D80%26cc%3D1%26rnt%3D60%26tblci%3DGiBdLEtERm8LpV5YYNO1VbFf3lyM3BKji8j-LFaTjtiHGSCyx1EoxsLsyOHiyMO1AQ%23tblciGiBdLEtERm8LpV5YYNO1VbFf3lyM3BKji8j-LFaTjtiHGSCyx1EoxsLsyOHiyMO1AQ&vi=1701175007741&p=onetaglimited&r=76&tvi48=10143&tvi50=9864&lti=deflated&ppb=CNUE&cpb=EhIyMDIzMTEyOC03LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE0NjiAtMvLDUCb4wlIhIoQUNTJ2QNY____________AWMI0DcQn08YMGRjCKo1EIhNGDJkYwjN__________8BEM3__________wEYM2RjCNcWENUfGCNkYwjSAxDgBhgIZGMIlhQQnhwYGGRjCIIvENY-GAlkYwj0FBCeHRgfZGMIpCcQgzUYL2R4AYABAogBk_7figKQARyYAaa0uq_BMQ&cta=true
Title: Hier klicken

Search URL Search Domain Scan URL

URL: https://mustreadmoment.com/cl/22126-de
Title: Must Read Moment

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/secretmessage-gaflaquiz/log/3/click?pi=%2F&ri=2c1fde698da3f3e8340e9e640e7650af&sd=v2_234532c2daf90f5c5bd288120ec3e8cb_2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f_1701175007_1701175007_CNawjgYQj8BWGP2zuq_BMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABoi7KQoMnujt4ucAA&ui=2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f&it=text&ii=~~V1~~-3686983308041551352~~bHyzVGUzKd-yTaU_6WnQIWEwOXRyOHGPJjVTg3GH8hfnoZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgwvFg07WPu7ezROxGyxYeqU9BtHnD4kz5usEWVzFLAYCOEg_ePpF4fXVGOIeWbSMFExlnNI0DHuIdQ7F0i4Pu1cGhN4iu3mzH_J0OL2fZJPMbfRy6_lOeER4Xej-0iqi70irk7qOXwrzn9b2gkHue2C&pt=text&li=rbox-t2m&sig=c0b5d1baee8898de0638b63c671e3d1b3f94bab2f55d&redir=https%3A%2F%2Ftracking.mb-trk.com%2F%3Fflux_fts%3Dticxqqpozoititxzzaqetzzoxpziixotzqollpcd8958%26tbl_cid%3DGiBdLEtERm8LpV5YYNO1VbFf3lyM3BKji8j-LFaTjtiHGSCA3lAo4oXVxLiM_ObTAQ%26site%3Dsecretmessage-gaflaquiz%26site_id%3D1417231%26adtitle%3DNeue%2Bmobile%2BTreppenlifte%2Berfordern%2Bkeine%2BInstallation%26platform%3DDesktop%26campaign_id%3D27487140%26adid%3D3730572680%26creative%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252FIMAGE_UPSCALER%252FEIU%252F167aae77-f249-4e87-aa2e-90ede9463481__cK6e8Zid.jpg%26campnm%3DTaboola_StairLift_All_DE_27487140N1_All_Mcon_TN%26sitenm%3Dgaflaquiz.xyz%23tblciGiBdLEtERm8LpV5YYNO1VbFf3lyM3BKji8j-LFaTjtiHGSCA3lAo4oXVxLiM_ObTAQ&vi=1701175007741&p=perionclientconnect-12-tonic-sc&r=34&tvi48=10143&tvi50=9864&lti=deflated&ppb=CNUE&cpb=EhIyMDIzMTEyOC03LVJFTEVBU0UYASCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDE0NjiAtMvLDUCb4wlIhIoQUNTJ2QNY____________AWMI0DcQn08YMGRjCKo1EIhNGDJkYwjN__________8BEM3__________wEYM2RjCNcWENUfGCNkYwjSAxDgBhgIZGMIlhQQnhwYGGRjCIIvENY-GAlkYwj0FBCeHRgfZGMIpCcQgzUYL2R4AYABAogBk_7figKQARyYAaa0uq_BMQ&cta=true
Title: Hier klicken

Search URL Search Domain Scan URL

URL: https://www.tippsundtricks.co/gesundheit/finger-persoenlichkeit/
Title: Tipps Und Tricks

Search URL Search Domain Scan URL

URL: https://daremessage.xyz/?pfrom=gafla

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gaflaquiz

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gaflagames/

Search URL Search Domain Scan URL

URL: http://twitter.com/gaflaquiz

Search URL Search Domain Scan URL

URL: https://www.bestfriendquiz.xyz/?pfrom=gafla
Title: Best Friend Quiz

Search URL Search Domain Scan URL

URL: https://www.gaflaz.com/?pfrom=gaflaquiz
Title: Personality Quiz

Search URL Search Domain Scan URL

URL: https://www.flamesgame.xyz/flames-calculator/?pfrom=gafla
Title: FLAMES calculator Prank

Search URL Search Domain Scan URL

URL: https://www.flamesgame.xyz/
Title: Flames Game

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=secretmessage-gaflaquiz&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en
Title: Ad

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gaflaquiz.xyz/ HTTP 301
https://gaflaquiz.xyz/ HTTP 301
https://www.gaflaquiz.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECeYd6GPCp8M2aG7ItULUWc&google_cver=1

Request Chain 62

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXe4Mm3EOp3ikkf3ajvaAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEC4HkPI7lmrVGjTrkhmZ_v4&google_cver=1

Request Chain 64

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

Request Chain 66

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXe4Mm3EOp3ikkf3ajvaAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

Request Chain 68

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

Request Chain 163

https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DTJfZuu1nVZBC2aprBXKb-3ZFSdulTYrftp9jmGGQRUl1up5gR7GaFi9872j6ZNbAx92aWkPUe--Wk9NPGhHwpu5CyrxoPwy2W1khgTr3U_0Wr2H7Qlcrlr6_m98797kXjUpPvFVJvm3ZAxwO59GE-qxG_XuWugqAdvmskBYOsrrgsoRYS-RQAoCZ_4LkOtTZwUYJC8WH-z4oal2al94F2LCeqAmkPBQ9kET9LMDCrHdR7xnyzp-0-PXyB7AMq7xGxzhES8nQwTdTCiVaqxsKrc8znqKUgVo_wW-ymAE871NOuy_ybWh_xvancMr1yJyhNydSicuYRKStr1fqaZ72tSRq--iT5HSVWt5ewW784HJjFfw2N86u9mSTvFHAc7TlyUvG3lZoDj2fzSLgn6holYWzOfA0r8Ew2i0ic7babhGNQFhLDB8xWbz_q15yh5IOIKhXJWAGI2eRwfh5aU7jgBPvLoB1QWUtIHBwHY8GSqy4fKRyxGYzgcFFnaXHMPzyJ5M7LG61tbzW-Hj3tFiUi3Q-Y7pLbG5uySgkcJYDCSfHfi7fNbskceSI1BoKclHySTtXlxAJwk9YOHOIHt9zSgDpvnykK_Rgus0nEC0ZgUQ2gqwDxqKRmtwqEYDPTtpbBYHL2t4-n-CE2wgtmK9mjA-Ih0Bhvamyo0D0lSYWgGVWw8UQkN3N0hHlHPgDUa8AKRsBw4YRH_FBZQc6Lswn8zFXKvuHN9KLUXtWhigjVNJFWVnSH7bLYwWd09i7cYmuKb7Km_jWZpSo_zHX1oZrDe7WGS4w4PWrZbpzCK9f0BJAvfYgYw5KbWWYn_tV0W4io8w_pV7THtiKKi_f6-EmX5nrd33HYK42fCcUmG6gTNAiJFFUBQnuPXWriOZMpYztEJMtbDkL1dMjYvutZ0s3cOrkItninwyd498ZHYe3N8Ea9QgkzkCLQPJl9bruotV1D2sF2NM-WWUXV_8BA4QrFzCno49xAGT-_4Wm98zumnlq_kKe9MJm35dFPGsFOtywHkMiUwxf4p0AHPJJNPpAji8GPjafL9_1fhvulqUPHj0_eGqd-PYU1_JbnGgVZO_fbG4D87cAoiVxMmoSb9IMtsQxF93P9gi1RBgA6c_lLNC13b6JDmrjjLKuyWhy-SuKpfvdqhUHe8gbkxZ_kjnCzqu-6Mo4atHv2a72J3d0PbdlDK1ArPWlqk5L4O-cQjAsRr1eDFKrZAtUf3SjBx-EWb40N2Ni410U3ZWJNIixSv6EoI3A5qfLabuf0QXQ_iPv6r2OuRGWMMp92KOwveJ9R8hyZCdWZFmqKzQR_nGKHbhB7u5ywqokrU8t9w1K9VXsn15KsaZnBzohO4-Pk76_SP8Qh1vmSqoXcspYz6YDQ-lnEL1cF6u2h7v7hRzddpRyEXtZGKFCTDKraA6z9bJTJn2DEjgXYWCvIpioiaW6A-xjDYPCpghJhp3d1hhjjfi3Sjm1c1xA3Wmrj35LYyC9vWzBpBuG9VVgBPai-G95LZIBp2NnayY3wen7k1qguXkciDnDI3vGuUZfw7o6Y8aReP973duUzd0zyqRTv7gl4beOppS6mKubk_aERQVEC9Sol1HrxCVa6t4mki1765xQF2z9CEqBPg4iqWoKpPWrJbakNpNoodZsfM_cguglWas8KK9zHWxKQNO-25WJ6SwTRcO3SEQV-BPHnS3wFAZru0R7e1S3GtzK1SvpvjmcZ29nrs7h0dBYA8h7Ryx2IUXqgPG1DfNVG_UK64NL_9KStoHB_HJs9EhsgxpHoYBN-_Z6V8kTqmy3frs-AJ5c7qMXCNG6iK4TdDoG0CosoE_h9W9kEwyo_vHfP6cW9y7ymX6AIA0MRb8oeEr-_miPU24cJktnsk1-mi4Fo6fXxQ_ir1XPOwglQR7SqR2yEzBPVyVqA5aQ5Vr6Q4_Bz-rHkgKW1hPD3TfZ0OiY0u9i8ilAOsc-ZzEHqDMClUvJjEjVk-LRuh4wjz5VHB9rGqDUExSJIjTsqnJOLrH6rTQF6sYPuyVWs_UxvnKKXVNr5qQ20C1--_FRBPs5lmnkNQoLvR5yBfDa1JlxkECo2YtD98rsMSeC3Lo4_xSxXtiEZyWjNFeSxmf4P2zLtK-pAlaGoMaxJbCwoKLb6J16AOnl-VvJ4H_o7_rf5l8iqvkPgcNzUv0YUxxbkv4wLO7MI41U3juLQAAydWByt6o4GldOD7tCTmixhYwfsvArM1_vwL0PQj0-wgXM42X1HbdaSI5q5cLLA0NiAibR0JGxSGuHZ_Fv3O1OLTHmF4IPoWFDSMMURi55fiz-992DYFrhbz85x1RMN2eHUjIQUWSYZm6mUMvQSLnwSbG3WJzeHzm_B7MEQiC5MpB1XVbwgmhBSlP5Q6Np_hGt7QcuLh_T-zRhaj3EsfFMYgguOhdNtGt9dAvkWQ5LtbIQtJ77z816mGc4mqsGSUVtwy2CtHL54HkiMJNxADU_bmLn066-91LBRStuDTr6wOb5QdAmI3A9fkIG76n6t_QyRy7K04mKgLdNZB7_XBFfHc-ZRWiCEEnDFKIUvG1Df0S00A2YPm26MXJ0OnEWgnX3pXvV6PPMrLIsXrPUUmj2YCsH6cO47lqO6FVblNAX4aDCb4QBqebI3hBCqfe1fRwXlii_9fbHJ9JtjsF3QGGcUtGs1optSMtqxSdSZQR6kO9wYUJM7m4Qy6bTZPHtDPL3F-1YVA0BaK-N4PADyDCE1rNbomQ5oNpyE41N0Jab_hvyPPDd-MPr4gwDcOgzXI2WrpcN3gB1CnEMWzgFQ4J-l7wYrBBSl2GR7Bx83C7R0XIWROsAT1SyXzd7RYQUp8OGXUcbCX5oYzumeOzVTl8K7iHMDmJjcnZRY2ktsaMkpp0ZADMYUMEZNLmnfEFCbXin-MJM8XOKjqcAuDCIYJ8BGDLF9fSLLXiGt2MOSpj9iC-1FGpvoTAptWssdlxb-JHcG4AQZ9JoaUC9SK_c1YqMOZ4bPEE2KzHyEadlkiAj7tB6lvkynh_6nL8kePYs9MBV6cxhA7dWFMpueKkn17mxOutNbDykMlkcvVCVChyIqq-VgXI5mYbiiUgNahTpdnp_1MnkhTmFnAqxl2ekszBZPUA0WDND5KjhpcTIlkdQMN_YRMlOvZgYu3gt6wAayEgOShdVK0OIvnbjHckghu7FtXrQVTxvEeTzSH7ODg06fnIBRrUzGYGfEKEF0O2rvyOGawdMumuYVvNtkal8-Tc5Aa8LKyoy9GH29n7vZsDpxL-0BiX5JSMjicOE4ldCJoY3J0LX_n72skQb8Z9ZRxHKHykzUseQXWp2t97tNUUN5Y5dq0CXYViEhK2SyDWDknQigNZfdViBCqMz4zgu-5BtyMjbQqzCmIW623IIRdaqsMv7DaYlmqlBUSmoja_k2HCdZEhL7t9liCzRtGm3Rp30NvaTgQFKfajVzEVCzPs4lLsbNJpLrFmU6kHwlW6BRIeij66kWoiD4Yx3j04eekvo0wlCxFSIS9NMZf90-mhVjuJbvGeEnNz7j-5E-VpM0VxceoZtRH5CiTRsZfJ8dUvVlisVRKQBLLvR5YfoOEk3050zaCs6NGgenRKMh4wEF6wM5AXaO23K47pCPHHC138tGu_mxAm2w5dLlu-LMusEkYnWaz8AzGc7y9hZuoqKLMWWP9m9ADR6cO6HYCaiBckG1rB8UCqPOX4d185UX4T_HNP3hFrXIMxDOwurX6GLQCSWqS8cUjmfFUNk2gQUHQRpVCAQSTwDICaaNq-Izz6zxkWywYtVA51b1HjEs_K7e2vpm0pJOxmG4Jp9xwsLuz9tMybWUBX8VnUGOlN1EPP9_MC7xj2IOQvCTZWjQAfPf-Rc0MOkYAWAB&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20118583893&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0g7PQ8r_W1GGJQIOqhpKqR2&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2462751652998210%26output%3Dhtml%26h%3D280%26slotname%3D7647785186%26adk%3D3458766646%26adf%3D734745017%26pi%3Dt.ma~as.7647785186%26w%3D360%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701175007%26rafmt%3D1%26format%3D360x280%26url%3Dhttps%253A%252F%252Fwww.gaflaquiz.xyz%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701175007200%26bpp%3D1%26bdt%3D333%26idt%3D198%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C750x280%26correlator%3D8115316249199%26frm%3D20%26pv%3D1%26ga_vid%3D344698243.1701175007%26ga_sid%3D1701175007%26ga_hid%3D2132356980%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1010%26ady%3D118%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C42531706%252C42532524%252C44809315%252C31078301%252C44807764%252C44808149%252C44808284%252C44809054%26oid%3D2%26pvsid%3D2450216882897498%26tmod%3D708313881%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D200&adsafe_type=d&adsafe_jsinfo=,id:c8985277-ad2d-bbc1-e794-f48fee1f98d1,c:vgJBz6,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-kvnrs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tWUkY1M+11%7C121%7C13%7C14*.1474271-76103297%7C141%7C15%7C16%7C17%7C1811%7C1911%7C1a1,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:cc0b729a-8dea-11ee-bb56-56c29d3db588,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DTJfZuu1nVZBC2aprBXKb-3ZFSdulTYrftp9jmGGQRUl1up5gR7GaFi9872j6ZNbAx92aWkPUe--Wk9NPGhHwpu5CyrxoPwy2W1khgTr3U_0Wr2H7Qlcrlr6_m98797kXjUpPvFVJvm3ZAxwO59GE-qxG_XuWugqAdvmskBYOsrrgsoRYS-RQAoCZ_4LkOtTZwUYJC8WH-z4oal2al94F2LCeqAmkPBQ9kET9LMDCrHdR7xnyzp-0-PXyB7AMq7xGxzhES8nQwTdTCiVaqxsKrc8znqKUgVo_wW-ymAE871NOuy_ybWh_xvancMr1yJyhNydSicuYRKStr1fqaZ72tSRq--iT5HSVWt5ewW784HJjFfw2N86u9mSTvFHAc7TlyUvG3lZoDj2fzSLgn6holYWzOfA0r8Ew2i0ic7babhGNQFhLDB8xWbz_q15yh5IOIKhXJWAGI2eRwfh5aU7jgBPvLoB1QWUtIHBwHY8GSqy4fKRyxGYzgcFFnaXHMPzyJ5M7LG61tbzW-Hj3tFiUi3Q-Y7pLbG5uySgkcJYDCSfHfi7fNbskceSI1BoKclHySTtXlxAJwk9YOHOIHt9zSgDpvnykK_Rgus0nEC0ZgUQ2gqwDxqKRmtwqEYDPTtpbBYHL2t4-n-CE2wgtmK9mjA-Ih0Bhvamyo0D0lSYWgGVWw8UQkN3N0hHlHPgDUa8AKRsBw4YRH_FBZQc6Lswn8zFXKvuHN9KLUXtWhigjVNJFWVnSH7bLYwWd09i7cYmuKb7Km_jWZpSo_zHX1oZrDe7WGS4w4PWrZbpzCK9f0BJAvfYgYw5KbWWYn_tV0W4io8w_pV7THtiKKi_f6-EmX5nrd33HYK42fCcUmG6gTNAiJFFUBQnuPXWriOZMpYztEJMtbDkL1dMjYvutZ0s3cOrkItninwyd498ZHYe3N8Ea9QgkzkCLQPJl9bruotV1D2sF2NM-WWUXV_8BA4QrFzCno49xAGT-_4Wm98zumnlq_kKe9MJm35dFPGsFOtywHkMiUwxf4p0AHPJJNPpAji8GPjafL9_1fhvulqUPHj0_eGqd-PYU1_JbnGgVZO_fbG4D87cAoiVxMmoSb9IMtsQxF93P9gi1RBgA6c_lLNC13b6JDmrjjLKuyWhy-SuKpfvdqhUHe8gbkxZ_kjnCzqu-6Mo4atHv2a72J3d0PbdlDK1ArPWlqk5L4O-cQjAsRr1eDFKrZAtUf3SjBx-EWb40N2Ni410U3ZWJNIixSv6EoI3A5qfLabuf0QXQ_iPv6r2OuRGWMMp92KOwveJ9R8hyZCdWZFmqKzQR_nGKHbhB7u5ywqokrU8t9w1K9VXsn15KsaZnBzohO4-Pk76_SP8Qh1vmSqoXcspYz6YDQ-lnEL1cF6u2h7v7hRzddpRyEXtZGKFCTDKraA6z9bJTJn2DEjgXYWCvIpioiaW6A-xjDYPCpghJhp3d1hhjjfi3Sjm1c1xA3Wmrj35LYyC9vWzBpBuG9VVgBPai-G95LZIBp2NnayY3wen7k1qguXkciDnDI3vGuUZfw7o6Y8aReP973duUzd0zyqRTv7gl4beOppS6mKubk_aERQVEC9Sol1HrxCVa6t4mki1765xQF2z9CEqBPg4iqWoKpPWrJbakNpNoodZsfM_cguglWas8KK9zHWxKQNO-25WJ6SwTRcO3SEQV-BPHnS3wFAZru0R7e1S3GtzK1SvpvjmcZ29nrs7h0dBYA8h7Ryx2IUXqgPG1DfNVG_UK64NL_9KStoHB_HJs9EhsgxpHoYBN-_Z6V8kTqmy3frs-AJ5c7qMXCNG6iK4TdDoG0CosoE_h9W9kEwyo_vHfP6cW9y7ymX6AIA0MRb8oeEr-_miPU24cJktnsk1-mi4Fo6fXxQ_ir1XPOwglQR7SqR2yEzBPVyVqA5aQ5Vr6Q4_Bz-rHkgKW1hPD3TfZ0OiY0u9i8ilAOsc-ZzEHqDMClUvJjEjVk-LRuh4wjz5VHB9rGqDUExSJIjTsqnJOLrH6rTQF6sYPuyVWs_UxvnKKXVNr5qQ20C1--_FRBPs5lmnkNQoLvR5yBfDa1JlxkECo2YtD98rsMSeC3Lo4_xSxXtiEZyWjNFeSxmf4P2zLtK-pAlaGoMaxJbCwoKLb6J16AOnl-VvJ4H_o7_rf5l8iqvkPgcNzUv0YUxxbkv4wLO7MI41U3juLQAAydWByt6o4GldOD7tCTmixhYwfsvArM1_vwL0PQj0-wgXM42X1HbdaSI5q5cLLA0NiAibR0JGxSGuHZ_Fv3O1OLTHmF4IPoWFDSMMURi55fiz-992DYFrhbz85x1RMN2eHUjIQUWSYZm6mUMvQSLnwSbG3WJzeHzm_B7MEQiC5MpB1XVbwgmhBSlP5Q6Np_hGt7QcuLh_T-zRhaj3EsfFMYgguOhdNtGt9dAvkWQ5LtbIQtJ77z816mGc4mqsGSUVtwy2CtHL54HkiMJNxADU_bmLn066-91LBRStuDTr6wOb5QdAmI3A9fkIG76n6t_QyRy7K04mKgLdNZB7_XBFfHc-ZRWiCEEnDFKIUvG1Df0S00A2YPm26MXJ0OnEWgnX3pXvV6PPMrLIsXrPUUmj2YCsH6cO47lqO6FVblNAX4aDCb4QBqebI3hBCqfe1fRwXlii_9fbHJ9JtjsF3QGGcUtGs1optSMtqxSdSZQR6kO9wYUJM7m4Qy6bTZPHtDPL3F-1YVA0BaK-N4PADyDCE1rNbomQ5oNpyE41N0Jab_hvyPPDd-MPr4gwDcOgzXI2WrpcN3gB1CnEMWzgFQ4J-l7wYrBBSl2GR7Bx83C7R0XIWROsAT1SyXzd7RYQUp8OGXUcbCX5oYzumeOzVTl8K7iHMDmJjcnZRY2ktsaMkpp0ZADMYUMEZNLmnfEFCbXin-MJM8XOKjqcAuDCIYJ8BGDLF9fSLLXiGt2MOSpj9iC-1FGpvoTAptWssdlxb-JHcG4AQZ9JoaUC9SK_c1YqMOZ4bPEE2KzHyEadlkiAj7tB6lvkynh_6nL8kePYs9MBV6cxhA7dWFMpueKkn17mxOutNbDykMlkcvVCVChyIqq-VgXI5mYbiiUgNahTpdnp_1MnkhTmFnAqxl2ekszBZPUA0WDND5KjhpcTIlkdQMN_YRMlOvZgYu3gt6wAayEgOShdVK0OIvnbjHckghu7FtXrQVTxvEeTzSH7ODg06fnIBRrUzGYGfEKEF0O2rvyOGawdMumuYVvNtkal8-Tc5Aa8LKyoy9GH29n7vZsDpxL-0BiX5JSMjicOE4ldCJoY3J0LX_n72skQb8Z9ZRxHKHykzUseQXWp2t97tNUUN5Y5dq0CXYViEhK2SyDWDknQigNZfdViBCqMz4zgu-5BtyMjbQqzCmIW623IIRdaqsMv7DaYlmqlBUSmoja_k2HCdZEhL7t9liCzRtGm3Rp30NvaTgQFKfajVzEVCzPs4lLsbNJpLrFmU6kHwlW6BRIeij66kWoiD4Yx3j04eekvo0wlCxFSIS9NMZf90-mhVjuJbvGeEnNz7j-5E-VpM0VxceoZtRH5CiTRsZfJ8dUvVlisVRKQBLLvR5YfoOEk3050zaCs6NGgenRKMh4wEF6wM5AXaO23K47pCPHHC138tGu_mxAm2w5dLlu-LMusEkYnWaz8AzGc7y9hZuoqKLMWWP9m9ADR6cO6HYCaiBckG1rB8UCqPOX4d185UX4T_HNP3hFrXIMxDOwurX6GLQCSWqS8cUjmfFUNk2gQUHQRpVCAQSTwDICaaNq-Izz6zxkWywYtVA51b1HjEs_K7e2vpm0pJOxmG4Jp9xwsLuz9tMybWUBX8VnUGOlN1EPP9_MC7xj2IOQvCTZWjQAfPf-Rc0MOkYAWAB&bundleId=&ias_xappb=

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

Request Chain 175

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXe4Mm3EOp3ikkf3ajvaAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

Request Chain 177

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

Request Chain 179

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXe4Mm3EOp3ikkf3ajvaAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

Request Chain 181

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

Request Chain 183

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXe4Mm3EOp3ikkf3ajvaAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

Request Chain 185

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

Request Chain 213

https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5fc4a1bda9&subid=&uid=b28443de6e5a6079&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6nBf395lZazHH8Cg998Ph5K-4AWm5b2gaYWVnKfJD_AuEAEgzf-HfGCVuqaCsAfIAQmpAgO3WWv6X7I-qAMByAObBKoE7AFP0ExO4ep_ejo3CNgmlxlt0jPFrozQw_9d8x3Jl7MmoIZneqS8_MpEu-bo4KgvmVidlbfabaf2jo6p77_sPD5xUOtAUpzrhvpsiB1djOGMgNy_Cz6H9gDaEb9njOUmdgMLMm2K41w6b822ORyT2_YJb84IWfnqxcktMQHljPgTcDTre8xF9L5LT3v9K9l3igydIr2n2wz5qyG54LNp1YaUs5nBBWPdXLL5l1L3jDo9utnT4Rbv3X7Dib-0t9A37rtaqdj1lVzniCRtJvvOx369EHJ4QJX1gpN1mWU4uiNmeZlEeb5eVH6awcF9KcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNStIA2lharQ3kwaZfXmKkpk4Y7YeMIp5Y0-M5fPvfWIALHEMY3rtWktJTRaE7M4Ie9KST_TrZRbx3Y5KS2kg9QiduTG0VObnnORgB%26sig%3DAOD64_24fUfVLbd7fF5gD1oHtqAYs_MNpA%26client%3Dca-pub-2462751652998210%26dbm_c%3DAKAmf-BxAiQs7zW-uW0agVvsgVJElD2gM07K3SLHODsjko4wycpOJoOSzAPiPaeh8u6JwgU4mgpl9gb4ibvrynHgCuwpPrYwo_vrcgvmsuzvR3kT0aDNkEzzc-LFe2wCsCUllEt1aVoikxIpvnx2if-Pd9Q4H2R4duHWdsWVvHYtb7_1qWxourY%26cry%3D1%26dbm_d%3DAKAmf-DGsPUCpKGZqG5b-GlsVXi4nudm4ibIJKXcg3KCptgQ5hcPHb12BlK-De3kqloylHqxIP3-8RtUECZk2V1rX05hVaCedo1xu0U3ex-DboypxtqTo4xYZD4BVRc6uULMfyFYf7fepDIZhkyHyf0JY3qQmUaWPKCUukjnUV0xLiJH1J1GR05GtIVbXn1Tc1VRpMLWTQ7xEhK61GeXXXacDNXoTUCLkY8C9ORxAsxzfMPJlE-W4Z6RE8FIZxxxwewswjh50lHyrBMmvClguV9lAMaN2dNiZ4rZN_lIOyCRjWfBPqXpm04ZC3Hlfvu4CxSWHJaQxfe0EGGo32fpWFDYBWq9lmFvP8LcW95Oh44SO9_uJkMjDWNLHDO48zuf0LyPCyG4klUQFcBmQerfiE1Vx-D21fFBX5ZtvO4QDkeZzvEDCzkP-SgXC3mfz7uJlIB2k2w3Q03k2pI03IKOKqkAFoBPgQis_KBRs3ZUAYHItzJgMTI_HBfBy7jVwpNh2HA-8IBTaQJn9U6MVtEk2w94tiafLYqqiSJMzzdQlNmaSM-YtRXD_WU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ancestorOrigins=https%3A%2F%2Fwww.gaflaquiz.xyz&random=8772794025753&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5fc4a1bda9&subid=&uid=b28443de6e5a6079&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6nBf395lZazHH8Cg998Ph5K-4AWm5b2gaYWVnKfJD_AuEAEgzf-HfGCVuqaCsAfIAQmpAgO3WWv6X7I-qAMByAObBKoE7AFP0ExO4ep_ejo3CNgmlxlt0jPFrozQw_9d8x3Jl7MmoIZneqS8_MpEu-bo4KgvmVidlbfabaf2jo6p77_sPD5xUOtAUpzrhvpsiB1djOGMgNy_Cz6H9gDaEb9njOUmdgMLMm2K41w6b822ORyT2_YJb84IWfnqxcktMQHljPgTcDTre8xF9L5LT3v9K9l3igydIr2n2wz5qyG54LNp1YaUs5nBBWPdXLL5l1L3jDo9utnT4Rbv3X7Dib-0t9A37rtaqdj1lVzniCRtJvvOx369EHJ4QJX1gpN1mWU4uiNmeZlEeb5eVH6awcF9KcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNStIA2lharQ3kwaZfXmKkpk4Y7YeMIp5Y0-M5fPvfWIALHEMY3rtWktJTRaE7M4Ie9KST_TrZRbx3Y5KS2kg9QiduTG0VObnnORgB%26sig%3DAOD64_24fUfVLbd7fF5gD1oHtqAYs_MNpA%26client%3Dca-pub-2462751652998210%26dbm_c%3DAKAmf-BxAiQs7zW-uW0agVvsgVJElD2gM07K3SLHODsjko4wycpOJoOSzAPiPaeh8u6JwgU4mgpl9gb4ibvrynHgCuwpPrYwo_vrcgvmsuzvR3kT0aDNkEzzc-LFe2wCsCUllEt1aVoikxIpvnx2if-Pd9Q4H2R4duHWdsWVvHYtb7_1qWxourY%26cry%3D1%26dbm_d%3DAKAmf-DGsPUCpKGZqG5b-GlsVXi4nudm4ibIJKXcg3KCptgQ5hcPHb12BlK-De3kqloylHqxIP3-8RtUECZk2V1rX05hVaCedo1xu0U3ex-DboypxtqTo4xYZD4BVRc6uULMfyFYf7fepDIZhkyHyf0JY3qQmUaWPKCUukjnUV0xLiJH1J1GR05GtIVbXn1Tc1VRpMLWTQ7xEhK61GeXXXacDNXoTUCLkY8C9ORxAsxzfMPJlE-W4Z6RE8FIZxxxwewswjh50lHyrBMmvClguV9lAMaN2dNiZ4rZN_lIOyCRjWfBPqXpm04ZC3Hlfvu4CxSWHJaQxfe0EGGo32fpWFDYBWq9lmFvP8LcW95Oh44SO9_uJkMjDWNLHDO48zuf0LyPCyG4klUQFcBmQerfiE1Vx-D21fFBX5ZtvO4QDkeZzvEDCzkP-SgXC3mfz7uJlIB2k2w3Q03k2pI03IKOKqkAFoBPgQis_KBRs3ZUAYHItzJgMTI_HBfBy7jVwpNh2HA-8IBTaQJn9U6MVtEk2w94tiafLYqqiSJMzzdQlNmaSM-YtRXD_WU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ancestorOrigins=https%3A%2F%2Fwww.gaflaquiz.xyz&random=8772794025753&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 219

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&rid=esp&cc=1

Request Chain 225

https://gcdn.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/4E39B6B742D24519D497BBF40EFACE633E3D9FF4.3C11BA6DB17E1D970B5A82F99289C65076434569/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-4g5e6nsy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4690D9932DE42EFBD93022B578C333C86BFAD858.59CFF9128A19AED0EF6F3688C9E979546D13B192/key/cms1/cms_redirect/yes/mh/06/mip/2001:1b60:2:240:3247::5/mm/42/mn/sn-4g5e6nsy/ms/onc/mt/1701174536/mv/m/mvi/5/pl/29/file/file.mp4

Request Chain 256

https://fw.adsafeprotected.com/rfw/st/1627455/73523873/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20492283353&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&xsId=ABAjH0gk5pBoBN8BdV-qt7uF-Hux&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gk5pBoBN8BdV-qt7uF-Hux&adContainerId=brand_safety_4N5lZambHq_Hx_APgrKBmAM&cbFunctionName=goog_wrapCb_4N5lZambHq_Hx_APgrKBmAM&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-2462751652998210%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D1&adsafe_type=be&adsafe_jsinfo=,id:b059bab8-94db-e99e-3f97-3aa1f35d68e0,c:vgJBH7,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-lzb82,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tWUkY9M+11%7C121%7C1221%7C131%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181*.1627455-73523873%7C1811%7C1911%7C1a1%7C1b%7C1c1%7C1d%7C1e,idMap:181*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:15,oid:cc6ec8ad-8dea-11ee-bf14-8e8dc3037598,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gk5pBoBN8BdV-qt7uF-Hux&ias_xappb=&adContainerId=brand_safety_4N5lZambHq_Hx_APgrKBmAM&cbFunctionName=goog_wrapCb_4N5lZambHq_Hx_APgrKBmAM&true_pb=

Request Chain 258

https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DtzMldpy87XEPbzUA24Z8yRZv5YTqNhWUwioUz7b32auoPB6BcuBFjLKFJtde-dVslrvWxA6jV_ViBJr780us6GiQHn7XoP8883QrvA3a0XEMPrISgXsOk1VkA5cyRKJFvR1pa3_FP-6m0-uuQUH1MA6d7CX2LklkgEFctRytje9PNqv0S-RQAoCZ_4IS4swLXd3Ux4SkRcqkBtST-Xjy1F8J7bUApgq5ks4ONKwv8pLMPR2VaCqqjxXFZbatN2RVsAxC8Y9GsILnh88c94ti1eIxAlSavyhiXJekuNgGTDwBlPMAZbOwAKFALORptuy0jKXcA0t-dlgRMo1LUPRGJs70n3uxIDDH0JiFcTiQPUslnyKaOPDsZSwxv-cE5Uw6nxqM8uU7AtJZyMAqyC2C6PtkH762eTr5CN9SbTuREXkWxl6W04VugfJeZ_Kh2bbels9KkDVgiEmw8Kz7CqWGcnoC-v-3WAkuqNMn7nQTKNj2jjXTavlLn6bEfNwnEXStxRIqHkUN9461Xab0smOwqpnNRT7ErwAlNRhjjNoF5jx3y320HyScFumiXX7wrhdaAfznsl2mA8DmzNlfkKwDpQ1L_d7A3q8N3o9jHbBxEvobQQK1k7qQVX3GCQY2Z0W0uRep5vITqeQW3X4g79pmZYZ1K5UhY8QgsKVDyFBUoyLTG_xrK4exwrL78Z2wNzyOw2upBjgFm8U-toq8D-uX3468hv9qNM98I14xaNVLIEkS5Z_8z98NW3xLYQo5B_ARAojnUnBoXQl_YtZCr2tCGD70owug49UH9pg_e4YsxyJuajPm_39WMb2H7tlVZ9y6-wmqrNqhcE19GRWC8RtBhCLy03UUzy1yOLV3NOf8K-I40Z_1VaAGQ70PuUVoefKIWQgtOlYMlkoAb3DTBJWd8lidXKrhLLABMGzqrNLKks2niNrR_wuh_0FbjGoNT3n_rwFt_15lx_gC_4TvdvDpru9iVUf11_9M4xPbIKbEqxb5PrMdmdQS9e8FEYHVobNLFOIfXzcoCu8K_gTJiXUeMK_jbiSZGQs8MyNeQeePFguBPryPVUXebZSmZZcF7JSzvkWdpHOiJ6b5IqDwpdBU9NtKaXZWtHjK7Os4rU3oa9UGIDFUGCj1IbpxT_e9uSXlgXF4Fr_FT56GSdmho10byjZiPgIZAPyL97OflF0fp5edvG0mkoArVSsyyPo8tGlTpwiFWM7zSEkboVTbvTz9d5tIwMlPQ3jjg8IfMzKqXOEeumlKQNezmjawD4FLptZidvRA34DOAfIZLrkcb8IskCG1MnxXcjKFdZ1P2PaYIf4FiPuB1hc1z2v8GA_WvaYwyJmyNJ7wOXab2T4Nk1QsBSgsiy1erbrb-0YvFl8wv4Ba9uZmB1-PCWB9kr-2nNqEU8BiLkjr9pHGerVdFfV3_T-yMIgNk8Vwx6sEj_yEVHsxA210Q8uksB2Gr1PPot4NLB2UqcWDVScU08-6nL5hnjlki8xoN5Q_kQzfI0w9HYSmmg9Iwk4w4-5UFtVQGTqwOPbzwMs4QZ7i3gfydRqRRLwd51tyLRc0nkATiDQFZHOJDN3xIRkIGFs5u3zJtCGjTTJyZ1fAKpn59j34tptj5DOdPmFZfRFKeqY7QDRm7AS9dsoe6do0c2Odr34ZeK1JgAxgTPagVfixq0F0iJZJLvlK_FgfjkYozu4jILjGo1v7CaGoTdPOgDyIJFWY7HW5Mn80gqeM8aJNSuuwUh5RyeaQ_f_J6EM1z9WV6U_gjvZw6tm4HKKgmW3s-OiLHUTg5p0LD_AcgOuL6itqPwzCJjwdVDhCKf6WDZ9MxVNeYQJh1mjO3h8K021qHJRD3rc0_dTcG8hvPjjjCFhtmv5c-ojVKGmlB2Fyv7tE-pEb6aKqIcOw2ppV67VW4wHPl4CBvG9xBluXUzBw2iVmkNX5mf1D6hs1v6LF2HdaVEzhfQuTgYeg6DwAD5R_uxcyYpYZfkHbbKaRdbtwKX5ZS0vy_x8CFD7iclaHLwTtgHp2vSvaJkBiFEpkej5E0VlJlg7u_8x48UVMeV0JY6-0PfFg_dNTzQhHkbDn7viKL2IdY7nW-5DOkRpPvf-Ka0lKMVnNzS_9-3x8bnAFLcEiTHUjWZC30AvXEzojbZwi1djCdG0FUUeUyWqMf5Dt-ffIcpbUR5SFXy_EKTfRtJvAqYrXK_5-anAHf6rMGksNrYNL5WJfav7ZBPW-8RmC-driP6HdnP834fTydmC89C4ZR5VEl5tvW2L-X7FtLMGASiVJsTnAMwJNOMHRmz33x7Ex7CGvlq8kfxRXwcEio_sUU4adyPsMs-3uuZjGQNSMPeDSDoX5nJ6U92NiEV5W-S8yua62ddlo4QAS2mGcqo0tJYeOQq2TJ3jYU7Drp4D6DKP5CTX9KM8T0UfpvCCbKfxKVZa4shkS_HRT3sZC1jSM_sbLLXhN95QZhoH7HvHv9gLsz5GVQHd6R4NLOqIBKcicT206AgzDqnnNv_wVjd9yjmzPmC05aNa9aqYPPCOrtjwFlkomqqsegs-zdLxBjCssP9rN3RLQshjuZ9DvQzZdjQf6HJmftGz7sRNXOeAyaUm1JP-iqZBr3aIOu6rwETW1Ck5dwcE8HXr3sgzX6W50kZN_pf0zTYOUBxtN-5QZyTlGVyj8O_fIVyMa-AF19tOaMqX3LSxj0U0QZ8LHW1tc9TBydowsjq04_tc3XGG72HYRAjl-ps5lYvu9alDcaxxvpgiaTWuTCF99QbXuO-Fsdp01sl_pbXMUUZV2UAAjIPKFSsoO-LVLzW0K9Z841Zolh538oNxFsdLXH1HUmHuJpcHlGsp1OrbA9zMAGU4TgyS3gV3qo6e0T6vkLhsMmZYq-YY-Y8wEcExDHtbyomYOzw9hXfvirrOBQZfPZrjWKdojEbK2yCaDocb0H36uxwaw7PJz4yeBidSSkC2GNQIJkUtg4CoYMiiMDH458Ryn9jO9UuWhic0jbSdgAg83Wnf4MKIdE0TL5h3O_m65PYYfTysxatFKrzjrgQL5mjxKYKnU1SyrYDDfp8E2pTfPHXoh_oDPR0iqx3aNvBAtlGKp9GH5-iWj_abwFE8kNcjoUs6sgAjE-K5Ooz2w_mzsiUWVyDJTH4QqaevyhaXQW9b6Xq_XRauBAaV3qdBOvUiVKqIp5Nujb3ZWifFCuR8i9JIjiOyYM30rthQlSXxm5KimTPQqF9WsJLoYhrTWBCqyQpS992BOLoQCtMkkQEEmcgIn64yl_nL5qhd_MTHeoHcm3y-nELAh6HWm2yLJl664MzxoAAFTrAsLVMki6UVHLw0WNSAvMHemHvg0epuFYNcQl_2aiH6W3ALLXqeFnAll4PcZCHjOpPy6WZPKrVjWh89Gnfe1HnviIgjN-mxtXT1ifoghK0ZKqSMOxRccaJol3eCRQXxOPdxfvnd5eLdS8kDh9lRh-e_RUV7OhCdnmO53U7VcguOLJSQkpRqhtF7PFuHUz3v7LScLI9OB8fmMbHMS9sUSTT1ryzu3OjYchye-J7ekD5BN-vFGSuDfd0-gkT3jQJBl2HMhtbGmLkZDtZhaGnrex0RWBLiYtgmoy6bk3utl0Kgq8lRPQtfBxiufbZBaFLk7RzHqH1nbTmaMytxixEu1s623RHlg21J_XBlZYIaTtS89CKJJEAK0lMPao8x5fn5k5isRmAeWxuDQqbJpLz2YrtwVJqLo7zXP8ohX3yB3BDfXKyZ1Hqk2POuvIz9OXmxpVCAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAWAB&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20118583893&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j4hKyIZQMFukRnnKf2yOPo&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-2462751652998210%26fa%3D1%26ifi%3D8%26uci%3Da!8%26btvi%3D3&adsafe_type=d&adsafe_jsinfo=,id:62812222-5cbf-a13c-ad81-c9484364997d,c:vgJBHD,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-twwz5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tWUkYam+11%7C121%7C1221%7C131%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C1811%7C1812%7C1911%7C1a*.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e,idMap:1a*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:11,oid:cc36c851-8dea-11ee-ac8a-2ef4c4763ddc,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DtzMldpy87XEPbzUA24Z8yRZv5YTqNhWUwioUz7b32auoPB6BcuBFjLKFJtde-dVslrvWxA6jV_ViBJr780us6GiQHn7XoP8883QrvA3a0XEMPrISgXsOk1VkA5cyRKJFvR1pa3_FP-6m0-uuQUH1MA6d7CX2LklkgEFctRytje9PNqv0S-RQAoCZ_4IS4swLXd3Ux4SkRcqkBtST-Xjy1F8J7bUApgq5ks4ONKwv8pLMPR2VaCqqjxXFZbatN2RVsAxC8Y9GsILnh88c94ti1eIxAlSavyhiXJekuNgGTDwBlPMAZbOwAKFALORptuy0jKXcA0t-dlgRMo1LUPRGJs70n3uxIDDH0JiFcTiQPUslnyKaOPDsZSwxv-cE5Uw6nxqM8uU7AtJZyMAqyC2C6PtkH762eTr5CN9SbTuREXkWxl6W04VugfJeZ_Kh2bbels9KkDVgiEmw8Kz7CqWGcnoC-v-3WAkuqNMn7nQTKNj2jjXTavlLn6bEfNwnEXStxRIqHkUN9461Xab0smOwqpnNRT7ErwAlNRhjjNoF5jx3y320HyScFumiXX7wrhdaAfznsl2mA8DmzNlfkKwDpQ1L_d7A3q8N3o9jHbBxEvobQQK1k7qQVX3GCQY2Z0W0uRep5vITqeQW3X4g79pmZYZ1K5UhY8QgsKVDyFBUoyLTG_xrK4exwrL78Z2wNzyOw2upBjgFm8U-toq8D-uX3468hv9qNM98I14xaNVLIEkS5Z_8z98NW3xLYQo5B_ARAojnUnBoXQl_YtZCr2tCGD70owug49UH9pg_e4YsxyJuajPm_39WMb2H7tlVZ9y6-wmqrNqhcE19GRWC8RtBhCLy03UUzy1yOLV3NOf8K-I40Z_1VaAGQ70PuUVoefKIWQgtOlYMlkoAb3DTBJWd8lidXKrhLLABMGzqrNLKks2niNrR_wuh_0FbjGoNT3n_rwFt_15lx_gC_4TvdvDpru9iVUf11_9M4xPbIKbEqxb5PrMdmdQS9e8FEYHVobNLFOIfXzcoCu8K_gTJiXUeMK_jbiSZGQs8MyNeQeePFguBPryPVUXebZSmZZcF7JSzvkWdpHOiJ6b5IqDwpdBU9NtKaXZWtHjK7Os4rU3oa9UGIDFUGCj1IbpxT_e9uSXlgXF4Fr_FT56GSdmho10byjZiPgIZAPyL97OflF0fp5edvG0mkoArVSsyyPo8tGlTpwiFWM7zSEkboVTbvTz9d5tIwMlPQ3jjg8IfMzKqXOEeumlKQNezmjawD4FLptZidvRA34DOAfIZLrkcb8IskCG1MnxXcjKFdZ1P2PaYIf4FiPuB1hc1z2v8GA_WvaYwyJmyNJ7wOXab2T4Nk1QsBSgsiy1erbrb-0YvFl8wv4Ba9uZmB1-PCWB9kr-2nNqEU8BiLkjr9pHGerVdFfV3_T-yMIgNk8Vwx6sEj_yEVHsxA210Q8uksB2Gr1PPot4NLB2UqcWDVScU08-6nL5hnjlki8xoN5Q_kQzfI0w9HYSmmg9Iwk4w4-5UFtVQGTqwOPbzwMs4QZ7i3gfydRqRRLwd51tyLRc0nkATiDQFZHOJDN3xIRkIGFs5u3zJtCGjTTJyZ1fAKpn59j34tptj5DOdPmFZfRFKeqY7QDRm7AS9dsoe6do0c2Odr34ZeK1JgAxgTPagVfixq0F0iJZJLvlK_FgfjkYozu4jILjGo1v7CaGoTdPOgDyIJFWY7HW5Mn80gqeM8aJNSuuwUh5RyeaQ_f_J6EM1z9WV6U_gjvZw6tm4HKKgmW3s-OiLHUTg5p0LD_AcgOuL6itqPwzCJjwdVDhCKf6WDZ9MxVNeYQJh1mjO3h8K021qHJRD3rc0_dTcG8hvPjjjCFhtmv5c-ojVKGmlB2Fyv7tE-pEb6aKqIcOw2ppV67VW4wHPl4CBvG9xBluXUzBw2iVmkNX5mf1D6hs1v6LF2HdaVEzhfQuTgYeg6DwAD5R_uxcyYpYZfkHbbKaRdbtwKX5ZS0vy_x8CFD7iclaHLwTtgHp2vSvaJkBiFEpkej5E0VlJlg7u_8x48UVMeV0JY6-0PfFg_dNTzQhHkbDn7viKL2IdY7nW-5DOkRpPvf-Ka0lKMVnNzS_9-3x8bnAFLcEiTHUjWZC30AvXEzojbZwi1djCdG0FUUeUyWqMf5Dt-ffIcpbUR5SFXy_EKTfRtJvAqYrXK_5-anAHf6rMGksNrYNL5WJfav7ZBPW-8RmC-driP6HdnP834fTydmC89C4ZR5VEl5tvW2L-X7FtLMGASiVJsTnAMwJNOMHRmz33x7Ex7CGvlq8kfxRXwcEio_sUU4adyPsMs-3uuZjGQNSMPeDSDoX5nJ6U92NiEV5W-S8yua62ddlo4QAS2mGcqo0tJYeOQq2TJ3jYU7Drp4D6DKP5CTX9KM8T0UfpvCCbKfxKVZa4shkS_HRT3sZC1jSM_sbLLXhN95QZhoH7HvHv9gLsz5GVQHd6R4NLOqIBKcicT206AgzDqnnNv_wVjd9yjmzPmC05aNa9aqYPPCOrtjwFlkomqqsegs-zdLxBjCssP9rN3RLQshjuZ9DvQzZdjQf6HJmftGz7sRNXOeAyaUm1JP-iqZBr3aIOu6rwETW1Ck5dwcE8HXr3sgzX6W50kZN_pf0zTYOUBxtN-5QZyTlGVyj8O_fIVyMa-AF19tOaMqX3LSxj0U0QZ8LHW1tc9TBydowsjq04_tc3XGG72HYRAjl-ps5lYvu9alDcaxxvpgiaTWuTCF99QbXuO-Fsdp01sl_pbXMUUZV2UAAjIPKFSsoO-LVLzW0K9Z841Zolh538oNxFsdLXH1HUmHuJpcHlGsp1OrbA9zMAGU4TgyS3gV3qo6e0T6vkLhsMmZYq-YY-Y8wEcExDHtbyomYOzw9hXfvirrOBQZfPZrjWKdojEbK2yCaDocb0H36uxwaw7PJz4yeBidSSkC2GNQIJkUtg4CoYMiiMDH458Ryn9jO9UuWhic0jbSdgAg83Wnf4MKIdE0TL5h3O_m65PYYfTysxatFKrzjrgQL5mjxKYKnU1SyrYDDfp8E2pTfPHXoh_oDPR0iqx3aNvBAtlGKp9GH5-iWj_abwFE8kNcjoUs6sgAjE-K5Ooz2w_mzsiUWVyDJTH4QqaevyhaXQW9b6Xq_XRauBAaV3qdBOvUiVKqIp5Nujb3ZWifFCuR8i9JIjiOyYM30rthQlSXxm5KimTPQqF9WsJLoYhrTWBCqyQpS992BOLoQCtMkkQEEmcgIn64yl_nL5qhd_MTHeoHcm3y-nELAh6HWm2yLJl664MzxoAAFTrAsLVMki6UVHLw0WNSAvMHemHvg0epuFYNcQl_2aiH6W3ALLXqeFnAll4PcZCHjOpPy6WZPKrVjWh89Gnfe1HnviIgjN-mxtXT1ifoghK0ZKqSMOxRccaJol3eCRQXxOPdxfvnd5eLdS8kDh9lRh-e_RUV7OhCdnmO53U7VcguOLJSQkpRqhtF7PFuHUz3v7LScLI9OB8fmMbHMS9sUSTT1ryzu3OjYchye-J7ekD5BN-vFGSuDfd0-gkT3jQJBl2HMhtbGmLkZDtZhaGnrex0RWBLiYtgmoy6bk3utl0Kgq8lRPQtfBxiufbZBaFLk7RzHqH1nbTmaMytxixEu1s623RHlg21J_XBlZYIaTtS89CKJJEAK0lMPao8x5fn5k5isRmAeWxuDQqbJpLz2YrtwVJqLo7zXP8ohX3yB3BDfXKyZ1Hqk2POuvIz9OXmxpVCAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAWAB&bundleId=&ias_xappb=

Request Chain 265

https://gum.criteo.com/sid/json?origin=publishertagids&domain=gaflaquiz.xyz&sn=ChromeSyncframe&so=0&topUrl=www.gaflaquiz.xyz&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=AiSrrXxxdE1wQXcrL1FiMXF4dmtybWNJS3FKSERJbng4MjdUYmovd0JzQ0Nxb0t2dnRCNVhzZTJsajZNZnRJS05IU0RvNWFYWUpzcCt4bmQzU09Wbm56RnFtNDc3amt2ajM0RisvNngwa2JYeGF5Rnp0L3pZSVpNaHVqWE1sOWNuMjlqYnRodWJBaDNhYXJaYzIxdVRXMWtwd2hTNzBBbEdFSE5Sd0gxS2krdnVyTVVXdkE2SWV5VWZ5TGV5STRqZ3VGV0txTzVZT2JEdzl4ZjN6U2tkQUZTcWRzSStmdW1vK2k1bUUxZG13bjNsUmdFaHdoQjFSQ1p1VytIVHhJaXFYYU0rbTI5TjdsM0Fwd1dNRXR4NTdydHdpZz09fA&cppv=2

Request Chain 269

https://fw.adsafeprotected.com/rfw/st/1627455/73523873/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20496570232&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&xsId=ABAjH0i5lF3hSAHl6oTepNMf9plw&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i5lF3hSAHl6oTepNMf9plw&adContainerId=brand_safety_4N5lZb7xIK_H1PIP65eBqA8&cbFunctionName=goog_wrapCb_4N5lZb7xIK_H1PIP65eBqA8&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-2462751652998210%26fa%3D4%26ifi%3D7%26uci%3Da!7%26btvi%3D2&adsafe_type=be&adsafe_jsinfo=,id:1fb5320b-a63e-68e8-6d29-0dbe147062a4,c:vgJBIJ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-lbdtt,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tWUkYbk+11%7C121%7C1221%7C131%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C1811%7C1812%7C1813%7C1814%7C191*.1627455-73523873%7C1911%7C1a1%7C1a2%7C1b%7C1c1%7C1d%7C1e,idMap:191*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:20,oid:cc777b06-8dea-11ee-ae44-fa61becd79c1,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?xsId=ABAjH0i5lF3hSAHl6oTepNMf9plw&ias_xappb=&adContainerId=brand_safety_4N5lZb7xIK_H1PIP65eBqA8&cbFunctionName=goog_wrapCb_4N5lZb7xIK_H1PIP65eBqA8&true_pb=

Request Chain 282

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=97448700089785004444550012522008&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97448700089785004444550012522008&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 284

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=97448700089785004444550012522008&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97448700089785004444550012522008&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 365

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0LyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiMi4wIiwiY3VzdG9tMyI6IjIuMCIsImN1c3RvbTciOiIxMTM1NzYwIiwiY3VzdG9tOCI6Ijc2MTA1NTE0IiwiZGF2M19kZXZpY2UiOiJERVZJQ0VUWVBFX1VOS05PV04iLCJkYXYzX291dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwiLCJkYXYzX3VhIjoiIiwibW9uaXRvcmluZyI6ImZhbHNlIiwicmVnaW9uIjoiaWUiLCJ4c2lkIjoiYTdjMzY0ODItYTM5ZC00YTc4LTgxNWItNGZlZGUyNzQyZWQ5In0sInRpbWVzdGFtcCI6IjAwMDEtMDEtMDFUMDA6MDA6MDBaIiwiaGVhZGVycyI6eyJoZWFkZXIxMCI6IjIwNTA5Njk3NjU2IiwiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMiIsImhlYWRlcjQiOiI3IiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNiIjoiMTcwMTE3NTAwODUzNTA3NTI1MCIsImFkRHVyYXRpb24iOjE3MDUwMzI3MDQsImlhc1NpbmdsZXRhZyI6dHJ1ZSwiaWFzU2luZ2xldGFnT3V0Y29tZSI6Ik9VVENPTUVfTV9fVkFTVF9fT01JRF9fV0VCX1BYTCJ9&advEntityId=1135760&pubEntityId=76105514 HTTP 303
https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

Request Chain 370

https://pixel.adsafeprotected.com/rfw/st/1135760/76105515/skeleton.gif?xmtp=v&xmapp=0&xsId=a7c36482-a39d-4a78-815b-4fede2742ed9&bidurl=https://www.gaflaquiz.xyz/&ias_campId=1008772806&ias_pubId=pub-2462751652998210&ias_placementId=20509697656&ias_chanId=1&ias_dealId=&ias_impId=v4~~ABAjH0jWo6TJ9ML8Xjw4XnJ6vbwc&ias_dspId=3&ias_creativeId=203224912&ias_=&ias_xappb=&mon=76105515 HTTP 302
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=a7c36482-a39d-4a78-815b-4fede2742ed9&ias_=&ias_xappb=&mon=76105515

Request Chain 380

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIevrrrTHQmnT_2hxqZ4bWQ&google_cver=1

Request Chain 382

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEC_itMQSOCiKsueC86Bkuik&google_cver=1

Request Chain 395

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4025007127999.656 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO73nOHa5oIDFepSkQUdlLQJqw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4025007127999.656

Request Chain 421

https://fw.adsafeprotected.com/rfw/st/1627455/73523884/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-7094677798399606&ias_chanId=1&ias_placementId=20492285957&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&xsId=ABAjH0hHs3OXEdx9maOdVtznyVlT&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hHs3OXEdx9maOdVtznyVlT&adContainerId=brand_safety_4d5lZYTkIPX9x_APoMOE4Ac&cbFunctionName=goog_wrapCb_4d5lZYTkIPX9x_APoMOE4Ac&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:4170a794-5d97-738a-46ff-5050ad2ee7e9,c:vgJBWN,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-4bvq6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:tWUkYpn+11%7C121%7C122%7C123%7C124%7C125%7C126%7C131%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C1711%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C1913%7C1914%7C1a1%7C1a2%7C1a3%7C1a4%7C1b%7C1c1%7C1d%7C1e%7C1f1%7C1g%7C1h*.1627455-73523884%7C1h1%7C1h2,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:20,oid:cd07d41c-8dea-11ee-a16d-c226156ec1fc,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?xsId=ABAjH0hHs3OXEdx9maOdVtznyVlT&ias_xappb=&adContainerId=brand_safety_4d5lZYTkIPX9x_APoMOE4Ac&cbFunctionName=goog_wrapCb_4d5lZYTkIPX9x_APoMOE4Ac&true_pb=

Request Chain 424

https://um.simpli.fi/gp_match?google_gid=CAESENYwUdPcUujkMc_M-lEC1SU&google_cver=1&google_push=AXcoOmRdfm4lb9WU8cDxluAWF7afvWjKk-NDwLrnKHH5R1_K_kAKSNe3yWzV7itpfhjtDcfAKaMFuxSXB33G8gBUyEkLAALqzwE8Cg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9B951BEDDAE3400D9A575B01B93BC75B&google_push=AXcoOmRdfm4lb9WU8cDxluAWF7afvWjKk-NDwLrnKHH5R1_K_kAKSNe3yWzV7itpfhjtDcfAKaMFuxSXB33G8gBUyEkLAALqzwE8Cg

Request Chain 426

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPcBsCtrRWYT4PruNkvpzJM&google_cver=1&google_push=AXcoOmTsEDLHhxrGy3DS8VTaOJuq8OI1zyhMWbXSyhHSfzPw0rpecODr6rNCJJJO4zLusAvm9qsacLtxpSvi5vxu31q2RPzRNXgPtg HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPcBsCtrRWYT4PruNkvpzJM&google_push=AXcoOmTsEDLHhxrGy3DS8VTaOJuq8OI1zyhMWbXSyhHSfzPw0rpecODr6rNCJJJO4zLusAvm9qsacLtxpSvi5vxu31q2RPzRNXgPtg&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTsEDLHhxrGy3DS8VTaOJuq8OI1zyhMWbXSyhHSfzPw0rpecODr6rNCJJJO4zLusAvm9qsacLtxpSvi5vxu31q2RPzRNXgPtg&google_hm=ZkVDdms1VmFFMW5PdXJ5eTIxOEc=

Request Chain 427

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEK9XDooz_Ik3u3LmhYYv-74&google_cver=1&google_push=AXcoOmQ16xG3iPBUf9uUNGPnpvdMD_5jj3nBSOnva_p4dPEhOe_FE4owN_XuCfxZno2MvBi8dM2J6Bj_uOZ5QvpPY_uvPQHk_6C4EQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jPVAtuxBXqdgv7R-IW1litly2hY&google_push=AXcoOmQ16xG3iPBUf9uUNGPnpvdMD_5jj3nBSOnva_p4dPEhOe_FE4owN_XuCfxZno2MvBi8dM2J6Bj_uOZ5QvpPY_uvPQHk_6C4EQ

Request Chain 428

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL65RX6CleMzhSfiqCKXjlE&google_cver=1&google_push=AXcoOmTqqm_BLnV0JPuD975f7uaGG0b2rLUiaHtYp77vIVxXs7K86qSmjiB22t-4aL0Zq-ZlLQl-ircGZ0PIeZPiBFdqFRLgxZgE2Q HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL65RX6CleMzhSfiqCKXjlE&google_cver=1&google_push=AXcoOmTqqm_BLnV0JPuD975f7uaGG0b2rLUiaHtYp77vIVxXs7K86qSmjiB22t-4aL0Zq-ZlLQl-ircGZ0PIeZPiBFdqFRLgxZgE2Q&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTqqm_BLnV0JPuD975f7uaGG0b2rLUiaHtYp77vIVxXs7K86qSmjiB22t-4aL0Zq-ZlLQl-ircGZ0PIeZPiBFdqFRLgxZgE2Q&google_hm=Hu1UpGZHoURS1rMuTYa-cNOn

Request Chain 429

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJ1MMN8sI2JrfS3km6yy500&google_cver=1&google_push=AXcoOmRT-BvXph1ymJoGfkmVr2aJ7VsioDQ76F3qHRclAg3Cd2gvQxo_muYf-mvmwmfwRmXA3XsofGzSvKBuobD_mkHkZrwAGTmooyk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRT-BvXph1ymJoGfkmVr2aJ7VsioDQ76F3qHRclAg3Cd2gvQxo_muYf-mvmwmfwRmXA3XsofGzSvKBuobD_mkHkZrwAGTmooyk HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 430

https://sync.gonet-ads.com/match/google?google_gid=CAESEM7-6BAPKNoPrDTEP9rE2ZY&google_cver=1&google_push=AXcoOmSc7W1vON3BRsfA-lnY-Wo-of7cMh3eQRCLVe5qAP4ClqMqpNQgw22TNkh3kLBV_zWeo7DwSm8zaDprTG01qEUq3gXkn1xMkw HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEM7-6BAPKNoPrDTEP9rE2ZY&google_cver=1&google_push=AXcoOmSc7W1vON3BRsfA-lnY-Wo-of7cMh3eQRCLVe5qAP4ClqMqpNQgw22TNkh3kLBV_zWeo7DwSm8zaDprTG01qEUq3gXkn1xMkw&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDk5OGU1NDlhYjc1Yjc2Zg&google_push=AXcoOmSc7W1vON3BRsfA-lnY-Wo-of7cMh3eQRCLVe5qAP4ClqMqpNQgw22TNkh3kLBV_zWeo7DwSm8zaDprTG01qEUq3gXkn1xMkw HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDk5OGU1NDlhYjc1Yjc2Zg&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 502

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTEzNTc2MCIsImN1c3RvbTgiOiI3NjEwNTUxNCIsImRhdjNfZGV2aWNlIjoiREVWSUNFVFlQRV9VTktOT1dOIiwiZGF2M19vdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIiwiZGF2M191YSI6IiIsIm1vbml0b3JpbmciOiJmYWxzZSIsInJlZ2lvbiI6ImllIiwieHNpZCI6ImE3YzM2NDgyLWEzOWQtNGE3OC04MTViLTRmZWRlMjc0MmVkOSJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDUwOTY5NzY1NiIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE3MDExNzUwMDg1MzQ1NjI5MjAiLCJhZER1cmF0aW9uIjoxNzA1MDMyNzA0LCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1135760&pubEntityId=76105514 HTTP 303
https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

Request Chain 554

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUyIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTEzNTc2MCIsImN1c3RvbTgiOiI3NjEwNTUxNCIsImRhdjNfZGV2aWNlIjoiREVWSUNFVFlQRV9VTktOT1dOIiwiZGF2M19vdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIiwiZGF2M191YSI6IiIsIm1vbml0b3JpbmciOiJmYWxzZSIsInJlZ2lvbiI6ImllIiwieHNpZCI6ImE3YzM2NDgyLWEzOWQtNGE3OC04MTViLTRmZWRlMjc0MmVkOSJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDUwOTY5NzY1NiIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE3MDExNzUwMDg1MzUzMTQ0MzkiLCJhZER1cmF0aW9uIjoxNzA1MDMyNzA0LCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1135760&pubEntityId=76105514 HTTP 303
https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

Request Chain 569

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUzIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTEzNTc2MCIsImN1c3RvbTgiOiI3NjEwNTUxNCIsImRhdjNfZGV2aWNlIjoiREVWSUNFVFlQRV9VTktOT1dOIiwiZGF2M19vdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIiwiZGF2M191YSI6IiIsIm1vbml0b3JpbmciOiJmYWxzZSIsInJlZ2lvbiI6ImllIiwieHNpZCI6ImE3YzM2NDgyLWEzOWQtNGE3OC04MTViLTRmZWRlMjc0MmVkOSJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDUwOTY5NzY1NiIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE3MDExNzUwMDg1MzU1ODQxNjUiLCJhZER1cmF0aW9uIjoxNzA1MDMyNzA0LCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1135760&pubEntityId=76105514 HTTP 303
https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A4%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

Request Chain 585

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiQ09NUExFVEUiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0LyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiMi4wIiwiY3VzdG9tMyI6IjIuMCIsImN1c3RvbTciOiIxMTM1NzYwIiwiY3VzdG9tOCI6Ijc2MTA1NTE0IiwiZGF2M19kZXZpY2UiOiJERVZJQ0VUWVBFX1VOS05PV04iLCJkYXYzX291dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwiLCJkYXYzX3VhIjoiIiwibW9uaXRvcmluZyI6ImZhbHNlIiwicmVnaW9uIjoiaWUiLCJ4c2lkIjoiYTdjMzY0ODItYTM5ZC00YTc4LTgxNWItNGZlZGUyNzQyZWQ5In0sInRpbWVzdGFtcCI6IjAwMDEtMDEtMDFUMDA6MDA6MDBaIiwiaGVhZGVycyI6eyJoZWFkZXIxMCI6IjIwNTA5Njk3NjU2IiwiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMiIsImhlYWRlcjQiOiI3IiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNiIjoiMTcwMTE3NTAwODUzNDgyMTM4NyIsImFkRHVyYXRpb24iOjE3MDUwMzI3MDQsImlhc1NpbmdsZXRhZyI6dHJ1ZSwiaWFzU2luZ2xldGFnT3V0Y29tZSI6Ik9VVENPTUVfTV9fVkFTVF9fT01JRF9fV0VCX1BYTCJ9&advEntityId=1135760&pubEntityId=76105514 HTTP 303
https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A5%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoComplete%2Csl%3An%2Cad_duration%3A1705032704.1151%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

583 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gaflaquiz.xyz/
Redirect Chain

http://gaflaquiz.xyz/
https://gaflaquiz.xyz/
https://www.gaflaquiz.xyz/

43 KB
12 KB

1300ms
661ms

Document
text/html

2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn / PHP/7.4.33

Resource Hash

ac4c2ad5fcf743b75a0521ac4247780fd2d4ff7b3a527bb3e95be65c89c15291

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 11475
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 12:36:46 GMT
link: <https://www.gaflaquiz.xyz/wp-json/>; rel="https://api.w.org/" <https://www.gaflaquiz.xyz/wp-json/wp/v2/pages/3272>; rel="alternate"; type="application/json" <https://www.gaflaquiz.xyz/>; rel=shortlink
platform: hostinger
server: hcdn
x-hcdn-cache-status: DYNAMIC
x-hcdn-request-id: 76e2572cfc76602a5776ee041107999f-srv-edge1
x-hcdn-upstream-rt: 0.593
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 12:36:45 GMT
location: https://www.gaflaquiz.xyz/
platform: hostinger
server: hcdn
x-hcdn-cache-status: MISS
x-hcdn-request-id: 63af340d54e1a7b82d09235ab93a483b-srv-edge1
x-hcdn-upstream-rt: 0.602
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery-3.5.1.min.js Show response
www.gaflaquiz.xyz/wp-content/themes/gafla/js/ 87 KB
29 KB 34ms
33ms Script
application/x-javascript 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gaflaquiz.xyz/wp-content/themes/gafla/js/jquery-3.5.1.min.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4744
content-length: 30020
x-hcdn-cache-status: HIT
last-modified: Thu, 23 Nov 2023 23:35:45 GMT
server: hcdn
etag: "15d84-655fe1d1-8f3c83e39d55488a;br"
x-hcdn-request-id: ea57ed86d04ab2ea4be7346b42ca3e06-srv-edge1
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Tue, 05 Dec 2023 11:17:42 GMT

GET
H2 200 bootstrap.css
www.gaflaquiz.xyz/wp-content/themes/gafla/css/ 124 KB
17 KB 33ms
31ms Stylesheet
text/css 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gaflaquiz.xyz/wp-content/themes/gafla/css/bootstrap.css

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

2dd06b032096e1ff1481bd84f3501f8ae944df52f65eafdf9fbbf9145c6d875d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4744
content-length: 16789
x-hcdn-cache-status: HIT
last-modified: Thu, 23 Nov 2023 23:35:45 GMT
server: hcdn
etag: "1eff3-655fe1d1-a95e90bd121263f8;br"
x-hcdn-request-id: e1307bb0ed1d430772a202890dd6844a-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Tue, 05 Dec 2023 11:17:42 GMT

GET
H2 200 style.css
www.gaflaquiz.xyz/wp-content/themes/gafla/ 889 B
399 B 33ms
32ms Stylesheet
text/css 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gaflaquiz.xyz/wp-content/themes/gafla/style.css

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

cf52e2a9236efe7f7a8ec7d4fc0048c832141c7145d00edb38136252a77d1495

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4744
content-length: 302
x-hcdn-cache-status: HIT
last-modified: Thu, 23 Nov 2023 23:35:45 GMT
server: hcdn
etag: "379-655fe1d1-1fd62c8ffac105d4;br"
x-hcdn-request-id: c5e5dde7c16ad2e9803f9b1563b0ee79-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Tue, 05 Dec 2023 11:17:42 GMT

GET
H2 200 style.css
www.gaflaquiz.xyz/wp-content/themes/gafla/css/ 54 KB
10 KB 33ms
32ms Stylesheet
text/css 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gaflaquiz.xyz/wp-content/themes/gafla/css/style.css?version=1.99

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

a714b17007676992f0c571ceabb1d24a69479d7e0393ed5433459701909e4498

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4744
content-length: 9674
x-hcdn-cache-status: HIT
last-modified: Thu, 23 Nov 2023 23:35:45 GMT
server: hcdn
etag: "d817-655fe1d1-fe365e11acabc9f;br"
x-hcdn-request-id: 049292c170cbbeefb580deafcca1b73d-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Tue, 05 Dec 2023 11:17:42 GMT

GET
H2 200 responsive.css
www.gaflaquiz.xyz/wp-content/themes/gafla/css/ 10 KB
2 KB 33ms
32ms Stylesheet
text/css 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gaflaquiz.xyz/wp-content/themes/gafla/css/responsive.css?version=1.99

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

5f9143e830a0b967a401b2f2472c0a02c3a8ffdfc40f53f8aed9d1154c236379

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4744
content-length: 2338
x-hcdn-cache-status: HIT
last-modified: Thu, 23 Nov 2023 23:35:45 GMT
server: hcdn
etag: "261b-655fe1d1-bc338dd97df387d0;br"
x-hcdn-request-id: aec0cf46e75cf53f1cfa237ac2bc4cb6-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Tue, 05 Dec 2023 11:17:42 GMT

GET
H2 200 jquery.quiz-min.css
www.gaflaquiz.xyz/wp-content/themes/gafla/css/ 990 B
458 B 33ms
33ms Stylesheet
text/css 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gaflaquiz.xyz/wp-content/themes/gafla/css/jquery.quiz-min.css?version=1.90

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

a5e3a0b72eb8a471a8159f1804a0e0fd3bf544d39d3b850fd26f62a02d3ec660

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4744
content-length: 360
x-hcdn-cache-status: HIT
last-modified: Thu, 23 Nov 2023 23:35:45 GMT
server: hcdn
etag: "3de-655fe1d1-a84cc245119a247b;br"
x-hcdn-request-id: 60f63e2a1b228198272b4d49533e9a44-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Tue, 05 Dec 2023 11:17:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 87ms
34ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-161442750-1

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99a8f24280f9887507f9f5c531645166fef6ee2e079e14fe4295deba5b1e0e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 12:36:47 GMT

GET
H2 200 gafla-logo-1-300x93.png
www.gaflaquiz.xyz/wp-content/uploads/2020/03/ 11 KB
11 KB 718ms
716ms Image
image/webp 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gaflaquiz.xyz/wp-content/uploads/2020/03/gafla-logo-1-300x93.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 2139950bb0334b1eb28373b38356567d694c11d614d8dbcff785b1400d75b0b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 494b462b3e9515024d6de3d24a7637c2-srv-edge1
content-type: image/webp
cache-control: private
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.686
accept-ranges: bytes
content-length: 10882
expires: Tue, 05 Dec 2023 12:36:47 GMT

GET
H2 200 menu.png
www.gaflaquiz.xyz/wp-content/themes/gafla/images/ 358 B
431 B 550ms
549ms Image
image/webp 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gaflaquiz.xyz/wp-content/themes/gafla/images/menu.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 89ba1d7204261aca8c661188127e489e452157be8b33c181a0913803d90a4cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 41cfef428290ae4f95b7285fb5dfdaad-srv-edge1
content-type: image/webp
cache-control: private
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.517
accept-ranges: bytes
content-length: 358
expires: Tue, 05 Dec 2023 12:36:47 GMT

GET
H2 200 question-1.png
www.gaflaquiz.xyz/wp-content/themes/gafla/images/ 732 B
801 B 554ms
552ms Image
image/webp 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gaflaquiz.xyz/wp-content/themes/gafla/images/question-1.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 4137ca4dbc6af096da3cac033360a1566c0355ee5ca220e3bbee30e181e973f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 2395907783ed283972259b865dffe275-srv-edge1
content-type: image/webp
cache-control: private
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.517
accept-ranges: bytes
content-length: 732
expires: Tue, 05 Dec 2023 12:36:47 GMT

GET
H2 200 trust-1.png
www.gaflaquiz.xyz/wp-content/themes/gafla/images/ 912 B
978 B 551ms
550ms Image
image/webp 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gaflaquiz.xyz/wp-content/themes/gafla/images/trust-1.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 5bfc8547b7dc530c22a9fe437c65e70deb8d99a381fb55d40da45c397c31345e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 7069e0e1f83b7bf1efdaccded57671c0-srv-edge1
content-type: image/webp
cache-control: private
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.517
accept-ranges: bytes
content-length: 912
expires: Tue, 05 Dec 2023 12:36:47 GMT

GET
H2 200 heart.png
www.gaflaquiz.xyz/wp-content/themes/gafla/images/ 1 KB
1 KB 552ms
551ms Image
image/webp 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gaflaquiz.xyz/wp-content/themes/gafla/images/heart.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 3c75bb3d00bf67f7eb542653159d395150d3fd94699e2cbb64f5e20ac54cb4d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: d1b743c89310e30352bd91491474f226-srv-edge1
content-type: image/webp
cache-control: private
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.517
accept-ranges: bytes
content-length: 1442
expires: Tue, 05 Dec 2023 12:36:47 GMT

GET
H2 200 casino.png
www.gaflaquiz.xyz/wp-content/themes/gafla/images/ 5 KB
5 KB 552ms
551ms Image
image/webp 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gaflaquiz.xyz/wp-content/themes/gafla/images/casino.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: e4469dd506952315dbcd398d2b630e2632aec6cfd4374de1aa48b4e6ddd7c0a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 76fc9e7f609baf0ec8b71c6f6a28aa82-srv-edge1
content-type: image/webp
cache-control: private
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.517
accept-ranges: bytes
content-length: 4988
expires: Tue, 05 Dec 2023 12:36:47 GMT

GET
H2 200 battery-status.png
www.gaflaquiz.xyz/wp-content/themes/gafla/images/ 364 B
437 B 509ms
508ms Image
image/webp 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gaflaquiz.xyz/wp-content/themes/gafla/images/battery-status.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: a4c85b1228a6283cdd61697b663680d84992b02a2e780f85f327a40ecce66fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 359ca6ff6d72a0d013392f42b18a61ee-srv-edge1
content-type: image/webp
cache-control: private
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.477
accept-ranges: bytes
content-length: 364
expires: Tue, 05 Dec 2023 12:36:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 177ms
125ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a312ee89ec5f18a416fb6a95ffa6f98c2f580d4542cdb271905f4c9823c5a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52715
x-xss-protection: 0
server: cafe
etag: 7147439572764496674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:47 GMT

GET
H2 200 gafla00-300x69.png
www.gaflaquiz.xyz/wp-content/uploads/2020/03/ 3 KB
3 KB 562ms
562ms Image
image/webp 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gaflaquiz.xyz/wp-content/uploads/2020/03/gafla00-300x69.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 52770d7ed8a425cf298da4db7c8a5c4274479d5266d2271b448097ec0fe55129

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 1210cec1c1e171a98dc442f1ef758ec1-srv-edge1
content-type: image/webp
cache-control: private
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.532
accept-ranges: bytes
content-length: 3312
expires: Tue, 05 Dec 2023 12:36:47 GMT

GET
H2 200 shortcodes.css
www.gaflaquiz.xyz/wp-content/plugins/shortcodes-ultimate/includes/css/ 44 KB
7 KB 34ms
33ms Stylesheet
text/css 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gaflaquiz.xyz/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

41e8d373b9d97d2006ac7790c8962b71668574e1342cd834ee9e6f40302bc7e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4744
content-length: 7150
x-hcdn-cache-status: HIT
last-modified: Thu, 23 Nov 2023 23:35:49 GMT
server: hcdn
etag: "b1e3-655fe1d5-14da730d2fe1b0;br"
x-hcdn-request-id: 7dec5eddf19374388f000149a0cd4e2e-srv-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Tue, 05 Dec 2023 11:17:42 GMT

GET
H2 200 bootstrap.min.js Show response
www.gaflaquiz.xyz/wp-content/themes/gafla/js/ 36 KB
9 KB 34ms
32ms Script
application/x-javascript 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gaflaquiz.xyz/wp-content/themes/gafla/js/bootstrap.min.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4742
content-length: 9399
x-hcdn-cache-status: HIT
last-modified: Thu, 23 Nov 2023 23:35:45 GMT
server: hcdn
etag: "90bb-655fe1d1-721343dc500718d3;br"
x-hcdn-request-id: ed560361e4c5cfa4713473869ef5e40b-srv-edge1
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Tue, 05 Dec 2023 11:17:44 GMT

GET
H2 200 fontawesome-all.js Show response
www.gaflaquiz.xyz/wp-content/themes/gafla/js/ 698 KB
239 KB 35ms
33ms Script
application/x-javascript 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gaflaquiz.xyz/wp-content/themes/gafla/js/fontawesome-all.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

a810b4c2ffea1a40047523d8c834c0ae660274466020bd02a337bc53c692f411

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4743
content-length: 244013
x-hcdn-cache-status: HIT
last-modified: Thu, 23 Nov 2023 23:35:45 GMT
server: hcdn
etag: "ae888-655fe1d1-353b773935708d29;br"
x-hcdn-request-id: 81aa84ee0743e420e317b645e0f53685-srv-edge1
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Tue, 05 Dec 2023 11:17:43 GMT

GET
H2 200 jquery.quiz-min.js Show response
www.gaflaquiz.xyz/wp-content/themes/gafla/js/ 6 KB
2 KB 35ms
33ms Script
application/x-javascript 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gaflaquiz.xyz/wp-content/themes/gafla/js/jquery.quiz-min.js?version=1.6

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

7e56a842a5678e97055f0b4aaf6b0fc3e79cfa0c3d46ebaf0bff1807748e9ffd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4742
content-length: 1654
x-hcdn-cache-status: HIT
last-modified: Thu, 23 Nov 2023 23:35:45 GMT
server: hcdn
etag: "17d5-655fe1d1-eb14bc605e763acc;br"
x-hcdn-request-id: f35caab1d1f3a2c5440354a8794b4af7-srv-edge1
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Tue, 05 Dec 2023 11:17:44 GMT

GET
H2 200 app.js Show response
sdki.truepush.com/sdk/v2.0.2/ 1 KB
949 B 94ms
21ms Script
application/javascript 2600:9000:2491:b800:7:6b7b:1000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdki.truepush.com/sdk/v2.0.2/app.js
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:b800:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:19:13 GMT
content-encoding: gzip
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
last-modified: Wed, 31 Mar 2021 07:22:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2377055
etag: "b861f6349fdb27190bd25dbfcd7674ff"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 581
x-amz-cf-id: PoXqIWv410o5DeXPm5I4FfvYwJxn024zXAsRhDED1VHEBK5QLfPLzA==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/secretmessage-gaflaquiz/ 158 KB
44 KB 619ms
540ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/secretmessage-gaflaquiz/loader.js
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffef2b07cab83ecd7a031073188b7077b15e1af20d085172ffb9f5685588ff9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9_fXGq6RzlkIy0ebd9x0ZgeaD_Cjxy5o
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Nov 2023 12:36:47 GMT
x-amz-request-id: HWHBTFAH0KCQ5PM4
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-amz-replication-status: FAILED
content-length: 44700
x-amz-id-2: 2bDB8pSjX0ekrgrKe4TFfWbF6u4+UZhzrLbeT6/OT/MrgmAorq6FCp8aeXVurugD6Q95MXNPWMs=
x-served-by: cache-cph2320052-CPH
last-modified: Tue, 28 Nov 2023 10:54:35 GMT
server: AmazonS3
x-timer: S1701175007.040173,VS0,VE505
etag: "1eea9862cbbcef9afc26f1da5a4a9d8c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 48
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/v-gaflaquiz-xyz/ 30 KB
7 KB 967ms
504ms Script
text/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/v-gaflaquiz-xyz/vdo.ai.js
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf326b98c14cca2229a115c83b81e573f1cb2d4411da5c18a2004cb08db39ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 28 Nov 2023 12:35:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript;charset=UTF-8
vdo-server: Tag3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2F7g%2FVFe4MyE%2B6qwPZpMd6%2F3B3TicfqAQz3WFfqeuzzBe%2BbgKw7y0lEI3lEnMCFqpePssIxI7qGE%2BZk4xi7bX35f82%2BoCDsbXcSQ925oHNhPISOy7YIRko3R%2Bk9UBiwf54C0aPmJig%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
cf-ray: 82d2a894eda94060-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 gift.svg
www.gaflaquiz.xyz/wp-content/themes/gafla/images/ 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gaflaquiz.xyz/wp-content/themes/gafla/images/gift.svg

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/wp-content/themes/gafla/css/style.css?version=1.99

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

6712eddfa9a7084c0702cba4431c4072d0ad04a7fb6254871ddee177b2f32de6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/wp-content/themes/gafla/css/style.css?version=1.99
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 4742
content-length: 997
x-hcdn-cache-status: HIT
last-modified: Thu, 23 Nov 2023 23:35:45 GMT
server: hcdn
etag: "9f8-655fe1d1-b1715eb65b09218b;br"
x-hcdn-request-id: f5ff91ef4ac23604b4228c3ca6a26cde-srv-edge1
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Tue, 05 Dec 2023 11:17:44 GMT

GET
H2 200 style-noise.png
www.gaflaquiz.xyz/wp-content/plugins/shortcodes-ultimate/includes/images/styles/ 5 KB
5 KB 541ms
541ms Image
image/webp 2a02:4780:24:9ad:b4:fee5:a15e:6e24
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gaflaquiz.xyz/wp-content/plugins/shortcodes-ultimate/includes/images/styles/style-noise.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:4780:24:9ad:b4:fee5:a15e:6e24 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: hcdn /
Resource Hash: 6706e4b58b7ca3f57acefc1a41ef328f0f0ac97ad750d029c5690def1fc3cbe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
x-hcdn-cache-status: MISS
server: hcdn
x-hcdn-request-id: 3254a36404edebde117ce22fcef72213-srv-edge1
content-type: image/webp
cache-control: private
x-hcdn-image-optimizer: f:webp q:85 w:1600
x-hcdn-upstream-rt: 0.495
accept-ranges: bytes
content-length: 5042
expires: Tue, 05 Dec 2023 12:36:47 GMT

GET
H2 200 version.json Show response
sdki.truepush.com/sdk/ 176 B
566 B 60ms
20ms XHR
application/json 2600:9000:2491:b800:7:6b7b:1000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdki.truepush.com/sdk/version.json
Requested by: Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.2/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:b800:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 07:39:57 GMT
via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 05:36:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 1486611
etag: "327739750637fd5a1dd49dd855637862"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=300
accept-ranges: bytes
content-length: 176
x-amz-cf-id: Sh1zxU6eV-ssXb1DEGnV-eEIGcTEqiQabIRU3IzAgRydohhcpFN_cw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5JRXKHRCBQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161442750-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1a0f6dd33c99969ce16612f86dd92df45cd0f380e1442ff6087fd48a75c8784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 12:36:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161442750-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 11:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2829
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 28 Nov 2023 13:49:38 GMT

GET
H2 200 main.js Show response
sdki.truepush.com/sdk/v2.0.4/ 80 KB
19 KB 25ms
25ms Script
application/javascript 2600:9000:2491:b800:7:6b7b:1000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdki.truepush.com/sdk/v2.0.4/main.js
Requested by: Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.2/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:b800:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 01:45:05 GMT
content-encoding: gzip
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 04:37:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2544703
etag: "3d47f45ecfb765f8b8b58d2a4b1883fb"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 18934
x-amz-cf-id: ax96h8k0DwnF565zMm2vh70XklEgwPlet93Eyxpu677BndT-dt0_Aw==

OPTIONS
H/1.1 204
No Content truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ Frame 0
0 1774ms
1210ms Preflight 103.231.212.226
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.212.226 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),
Reverse DNS: static-103-231-212-226.ctrls.in
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gaflaquiz.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.gaflaquiz.xyz
Content-Length: 0
Date: Tue, 28 Nov 2023 12:36:48 GMT
Vary: Origin, Access-Control-Request-Headers
X-Powered-By: Express

POST
H/1.1 200
OK truepushSDKPlatfromDetails Show response
sdk.truepush.com/api/v2/ 1 KB
2 KB 734ms
187ms XHR
application/json 103.231.212.226
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails

Requested by

Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.4/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.212.226 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),

Reverse DNS

static-103-231-212-226.ctrls.in

Software

Resource Hash

07f1ace56a7af2f94582221c820a61ced64834e3b92ad1c459b3b72825d3e7f3

Security Headers

Name	Value
Content-Security-Policy	img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: img-src * data:
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Tue, 28 Nov 2023 12:36:49 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Transfer-Encoding: chunked
X-XSS-Protection: 0
Referrer-Policy: no-referrer
ETag: W/"42e-C38XNhBNTzi3zPXnTwzd/a7ckdQ"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Vary: Origin, X-HTTP-Method-Override, Accept-Encoding
X-Download-Options: noopen
Access-Control-Allow-Origin: https://www.gaflaquiz.xyz
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 74ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5JRXKHRCBQ&gtm=45je3b81v892043596&_p=1701175006950&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=344698243.1701175007&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701175007&sct=1&seg=0&dl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&dt=Gafla%20Quiz%20-%20Love%20Calculator%2C%20Friendship%20Dare%2C%20Whatsapp%20Dare%2C%20Secret%20Message&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2796
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JRXKHRCBQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2462751652998210&plah=www.gaflaquiz.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7587de90f8ba6bfbf27b176765f5d10d1fbbcb65b4753c355d952fd3b10e631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138524
x-xss-protection: 0
server: cafe
etag: 16256393617401460895
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:47 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame C012 9 KB
4 KB 68ms
20ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 09:02:55 GMT
etag: 16674218716276178799
expires: Tue, 12 Dec 2023 09:02:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 27ms
26ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2132356980&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ul=en-us&de=UTF-8&dt=Gafla%20Quiz%20-%20Love%20Calculator%2C%20Friendship%20Dare%2C%20Whatsapp%20Dare%2C%20Secret%20Message&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=611330687&gjid=1709790076&cid=344698243.1701175007&tid=UA-161442750-1&_gid=1821773748.1701175007&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1226193975

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2796 25 KB
11 KB 493ms
491ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=90&slotname=7951882379&adk=4164559049&adf=1839787983&pi=t.ma~as.7951882379&w=728&lmt=1701175007&format=728x90&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007196&bpp=3&bdt=328&idt=184&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=8115316249199&frm=20&pv=2&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2462751652998210&plah=www.gaflaquiz.xyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a8f94aa5751b9410832e97b5049961c4cf9483c4047230528920e8a53e80cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11117
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:47 GMT
expires: Tue, 28 Nov 2023 12:36:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DFF1 86 KB
27 KB 563ms
562ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=9578285275&adk=3645834497&adf=3077256435&pi=t.ma~as.9578285275&w=750&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007199&bpp=1&bdt=332&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0a83cece9c36a031be34bcc8f6261158319ab3974d37db801af7deadc133a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 27592
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:47 GMT
expires: Tue, 28 Nov 2023 12:36:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE2C 33 KB
13 KB 482ms
481ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fdbb1c2b2ebf66dfa07949fc25b37a5b66a64e76b2b51d93821bd7756af7731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12857
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:47 GMT
expires: Tue, 28 Nov 2023 12:36:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD48 318 KB
71 KB 633ms
632ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&adk=1812271804&adf=3025194257&lmt=1701175007&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007216&bpp=1&bdt=348&idt=186&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280%2C360x280&nras=1&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=195

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

451c6ad408582c07cee6d9d502b56bb3f982a2000bb2f6f28474aeead35a7385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 72977
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:48 GMT
expires: Tue, 28 Nov 2023 12:36:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 impl.20231128-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 819 KB
170 KB 37ms
37ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231128-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/secretmessage-gaflaquiz/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 921855cc0d54c25fe1a9393a5b4f89b3050d4236b268bf509c2dae1d77a0c9e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: BL1vW9f9pITBjpenp_9CT456IDE5_9dT
content-encoding: br
via: 1.1 varnish
date: Tue, 28 Nov 2023 12:36:47 GMT
x-amz-request-id: 8RVZEFZYJN2BPZZ6
age: 8059
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173845
x-amz-id-2: tkq3wElyNkI4uMe3SzQbnq7Q6x70BXxfcpz/Jc6Wxo6xS8G4MXd8rBADsPdESOI21Grc76y3Hk4=
x-served-by: cache-cph2320052-CPH
last-modified: Tue, 28 Nov 2023 10:22:28 GMT
server: AmazonS3-br
x-timer: S1701175008.631612,VS0,VE0
etag: "8c74c8df5d2f175a1407b30aa90bfb47"
vary: Accept-Encoding
content-type: application/javascript
abp: 15
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 3156

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 111ms
36ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231128-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 269923
expires: 60

GET
H2 200 json Show response
trc.taboola.com/secretmessage-gaflaquiz/trc/3/ 53 KB
16 KB 383ms
371ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/secretmessage-gaflaquiz/trc/3/json?tim=13%3A36%3A47.743&lti=deflated&data=%7B%22id%22%3A860%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1701168873964%2C%22vi%22%3A1701175007741%2C%22cv%22%3A%2220231128-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gaflaquiz.xyz%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.gaflaquiz.xyz%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1761%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-below%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1006.6875%2C%22mw%22%3A750%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-right%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A438%2C%22mw%22%3A360%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2CBelow%20Article%20Thumbnails%3Dthumbnails-below%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-right%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231128-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3fc09a130820c5e03c7c87bfa89446e32fe19ba35adbadf252616fe2f158ba28

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 336
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.9500000000000001
x-fastly-to-nlb-rtt: 13325
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-cph2320052-CPH
x-log-content-encoding: gzip
server: nginx
x-timer: S1701175008.764163,VS0,VE336
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.gaflaquiz.xyz
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE2C 42 B
63 B 53ms
53ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DkP70XxO0m8hF7J4uSX6WPS3YtzyQaR7FGnAsZbLrPov7wpbdQDTvA-QtRyK_eAbJqI4hdljWj1AyJo7ayvTYKY0npvni7WjuB8bES8v3bz6gRcc4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE2C 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12378267314779064476&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FE2C 89 KB
31 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:47 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1474271/76103297/xbbe/creative/ Frame FE2C 263 KB
80 KB 153ms
51ms Script
application/javascript 52.210.22.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DTJfZuu1nVZBC2aprBXKb-3ZFSdulTYrftp9jmGGQRUl1up5gR7GaFi9872j6ZNbAx92aWkPUe--Wk9NPGhHwpu5CyrxoPwy2W1khgTr3U_0Wr2H7Qlcrlr6_m98797kXjUpPvFVJvm3ZAxwO59GE-qxG_XuWugqAdvmskBYOsrrgsoRYS-RQAoCZ_4LkOtTZwUYJC8WH-z4oal2al94F2LCeqAmkPBQ9kET9LMDCrHdR7xnyzp-0-PXyB7AMq7xGxzhES8nQwTdTCiVaqxsKrc8znqKUgVo_wW-ymAE871NOuy_ybWh_xvancMr1yJyhNydSicuYRKStr1fqaZ72tSRq--iT5HSVWt5ewW784HJjFfw2N86u9mSTvFHAc7TlyUvG3lZoDj2fzSLgn6holYWzOfA0r8Ew2i0ic7babhGNQFhLDB8xWbz_q15yh5IOIKhXJWAGI2eRwfh5aU7jgBPvLoB1QWUtIHBwHY8GSqy4fKRyxGYzgcFFnaXHMPzyJ5M7LG61tbzW-Hj3tFiUi3Q-Y7pLbG5uySgkcJYDCSfHfi7fNbskceSI1BoKclHySTtXlxAJwk9YOHOIHt9zSgDpvnykK_Rgus0nEC0ZgUQ2gqwDxqKRmtwqEYDPTtpbBYHL2t4-n-CE2wgtmK9mjA-Ih0Bhvamyo0D0lSYWgGVWw8UQkN3N0hHlHPgDUa8AKRsBw4YRH_FBZQc6Lswn8zFXKvuHN9KLUXtWhigjVNJFWVnSH7bLYwWd09i7cYmuKb7Km_jWZpSo_zHX1oZrDe7WGS4w4PWrZbpzCK9f0BJAvfYgYw5KbWWYn_tV0W4io8w_pV7THtiKKi_f6-EmX5nrd33HYK42fCcUmG6gTNAiJFFUBQnuPXWriOZMpYztEJMtbDkL1dMjYvutZ0s3cOrkItninwyd498ZHYe3N8Ea9QgkzkCLQPJl9bruotV1D2sF2NM-WWUXV_8BA4QrFzCno49xAGT-_4Wm98zumnlq_kKe9MJm35dFPGsFOtywHkMiUwxf4p0AHPJJNPpAji8GPjafL9_1fhvulqUPHj0_eGqd-PYU1_JbnGgVZO_fbG4D87cAoiVxMmoSb9IMtsQxF93P9gi1RBgA6c_lLNC13b6JDmrjjLKuyWhy-SuKpfvdqhUHe8gbkxZ_kjnCzqu-6Mo4atHv2a72J3d0PbdlDK1ArPWlqk5L4O-cQjAsRr1eDFKrZAtUf3SjBx-EWb40N2Ni410U3ZWJNIixSv6EoI3A5qfLabuf0QXQ_iPv6r2OuRGWMMp92KOwveJ9R8hyZCdWZFmqKzQR_nGKHbhB7u5ywqokrU8t9w1K9VXsn15KsaZnBzohO4-Pk76_SP8Qh1vmSqoXcspYz6YDQ-lnEL1cF6u2h7v7hRzddpRyEXtZGKFCTDKraA6z9bJTJn2DEjgXYWCvIpioiaW6A-xjDYPCpghJhp3d1hhjjfi3Sjm1c1xA3Wmrj35LYyC9vWzBpBuG9VVgBPai-G95LZIBp2NnayY3wen7k1qguXkciDnDI3vGuUZfw7o6Y8aReP973duUzd0zyqRTv7gl4beOppS6mKubk_aERQVEC9Sol1HrxCVa6t4mki1765xQF2z9CEqBPg4iqWoKpPWrJbakNpNoodZsfM_cguglWas8KK9zHWxKQNO-25WJ6SwTRcO3SEQV-BPHnS3wFAZru0R7e1S3GtzK1SvpvjmcZ29nrs7h0dBYA8h7Ryx2IUXqgPG1DfNVG_UK64NL_9KStoHB_HJs9EhsgxpHoYBN-_Z6V8kTqmy3frs-AJ5c7qMXCNG6iK4TdDoG0CosoE_h9W9kEwyo_vHfP6cW9y7ymX6AIA0MRb8oeEr-_miPU24cJktnsk1-mi4Fo6fXxQ_ir1XPOwglQR7SqR2yEzBPVyVqA5aQ5Vr6Q4_Bz-rHkgKW1hPD3TfZ0OiY0u9i8ilAOsc-ZzEHqDMClUvJjEjVk-LRuh4wjz5VHB9rGqDUExSJIjTsqnJOLrH6rTQF6sYPuyVWs_UxvnKKXVNr5qQ20C1--_FRBPs5lmnkNQoLvR5yBfDa1JlxkECo2YtD98rsMSeC3Lo4_xSxXtiEZyWjNFeSxmf4P2zLtK-pAlaGoMaxJbCwoKLb6J16AOnl-VvJ4H_o7_rf5l8iqvkPgcNzUv0YUxxbkv4wLO7MI41U3juLQAAydWByt6o4GldOD7tCTmixhYwfsvArM1_vwL0PQj0-wgXM42X1HbdaSI5q5cLLA0NiAibR0JGxSGuHZ_Fv3O1OLTHmF4IPoWFDSMMURi55fiz-992DYFrhbz85x1RMN2eHUjIQUWSYZm6mUMvQSLnwSbG3WJzeHzm_B7MEQiC5MpB1XVbwgmhBSlP5Q6Np_hGt7QcuLh_T-zRhaj3EsfFMYgguOhdNtGt9dAvkWQ5LtbIQtJ77z816mGc4mqsGSUVtwy2CtHL54HkiMJNxADU_bmLn066-91LBRStuDTr6wOb5QdAmI3A9fkIG76n6t_QyRy7K04mKgLdNZB7_XBFfHc-ZRWiCEEnDFKIUvG1Df0S00A2YPm26MXJ0OnEWgnX3pXvV6PPMrLIsXrPUUmj2YCsH6cO47lqO6FVblNAX4aDCb4QBqebI3hBCqfe1fRwXlii_9fbHJ9JtjsF3QGGcUtGs1optSMtqxSdSZQR6kO9wYUJM7m4Qy6bTZPHtDPL3F-1YVA0BaK-N4PADyDCE1rNbomQ5oNpyE41N0Jab_hvyPPDd-MPr4gwDcOgzXI2WrpcN3gB1CnEMWzgFQ4J-l7wYrBBSl2GR7Bx83C7R0XIWROsAT1SyXzd7RYQUp8OGXUcbCX5oYzumeOzVTl8K7iHMDmJjcnZRY2ktsaMkpp0ZADMYUMEZNLmnfEFCbXin-MJM8XOKjqcAuDCIYJ8BGDLF9fSLLXiGt2MOSpj9iC-1FGpvoTAptWssdlxb-JHcG4AQZ9JoaUC9SK_c1YqMOZ4bPEE2KzHyEadlkiAj7tB6lvkynh_6nL8kePYs9MBV6cxhA7dWFMpueKkn17mxOutNbDykMlkcvVCVChyIqq-VgXI5mYbiiUgNahTpdnp_1MnkhTmFnAqxl2ekszBZPUA0WDND5KjhpcTIlkdQMN_YRMlOvZgYu3gt6wAayEgOShdVK0OIvnbjHckghu7FtXrQVTxvEeTzSH7ODg06fnIBRrUzGYGfEKEF0O2rvyOGawdMumuYVvNtkal8-Tc5Aa8LKyoy9GH29n7vZsDpxL-0BiX5JSMjicOE4ldCJoY3J0LX_n72skQb8Z9ZRxHKHykzUseQXWp2t97tNUUN5Y5dq0CXYViEhK2SyDWDknQigNZfdViBCqMz4zgu-5BtyMjbQqzCmIW623IIRdaqsMv7DaYlmqlBUSmoja_k2HCdZEhL7t9liCzRtGm3Rp30NvaTgQFKfajVzEVCzPs4lLsbNJpLrFmU6kHwlW6BRIeij66kWoiD4Yx3j04eekvo0wlCxFSIS9NMZf90-mhVjuJbvGeEnNz7j-5E-VpM0VxceoZtRH5CiTRsZfJ8dUvVlisVRKQBLLvR5YfoOEk3050zaCs6NGgenRKMh4wEF6wM5AXaO23K47pCPHHC138tGu_mxAm2w5dLlu-LMusEkYnWaz8AzGc7y9hZuoqKLMWWP9m9ADR6cO6HYCaiBckG1rB8UCqPOX4d185UX4T_HNP3hFrXIMxDOwurX6GLQCSWqS8cUjmfFUNk2gQUHQRpVCAQSTwDICaaNq-Izz6zxkWywYtVA51b1HjEs_K7e2vpm0pJOxmG4Jp9xwsLuz9tMybWUBX8VnUGOlN1EPP9_MC7xj2IOQvCTZWjQAfPf-Rc0MOkYAWAB&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20118583893&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0g7PQ8r_W1GGJQIOqhpKqR2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.22.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-22-122.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e0018d3debe59f96c05dc04ae1fe54e88a54f36145c36194f544460bd1dc907f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FE2C 3 KB
1 KB 88ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:08:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FE2C 20 KB
9 KB 81ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE2C 202 KB
64 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B2E4 624 B
246 B 64ms
63ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNU9mLlbcfJ7cJ4AgR2p4_kic_PHLw4QMEtcX_xPVx1TCAWhnzlt_hTDnRntzDrkMM_ztRTpaTogCvs5T9ygjYOB1k0UHtGT64CMIJ_v6Bdhk9S08xzHnnhuFx9xNYw8SOkPQkVFUIpFzBynxByCszUVy3tTi1M9qnXn0ik1QNCUPbaE2lg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:47 GMT
expires: Tue, 28 Nov 2023 12:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2796 42 B
63 B 53ms
53ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A44b96V47uhYASKe2WQohx--4g0NWKNHpVoMxIyAn-NNEormDBHlcHmaPiP_VR5S2-nznUz98fNwGCyqoJMO4IPgdchc_AVBUZcDIZeL8J3fNeNaE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=90&slotname=7951882379&adk=4164559049&adf=1839787983&pi=t.ma~as.7951882379&w=728&lmt=1701175007&format=728x90&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007196&bpp=3&bdt=328&idt=184&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=8115316249199&frm=20&pv=2&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2796 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5974193147930523099&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2796 89 KB
31 KB 141ms
140ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5175 624 B
246 B 63ms
63ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWron_z0rnM8bmkV4XK3N_l62yA0iEPKsYJp3ZyalIcc0QgDnx-hIou57574Fazsn5KHG6af8p3zp5mLdTge9XQ5acqcFtvSAjWFKHAZMrT70WfNrdxMMFUFi_Sb271zR_C2S-huM8lsKYMVKVyupyEpYuo267q7oK7cgwuMilho46rXdE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=90&slotname=7951882379&adk=4164559049&adf=1839787983&pi=t.ma~as.7951882379&w=728&lmt=1701175007&format=728x90&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007196&bpp=3&bdt=328&idt=184&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=8115316249199&frm=20&pv=2&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:47 GMT
expires: Tue, 28 Nov 2023 12:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2796 3 KB
1 KB 92ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:08:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2796 20 KB
8 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2796 202 KB
64 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8J9SC9WB3T

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-gaflaquiz-xyz/vdo.ai.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2fad356b2d5119336e6cb3297068e4e39a9af3f0908ea8386ed09b3add27b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93737
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 12:36:47 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-8J9SC9WB3T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161442750-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

495f4c9c2cc9d2ea92326d9247b9153a70081333fe635c95514181ae261c3d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92768
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 12:36:47 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 340ms
108ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-gaflaquiz-xyz/vdo.ai.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:48 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 14 KB
3 KB 143ms
61ms XHR
application/json 2606:4700:3038::6815:ea92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=gaflaquiz.xyz&tag=v-gaflaquiz-xyz&domain=gaflaquiz.xyz
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-gaflaquiz-xyz/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 227dbcbcfee239493cea1f2eceebf923bd768a4032d0af10b370dc35f4d114ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0oQ3w9IAN%2FXneKRsq3Wk2jv0oTvrpdSGw5cm6BrlfOqIddoddAuij3muAcFjYRnOFicZbJ%2BJ06HHunx3K6NS7P6qSavBhYWNqnsC3%2BZ9sim94shS50IGdR%2FrwNT1qLLl%2B5oiHoTdIaxVaADVcXf"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: application/json
cf-ray: 82d2a8982b2666f2-AMS
alt-svc: h3=":443"; ma=86400

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B2E4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECeYd6GPCp8M2aG7ItULUWc&google_cver=1

43 B
328 B

51ms
50ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECeYd6GPCp8M2aG7ItULUWc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNU9mLlbcfJ7cJ4AgR2p4_kic_PHLw4QMEtcX_xPVx1TCAWhnzlt_hTDnRntzDrkMM_ztRTpaTogCvs5T9ygjYOB1k0UHtGT64CMIJ_v6Bdhk9S08xzHnnhuFx9xNYw8SOkPQkVFUIpFzBynxByCszUVy3tTi1M9qnXn0ik1QNCUPbaE2lg
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZfA0C7nwYOA0URgxFJzTYnCmyZFhKHciRNUMsNr8IHPp2luigcwcsOR8dq254wUIcrrMIuGBmRS7vYsEXGXbxEThMdEM49Vb2Rk%2BfgYrebEYnj%2FbpXGs%2B7U5MT5bkPo6Ev%2BilBLRifDxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2a8989fed2bdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECeYd6GPCp8M2aG7ItULUWc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B2E4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXe4Mm3EOp3ikkf3ajvaAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

43 B
730 B

66ms
65ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNU9mLlbcfJ7cJ4AgR2p4_kic_PHLw4QMEtcX_xPVx1TCAWhnzlt_hTDnRntzDrkMM_ztRTpaTogCvs5T9ygjYOB1k0UHtGT64CMIJ_v6Bdhk9S08xzHnnhuFx9xNYw8SOkPQkVFUIpFzBynxByCszUVy3tTi1M9qnXn0ik1QNCUPbaE2lg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Khe6JAI9aLs5sO6xtkU9LTCIr44VNhGBdiZWwKQEdsQM06XtlWs2XX1Wi4jWIYqVdEr0a%2BVXZytNkJt0ZiN2ZQy8ir%2BD1pdPP6bqu1X2zRqKIQu05q0db84jVH34XohR29gjE72EcDTsBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2a8990ee99bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B2E4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEC4HkPI7lmrVGjTrkhmZ_v4&google_cver=1

43 B
845 B

29ms
28ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEC4HkPI7lmrVGjTrkhmZ_v4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNU9mLlbcfJ7cJ4AgR2p4_kic_PHLw4QMEtcX_xPVx1TCAWhnzlt_hTDnRntzDrkMM_ztRTpaTogCvs5T9ygjYOB1k0UHtGT64CMIJ_v6Bdhk9S08xzHnnhuFx9xNYw8SOkPQkVFUIpFzBynxByCszUVy3tTi1M9qnXn0ik1QNCUPbaE2lg

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
an-x-request-uuid: a246f519-e3ee-4917-a6f5-4788cf9c103b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEC4HkPI7lmrVGjTrkhmZ_v4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B2E4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

170 B
243 B

35ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
an-x-request-uuid: 217bdc2a-b662-43d5-a928-458a53164b31
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D
x-proxy-origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 5175
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

43 B
335 B

37ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWron_z0rnM8bmkV4XK3N_l62yA0iEPKsYJp3ZyalIcc0QgDnx-hIou57574Fazsn5KHG6af8p3zp5mLdTge9XQ5acqcFtvSAjWFKHAZMrT70WfNrdxMMFUFi_Sb271zR_C2S-huM8lsKYMVKVyupyEpYuo267q7oK7cgwuMilho46rXdE
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NGp95I16wRWpI6cmh3zK5%2Fc3zDuJXC74t3ey9NqTfPg8OmuIQdP5r6DW74xRPg5i5GE4lqkX1P553DlAfFfuOx8wZ9J07TVngbpcEOUHa%2FBixF4Fw25nfqWPMd05Ddbm1JRX3l19SFXcA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2a8989fe82bdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5175
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXe4Mm3EOp3ikkf3ajvaAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

43 B
772 B

47ms
46ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWron_z0rnM8bmkV4XK3N_l62yA0iEPKsYJp3ZyalIcc0QgDnx-hIou57574Fazsn5KHG6af8p3zp5mLdTge9XQ5acqcFtvSAjWFKHAZMrT70WfNrdxMMFUFi_Sb271zR_C2S-huM8lsKYMVKVyupyEpYuo267q7oK7cgwuMilho46rXdE
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BCwItK0fTvBh%2BaEbNlFENoajtB9NRZh4v%2Bwz72%2BdALyjoAmmWGSHPi8ZYRCrbRUpLeNG64%2Fh6KoydOoqnIuSpma1y2y1M9rHWRI6rifJwTBjIxTq3HneOX%2FFkhgAIxEgs7LuKpPJKp3YA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2a8992f099bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5175
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

43 B
841 B

70ms
69ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNWron_z0rnM8bmkV4XK3N_l62yA0iEPKsYJp3ZyalIcc0QgDnx-hIou57574Fazsn5KHG6af8p3zp5mLdTge9XQ5acqcFtvSAjWFKHAZMrT70WfNrdxMMFUFi_Sb271zR_C2S-huM8lsKYMVKVyupyEpYuo267q7oK7cgwuMilho46rXdE

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
an-x-request-uuid: abce30d1-4899-48f6-a8e1-6bfcf6b8a69d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5175
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

170 B
232 B

33ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
an-x-request-uuid: c543b115-06de-41e0-95d9-5a945b32ec48
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D
x-proxy-origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame DFF1 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=9578285275&adk=3645834497&adf=3077256435&pi=t.ma~as.9578285275&w=750&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007199&bpp=1&bdt=332&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:09:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DFF1 8 KB
1 KB 78ms
28ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:21:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame DFF1 15 KB
3 KB 70ms
20ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 08:27:12 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame DFF1 376 KB
131 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 11:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 11:54:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DFF1 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8J9SC9WB3T&gtm=45je3b81v9116829475&_p=1701175006950&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=344698243.1701175007&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701175008&sct=1&seg=0&dl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&dt=Gafla%20Quiz%20-%20Love%20Calculator%2C%20Friendship%20Dare%2C%20Whatsapp%20Dare%2C%20Secret%20Message&en=loaded&_fv=1&_ss=1&_ee=1&ep.event_category=vdoaijs&ep.event_label=v-gaflaquiz-xyz&tfd=3655
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-8J9SC9WB3T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 83ms
27ms Ping
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8J9SC9WB3T&cid=344698243.1701175007&gtm=45je3b81v9116829475&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-8J9SC9WB3T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 96ms
45ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8J9SC9WB3T&cid=344698243.1701175007&gtm=45je3b81v9116829475&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1844211309

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE2C 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1051385107240&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE2C 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1051385107240&version=m202309260101&ct=76&x=1&cor=12378267314779064000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FE2C 16 KB
12 KB 208ms
208ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT-JxRXXa7i0Bfz2u8y06Fe3H9EDgIKYcUSIY0h-OMiTf4BVEaU6Z_sFzgXynMvlwiOr4ozrRoTZHWEZM7FXInnolMNeDxvsOtSfqL2ggSEEygsTmfggKIBbZ2yWtb0kHuf9hqz0BqKpuhVdI6igtjQ22zzoPTEA8b2MICpRuByLyOLYg&cry=1&dbm_d=AKAmf-AH2UciWHCfucUv48EOIiccqWO4glXy-tJrRMLC5gD5_mTABsTX0pX7AiZv2EXiB3kJFP0njppNXbIfMYY3fYAGJsgrW4JV8g2-USh_tyugJ9YvF8zVrwAlH4H7hhRgckNi8WsjrBQ9PaAcLYYiLYzy0S1ik-MVAmeyYad_JY6-97tckioNw8FVfqh09x1yJNPfdxwPAHZUd3FWHfooO04tHMwQSeHIgtA2AVO8BOL191_QsymHZIAdi_tQ0scdeOcEEEb7RMiYV6QjIDMQsoZ8YR6ANOZb7m2vhh2RXQ9iikhUY6_OWDaylk6mXjfo23JpWer6TMV2-outhHxhYGkz6k3BSKOK9AQFz8OWiOy-gD0t3Y617tYE6PRbYp2WZNAUPugebPRuGVN7YXWykvF_Z4LAHDycF6f9w0eh00aWLi_yjZGYOfz3Oo7kglgB3Ghb4szDhdd2et23YIaVMgzj1ncMoseBeZ9m9Qqcfq0QNcxyPlHNblpMRXkd8Zp5sr35Hpr-zuL7N7novlm6UpJ-CNewBamotoYdNzCJUMNJ2S2PHC-1gfEhyASXepnRxvBrrvrZmmyKCdV3URGlAjf3EX_3VJFom7Uqk1498YxRGTuxuyTlCRcs8-YjNr9GmU4D3LDLTjXkWoOtLEiRatCNW4m8OJqTxtXs7nvldAWzjzIMwPpth3C57tmzX48Bq-ki_GUZHcgVnz1JiJRNifnKm_OpKOqfO5oZbspPw-xnGgrzzh0HlzvFwFiwvT8THGw_Rwf_FKdLCffQEx4tW_JFG5V_lIJobrBoD6kkCLXkik2ZJzndomjy5GD0q99IR4Me-1VMu7RS7mYP51g2mrR6nkUNXIWQg1_vQWJ09iUVgm0GWCo-MLIQNkMr_LOTwTVtEsHJ3gW-HMT9iR6sf9Wyckf0F61V1l_KdAqa8_FdJzfDHPoWRrFZmesuy1McHV2lcJHBw6Fis4mYsYZyAFjpQNkE4s4x-Nz4ZqIQaCpLndxjyw06IltsIbNSGlg9nPJcT2mcWBLGgPLBjd1NYV0484bfN-NrxZ7QHPVTA0tNxTacWzJpXGOSHXH4tail_TlWblXjGM1bP4xoUEfuALvCiLrmhcw8nlUiO8W2poRWtUZwza6VXueTKHKG_hNUV_HJf77LsZ38iVwwOBzx0yBajy0IpxyZ4ouu1SRXOCPmXpYGg1BhLrVgFf0FvLJBewEv3sCB_7AcF_R5-qZLsiYFfVQErSWdF4uz5_uJgIYaJtSRIBqU2KdkZaVC9jdkpwd9ponRJZ-yJNaprBaxIb63SLGOfofsc110J1-On4panpBTsiofhA7RRohJkcxbM2EbD4UdqnmQAMIPVgfyL910v1AgEX3baK8ayMVwwhyIX0B6FM0yiipY9BMNEjmC-OCAyxpKWWLZACCSCio1ivVKD_7FFRniO7dszsjgnAglFme962NbdpOgW3YsMTpeksL_un7aHIyHhr8w_64B8Vkqmc5i8v12GdgVp5Tzqv0nhIGRksqfcKORy0MthFYwfpJWE96aL1TN_2ynweMJpua5QN3YaEifZ_aNLnZGDZ7sLipJETZzisoXdGiHuZkxy0EK67sCdBC9gbTPvEBl-JwazeHPp0oiiMS0je6tUyhDCVp05EDsMpEcQdJhznH8bFaylE6pK-mDZZwGcchvUkNzOwfElrpnqvxpFiYR1NlEZyb8m3L-7d1R7ICvoKlfKEqkNAF4ipNkG7Yf2c35CXmAIhkexaRhfxGTFl0YKLuHyKYqWc965gCL92lcmQcdF4yzHbtLI24zcKrRFLFC_aeOFdlr4fd7gBh8xkIh1syjdIWLXYe9Ge4MG8_tLV6WhNiFeRajFZp9p76PKJW6Ij14IhAvhziZT8U9tJHBUDVrAN70Mq3RpIufi2AIe8l9JWueVHUtbn-UWsVlexkk3AI-T_xWIDQzcQnQ_meE08WvQSAQMAqK4Gkpk2WdhZEJ1r2SJoW3BELQ2nxjOO6W1T4Prog2RKRJpGBL6WHfB2rmPVxP5RzEF3xAuXdJmYceguh1F7GoOYmkGBi14rnWPyjlNXGyfZNH1lypYwTVbpPDj-4V6IU9bo4tw6aGLhKLQhTdb0ZgslJ5wa3J-F3SgVYgQGV-Z_eJo98ooJofkq3uhUTVG58d3oSB2YZR9SocrSGj3AN_-yaLxKxcrCHTeARs3F1CC2xPG58pGkdfcYRGgkqyflds3V_WKRjSjhvA2cmnnXiZF39OZUUraC70L9OizxtzgOyLFjJTX4ZvHSMUpb3d40eOiHkY7zT1KajaDPUJfBKQ7f_Wb5lHVaSPdbrbOX6u8INQfAs6PTo5rnMTOt7UXBV3lFCJIye3t_8J2iG0uvs8UDleg12ap6_mv1jTtcqUeDNfOg6EfCmk32SNwDkE8yo8XAew_nNttaz9fhF1vRIuQHWFtCq3MPG5L4ybdxhlW-KH_AmGLwA_r9CPZmWrX4KttB8PoXsDpCK2wDFb5J4vbgkgLCPDljHBDMMI96MLfV7Nidj3CmyEJ1ASiM6tX8p0D4Yvkmh2LFBlbQTavHYcGN5qEf_FKF-WyYKhABQ8kJDtV5gnF4rQjKG78SiZl01Lh_DJqKRLsYMMpqk2UK3gVcqLlpUyWQbOmJEmYcHhbCLu2-NjrisTpJPBsjDbhSIxx-AtXrOKnIGyqbj0k2visHlbBccYdQmIUDN41UCe7RT-OZZRgKryWux_IC5yeMu42lyHKEjAETYwLctNF3ZijzZv1e1bRVKXp9dIP7S-bWhVzE_Qpd-RsbX9jJ77Kp1QvEhzN9SPKdzq1eaMEkwUEjs_OwUQPQZtavKHOEEhbIdqviIcrzhbqaQ3vD84JMWEzA6SgxgFs9luxqKoeu8_zJ7-RpPlX0gIcBcbh4uwkveATyc2MvxoxbZfWzSUsr0B_6Z7Bbm2SONOBOhucI-UYmw_RpokVEWQEHNkkpzgBojAYLylHbN_dTJsk54XPx8hW3Lb809I8A0jw7vdphMee9xDLkpzturaEKl_jfVUwQ&cid=CAQSTwDICaaNq-Izz6zxkWywYtVA51b1HjEs_K7e2vpm0pJOxmG4Jp9xwsLuz9tMybWUBX8VnUGOlN1EPP9_MC7xj2IOQvCTZWjQAfPf-Rc0MOkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=12378267314779064000&adk=250412560&idt=118&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bbedc12e70ce6525551bd9f209384160f2c4ff68a6fe6e3ed80daaec1cec8c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12321
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
31 KB 122ms
64ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-gaflaquiz-xyz/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d09353b5e1b06bc7a9f599b918ceea995fba474d305ff92c099501532027bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31497
x-xss-protection: 0
server: cafe
etag: 770 / 19689 / m202311090101 / config-hash: 14304527152125756990
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H2 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_dev_2209/ 681 KB
238 KB 212ms
211ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-gaflaquiz-xyz/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e83728915097ca844c7ae675c20f8bb58799d20dd07292d813129f592984c1f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 25 Nov 2023 12:55:28 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSkRMzRwRDikfSva8gEiDWCKAcf6VUp1J0zVL5zx4u6Za7MeXC6czFAPJmxris4WIgRf61O1azGGlniI7Q%2B2VeOxZgmpZUQpdl6MMf%2BnrrcdO4A3sqQKEIaVbPTGbTxI4Tod6WUyyg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 82d2a8992b7c4060-SIN
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
125 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-gaflaquiz-xyz/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128094
x-xss-protection: 0
expires: Tue, 28 Nov 2023 12:36:48 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2796 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8213720441912&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2796 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8213720441912&version=m202309260101&ct=77&x=1&cor=5974193147930523000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2796 20 KB
14 KB 217ms
217ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An_PKAzWdcjhiwpW_SfAI2-_JkL_jmF1fSAF8kHFMv_M_pc6HxZSH4Ph5u2BR_hj1RVg6ELiKtwYJ9--LotPTpGGTqKNg80boNyo-xWFQqxizukL5aO51N6eNNjNn3xr1jegg_Czv2c26CyE5FrhpOIPZ9uDS6X7SJpucD-4t6PUgC1fc&cry=1&dbm_d=AKAmf-DFePaC72kWC398fo-nsAzdB-H3Zge4s8P65l-ZX9LgIkfZ3OC-Q1Tw8YGDZmWcfu-tTBm8P3YapOYmfqJ3s8heRQNbqnbPO8bWaIX9tl5qFATBKevuKXnUPgtHO0fmys71QDIwI1JPrNlaUHiM35DeFoO6s9lA4VQmw1xYHUNDasgJ8EBHI_xauicvGKg9cI8e0xvXpY2y8RiUpp889HR_FhjmMiVNt9tbgaL39IAcgQyALXxmts-l-ohIDkR8gViTL1T7vmLwgTpZ1R3H-l6w-gS0x6_Jija-W53MwRzZF2fpbCltgeAlLe2vaaIRSHWDyWB9ZXDjp4OhqqiHS5Pzji4MA_RXCMaK3s2Wfjtu2HM_heMLKjz5_T2I-jPbpNsbQrDjRGgs5L64bpqx14Ph8EwDMPAZEAF6EjSO_VfN_V63zDzgtOfa_95olC7thWd5yMciHHxqIk1rcw7R2GYKlqLndA6_SWNgYmL8PeB7WAyS7T3QI61X-Set2CpVG6qTwsjwxSnJZ33VezuyPuWvdjhlZi6i5Tl8ViNG55bcimL2VExSMTJWznc1qdx9x_qtjp0q3xQbatpvsU7udmE1M2OJUSG7qCefwyyauYwF1CdzXBhIxdOraiZkpSSf-7qRZIqvR2R9EVOImGGaXtHG8hQPcYBWMPc-eSYyKwSMtoXaB1oaNLM2kTi5iL8V37qMs-VxU6tEmEnSrQVX5wuT3ecLFxVxkx1gbMgxqBEhSBiwslbl6TdnqcBdJvVHzTKpzlqMPQ_UYzCop4ndlbLrM6n0fA07-UvH-nUf_X51Bhx_Odk0VLJgBFhvRZ-_r_er0sA6OPFE8SggKKLXY_4UtDWoCxDx7ioUO97PDGZmsq5Sa_MNLQw8dqv8cYKYdqKD_7zIqM4B1nI0oI0wYCwlvYaBcu1_-xUVhUtfRUd0lem95_fC_u3dbitBqcVmc_sm5LFmCZvMzrFv4zik5JmJ9yk4y9jRZDzGof4tq-3UhWNFYS--_Mu7mbTPCeP6o4qcSsRrcJWd2240g7hk2WdL6_aCTBPKdzu6PBKeJpSxXO2JQ_ZzGy0Ji14r1Bk7TcBEQIFZvcOK8umThZMXqueqxveOb0RDJBJ8mIEkTOxiUeoHtcGP0dSIXakl5Cil6cnjZvNOz_9Y2sCMnKpUOvPfjT3MNKs0MSZ2JGi-Tp61DMf5nDb9jNJCJ8A0W7UsXbISSsZiQTtbro6WJJD0bp0z9YV16t2EKtx2pXiniL3J4gWX35fX6DAOOy85gNYgXNz5FZquVbwWjf8cFOFkaBohM0GFCjCskpo7IhTz-RCUC7_pGuml0p0FxDKULv9Y21tA-TvraR7heCAzoD80mysBGnVY6DjL13S8fnSJcnCpCCxiQ-C_GxlCGgMgbqQ7moipjeH5qmQdJPVNIvWuCSQOggGgvl_t-LdZw-UgD6d2uHf4eMYrkK0XIti22krVyHaJvx1G9YiOhsv-kKOL6KiqBY4v6NCnYKqeCGPeNj_hObjekKGXeSD41fkd3eOreI5KF1kfz4bsMQmlZgAVYU2i9IkuYez8wED1LbmFhud_P7yJ95BXOeroBCxPLWabnuQHg9TpjTMfEEnk8MegmT1HsrXw9-_j2UL9M-Vz6uepbgg2pHg03BEM2IwA9uNZjCrk2gAkZ-MJnZqGwHnbTw_KnPBR5pZhGVfFRcrqQddofYcHJxpFVC_BD-FCN1EKN9GlxLsm34vHDmJEJA2pWI69uRYebSPPBk3FtejXzzWEsXlL7KSe_ApfqkOlRT_X4Cqwu6bI1L0qC05navn0i1T1LY44rp-FBF9nBnCDRdFvYOW9gS9EWQmVbLn8hQ_xCpsPqxPq8HNWN6nDINpAOvW6XhqIJWupIGBPRQDzbE7NKm2NT6V9eKKXH6Lhdww1ClEh5keYiW4RD8VNE1UciRyFcrr7gKjug02235YrGeb7TEi9yKhPfuYgPINc0HpdafspjGcLY18vXiVaf3vY_jEEwVB1wrcRVOMx027xAqhHki3rgQ7LjDru8hvzyzHX8ad4LzZ_ff1YuxLS--TVUqySdUADmlGmiLKKQ_O6b5fidrxM_4y1YcHAKOxcSlfrxPH7Cf13xaunjdeVrbHm2d5w1CNwwad2R4vLG749SG-eYKdL3fNhKTnHU9At-dEOsN5ctX1UTip0h9wp4TdNS6CB-ZcIQZ9_76Mpn4oLFjTDqWuEAVNHTAgFG2bVXIsTe03rs7etp-ip9TpCP3SaK5EPDWbsRhCgY0omUdh986CF4zyEr7NrMGjmzceRXgxMf3qiRiuhO2OUZAt6ROvCfxnsWKGHIKv4rRfIhlOSooxoS_rNSzG95KMEL3K9oQ0fIAaDICHuP89D14s4BH2Xb4ilrDUb393Sch4Q964-DtkcowbuOQmZwBeu99Wsl58n8l0OO0d_tllU0TkXxxVno0ZJxXrIrwmco8scv1DQd8p3P7Rykf8VpwqEMLt0XvBCKN7HeCE3uTE2bgy6gCmCHwM4sqQj2PDW2CURCEaehUtjjsv5TmHf-x_DVEIIG9EIk6GdkyspkPOqjG_ljaiibISdcbJ4nF_EQJ9ItD1F2kZiBpsnHMCzLocO8lYqSWsImYQU5wzsRdeq_8gAFDRrSA0BTRRYQRdiHx5Gkk6RKy5-82OsDr7RRcVIb3JEN_LOeZfJoP9lknRa_yyrR2JDuShG0qHB1cvqxsMQ_t3S1wSEFA7dl3Zdfs5oFH5tS_8p2NpR3p68AmsoUkjdkCFsrYFmuLl7elbz1pZvJYRUrEEV2xYSSzCqzfpKgkbsqSoR0l6pkOA23cq2PydMtWG0LZX31aEewY67J3f_aEJkxk6vFvMEncsL_0uowqFMsabVpJdbGky4O1s_wRFn6YARMJ0IszzumcKc9BPeRG8EAKXDROOMVvVGKku9R2kxa_KrV6GTUaniGBkCbAgWnB11T39rr3SJ_JhgbB9n3HhrocDda8xCsWcp2rEPgyf3ZqeDotm5aYdQtRyTihYVL_hQ2E63b-YJ38TMEFL-7_7y88n-om3vtc0b75zS5St5c03NQ4buOzcVDBwF5YpAfv8z4X96nz30HSm1gfM4C7mwC_Sj0CJmlpAp4_BxS7717dPP-AKC8V1DHwAkPbidKUdOLYfamT7T0H20nDtpAPCoBR9Jgjk_OMrnm6tu7XrJUZta_IlJt7DL_WpfaqWrhGfYDA3BDTkgBpAnC5-F5dL0E8iFEIK5tEC7wwih7Qpe3lm6YjrbgYN8nPdCOS0tUrxEpuwOyUnG5Sx7UB8cRLl3ev8z5XACh3eZ4wS1VLJc3hwIf4b5VvW0VwIGwkMwdrczSD5nyjry28EuRMyMfbycREA-vFUIu0ukxh7zwdCfXecVjP-DwJAX9ww4KVRojp5Jbbo0_uM4f8-geh5VFya3YHZKXUa1adSJW7CsJ57v2WrJzGDDdvCd1z3z9WP4NefNrR3Bhco0eJEBy4dcRoXebz27oRfThnxs-mMywbTeO3vebKhSa2DU1PenUvuhPKxretcFpy-9lTF3i6RN-TMu5c0jNrplnv2hqbzLgu9H-3jzvtn7DZ8zN3Sl6-63JybLHAPg4Imx6E3GTP0bsglMh0WriJNkgOOPOrAUgJYs0XKnd1tBLNC8PZNF5PCOOUFnmRlJBF-0e-BkGiZPfWl-bOydKe8usiD49ZnkgW9HmYpqv8-8GbbZGsV6UxoCy3nNGe5lGFoVbuWo9Ou-5tNU6gPSnTvWBEY&cid=CAQSTgDICaaNStIA2lharQ3kwaZfXmKkpk4Y7YeMIp5Y0-M5fPvfWIALHEMY3rtWktJTRaE7M4Ie9KST_TrZRbx3Y5KS2kg9QiduTG0VObnnORgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=5974193147930523000&adk=356101037&idt=150&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6da39d7016983da78b0cbb621d5d26e753ffc8eb7185f3239aa6b97ec64c073b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=90&slotname=7951882379&adk=4164559049&adf=1839787983&pi=t.ma~as.7951882379&w=728&lmt=1701175007&format=728x90&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007196&bpp=3&bdt=328&idt=184&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=8115316249199&frm=20&pv=2&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13911
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

447070c93425ac71ab73129ec57e0293904deb6fab9d7798c64b99fd0369040c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55796
x-xss-protection: 0
server: cafe
etag: 3093583423428145136
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:48 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DFF1 0
234 B 127ms
51ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpibod4u&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DFF1 15 KB
16 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:50:19 GMT
x-content-type-options: nosniff
age: 315989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 20:50:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DFF1 15 KB
15 KB 73ms
26ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 313866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 21:25:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFF1 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CMxQK395lZbaTH_KR4_UPlbiFcPrs7PNztt-ivPERt7rthZc5EAEgzf-HfGCV-vCBjAegAd78oIMDyAEFqQIDt1lr-l-yPqgDAcgDmwSqBPQBT9AWPU24Cw3YNIK2jGDeJt5gaLCnBSmExRgPhyFUK2SvbiWxi6NIj1sjSk4sj85xR4omwsKWC1NnOVkKS-HOvOevah257RBJ5CsTqY-SYi_6iPcM1bcbrUCuT_iqIeE1C51NstI0VvsHHZe9hasfvThSDUbtZ5ke2lrkCMFYrztKH7uIRXYQno51t5NavuyhI9e_hR1usf1S-CiD4E6OZYPsk1yKbVe79HBHwZU7GlFBgzjI8zPLAovT3XAu7KBI9uX67xvwTkSe4ePRMkISVrU9gChMJdn0NvpDA2F6KwZlJ7kIKTR0pmEQf5eKnQbSgsmQ6MAE7fHf67ME4AQDiAX4zOSzTJAGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBO_3NIV0BMA2BMNiBQP2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1701175008131&ai=CMxQK395lZbaTH_KR4_UPlbiFcPrs7PNztt-ivPERt7rthZc5EAEgzf-HfGCV-vCBjAegAd78oIMDyAEFqQIDt1lr-l-yPqgDAcgDmwSqBPQBT9AWPU24Cw3YNIK2jGDeJt5gaLCnBSmExRgPhyFUK2SvbiWxi6NIj1sjSk4sj85xR4omwsKWC1NnOVkKS-HOvOevah257RBJ5CsTqY-SYi_6iPcM1bcbrUCuT_iqIeE1C51NstI0VvsHHZe9hasfvThSDUbtZ5ke2lrkCMFYrztKH7uIRXYQno51t5NavuyhI9e_hR1usf1S-CiD4E6OZYPsk1yKbVe79HBHwZU7GlFBgzjI8zPLAovT3XAu7KBI9uX67xvwTkSe4ePRMkISVrU9gChMJdn0NvpDA2F6KwZlJ7kIKTR0pmEQf5eKnQbSgsmQ6MAE7fHf67ME4AQDiAX4zOSzTJAGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBO_3NIV0BMA2BMNiBQP2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DFF1 0
54 B 119ms
51ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpibod4z&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.km&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame DFF1 26 KB
18 KB 137ms
63ms XHR
text/xml 66.102.1.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BFJ4VUb7lQVNEapv5z1WiA9H35bUG5HqsG5-EYH2WX7kTY9ZP9jIXNBOneNRLAO3dz8wFTRViRWO-etr94NyP2uD-s1Q&dbm_d=AKAmf-AmcMDajhy7eIjVp1LR9m32wimNOrKlZL_GFI2c1xrOnkTd4XRKMIYkuLblGeDYmrJZi8pXSQIIYveEyrX9BvPjesOp2sQMu9OqzqAlQLTsFJQiw4eB_w6RhKbvhWesVT6MnOw0zW_smj6aMlWidgKIjl4qhhMZyy_OAOrxexNUZq1Ql2JswWFRA-hEBMrHLN_fLm7uYy2EaJWnWry_VTB-P3Y-XM7o0tVxiEUhOPkconMGjyBEFl-VlpRbI8kUcjBtMV-AXghI5PqSLSqjiPEtlWMiyEcRuqbMCthlhBGWiZPqRpHDc4-TdHpY12TpSU8KiovnxyXe-lmRFc5Pxj9E47SzQm1ZjTS1O6raZK3NA1aYrvhslw0cP_SzB0ruqrsUWDB8Ai9BJ2FnvOSL5SDq4y06WTe_HuRjHygCinigMGmMcjamTTyrs15YbBRNOPz211YK98cB7X4ylmhhTyD3lQkG9o3ys4V7qHgURGdTczM5o7ge1avS_w7qiJSAk-iDulmM1N8A79DSYv670Wjc211uFHb1o7BYZuV17ljFBLhaNUKMCiUgxTcsNGJdinf7LOchWraudA2T1YaMkVYwYt2blf9CP8OofRv_nCMYgfw76UWNjbtyqoQ9TM5-Hbx_D6aHB9NujxJMn-mqTkcejkwz4Zwq4Z5Bje4v_grklHouTj1H7gVQrQfvaUNj0ks8BB2JuKcDv7jG3KKX94_XqgtSUYAIPCk9q0zhkmt6lfxFR5FvUUvdGseUce59NBZQJSmIZV3c57_qVNlwoN9S-NyM5ppyv9CE-IGfFo0bcYqZ-59Z0w9M2etzo4794eOOXah3od6YtUdqEu_ikVL3UV8j3l6tVsZDZKfJCij3i-XjaFn69C-7-Aseta587wCUMpY2EO8RmUjUPlQOnImUdBkaEH8RP22hnXSz3yOSk73Mf7LvcfnifjLUBTOcJKlfyENQPXFn8d0Sym_ieuPV2clSQHv7EgLRUNMVu_xCGLQcFwwBfYhWepnWrfgCk5mwOy5d6DQDhRznW2ZSk8V4e2jlkojil1eFczk_BOe4d2BIGx0Plhazjmy3yXJA7C0a-XUClc2tloWPcsTOMBnxHWyMGjblc2NUMULLgfufwhcFfrMpfwAgP_K1gsO1wrA7R4rEEmiDXIHxp0a5QCl0ZuOLmwLpyVLVRPQt9sCxTk5eGqCfyEcZwOppsicJXvfhxlXSzuTRsizfqbkc-1VAgjdF3LmI4nDr1geUfMGXJ_pxNa_Lf2o_lLKIUmZ-5GCHrkUrKZkjPSH4AZZ68Hbe8q2PfG4rU4amNMzNiWRsHuO7eoKcYJBA24NMUOxC9Ln-zQGoRyRR80_I_9im_EkDD_h2lS8VJsVJ2scJOG3Y3u24EaShz7yZINvwg6bGx6ShPlPxOsybpA-0Sye8WwTjZBBi3oeTCG7QCV_qlTypGhHVfdaarrLCYSL_oQ5BqytDpO-Ghc3I779-wSYfMKOaoaaDfp1Ftop1kXG_O5dkdPeRSisOgJaTYLVd7YgN4pEkTzu3El9bg14JaLpNGmzsb-f-voHzWsBHh1UkYYPydKe2mZQVNjXavR0GvowNoA6WFCWgGgx9Rx8AAM_VFgtZALKIEnKkSfq2qmzL5wmMpRCNRmEjhyISbfUzjZlnQQj3-qngA_uJJWXFQyNI1UekB8ObIgV1AoRKCGOj5SsgHkU7VHJZdD0rhU2-8WFar3T4EUNHE0eym2eOksOS4yrBkyvZCkMoDhVmuzV1chTZzn5YdXYopRgTB3ewI_e-UVZ_TaMwqXGuaztsLw1GvZXuQf7mG6IxDo0LLaiAqUYdCLsXfT0A4tdEsI42ZdMe-2Vh8PHdcYecYDU60iZ6apsNPR61NFbnPQYV2aD7zi06J4zRwn4c9LS3bhK6xNhLt-8DMMZDr2b7AgQ2TafBiCNuUcrO9w3mj_ZiadIAN8h5i_sF2wx0yV8WzC5oz9yfyfFa3lvb6a7INYlSh73RuVXAsYhsS01uQVyQDo5qLuK0sPwXAVpDFf02ncz-B33p0irt5d8gpjvphDeABljh_sImVAPpkggtIciN92BS6kLxHCEc_9udhNSTD3EjKCZZ5kMKSAuj_HYYgt2wheGax9kk1LP63N_oxbY3n9nn0dNplsWHdk7iXX2F72mhPzWAF9kPCxDEBJj7gnN6EuoveahUOrGH-IyYnEq-cbByn2fLHkls0QB1xYR-tNx62-72bELOri-DT0ciZjv2x8e-UdhG4htg2LBPUuhkgy-t10wyOmwaY2D3NtXLpP6gCE03DdA_9V7_XnclyG2Nc-QaXtbRH2XRCRCbEiJ4x9JE39Xus2ajo0Xlf8IGhR6EtNwsLL7b0EahwO_Pz-fkKqNGbw0u3z8KUKSxJso4orzYX4xwk-E8LNHc5jdKOQBmnKj3WqZ6haL2z6LKGPpwx9umx3IWUjN6DoSKazKEo2IWOTdHgEDwsUjCtYTIu5y6FwRsaNI1_2hpq5Vz6dqS3Q08EL9aHUJ7NzFy6zLeIRVN02AA83-Y0O6--BFmZTXFfEcYnehZvEh3S1pmIyypZnH-oDcQiYzpW16b2y7wQzjKsbT5iP0mDxQ9hKhc3jcHEo1oeKS11ckkO1k6VmSjDaXwgDYF-YH-lL3UjP3BPu7hCE8dYvoZOld743vMbNHAeNajszyilrhVVupofrrQtyyGM1AxCWNgeu1mqRo0GJn5-lSrlfO8S2n74w9AGT4Z-gbNw0f-rFW-k_MwV2nWiYJavX9sRZKYrFbs68TIKvDWQ_jSkiXqzMA30GUIFKqm8O_0Ds2J8TkDRdZmAWJbGH-cBP2MOZ2nBrtutq3c6Lh1G4UkpgQ-tJJTNDImPxU84QZvO7YQP9MonoDYF6L-tW6IwOGTff0e8sIuLYVaTLtKjzfpoEBBYAVSclvZRiGp0poskN8h6_9MtpAGZJZzjPPhH83TLpNZ5zhscRsJDQyEAi6jriARAJqSS3gMdJUMaeBrVBCbw9mrekfsvlPu2jOervjsnYV0qktSqO_KMHMajzNrg0wBc3rmyXvLKAiYKxnj8SldQj0wc0hm51rJzWgT8m_5F_5KzflYnMJl3PxTIhZ14EavGAlgXoe9U5KDL9v8oHnxKcrKsdHacNPvX3n-Dg7I2_yL-pTLY2EecKzSrPCpz6gE1doPDPdEWauPl_hjZIaWLf_Wd0_fE6JVWaRyUI4Xfk3s4_KLBoiMIHJ_gHimZrRvdWSQJPP3AqHVFJDqu6U8PKE5NNM0WMtzNhxAG5taGMBl8EUUNY2UhoSWjBL7WKJRS3bfwgKk9bhGDGapPyH9eDxrFi4cF7zTnUmce2ycKWWNLb5qJI-py8I6HQnErV7fTU8LBsT45_YkqhSFFj_Pwe2ESbnvhe0qGzodBTJ8ZvpRJZimvUs3K-S9JAG2YOtBy1BwmRqW1Zi76QSLBMArmDglJLNTzqOXpaCKkdsKZHwT885xPQ4cBtUe-ChZIulFxyEnc5POAK1a4Rn4sbENYUptklZI-Z4Hn8s6YWJrsBmFxfYuHmnLjp1tZanhVDYQJtdXCEMmO2wLzphKdnJoHEVhm5eLTNcKtpOdxr9vGNbJkofS8ftxykiWMf70Q1f0N9s&cid=CAQSTwDICaaNDuaLwpJwTXdSky7GB9Rm2iHqyb7sSZT-vWYTMgcpxgHLLlG0KCjQj-S5C6X1mnp1QSeoEYq3SQSIbByE37R844SEOvKr39PCXw0YAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f157.1e100.net

Software

cafe /

Resource Hash

f3ada978140a37cb15721509aab828a77aa974e69b66b1658c1f0056e7be5228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17433
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UnitSliderDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.6.1/ 118 KB
33 KB 134ms
42ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.6.1/UnitSliderDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231128-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7577537c77e5b09f279cad612a0db070908e6c02c7e744f25e40cb9a6d04ee21

Request headers

Referer: https://www.gaflaquiz.xyz/
Origin: https://www.gaflaquiz.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 400be015a105355a3fb16d2aa2a6d926.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: AMS1-P3
age: 81114
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 33505
x-served-by: cache-cph2320058-CPH
last-modified: Mon, 27 Nov 2023 14:01:09 GMT
server: AmazonS3
x-timer: S1701175008.266287,VS0,VE0
etag: "685aeb78194875fd836182db958e9d62"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: HcWts6xCN1p2dQ7uzgiCuGkAyZ8eYG22jvR3wUSP7oWF77Gi-UtESQ==
x-cache-hits: 243

GET
H2 200 userx.20231128-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 37ms
35ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231128-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/secretmessage-gaflaquiz/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e9277d621c6180949f034a6e3d69ceeb85ed8740f595cc1f887586ea88e8c64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: ryodtBp9IqngQ5Xw7U4fSt8tRFoXFHTK
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Nov 2023 12:36:48 GMT
x-amz-request-id: TE89872XXJ6VFTFX
age: 8009
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5397
x-amz-id-2: gbnIdaV8eon/cbhWUCm9Ot8jNaB8QEiCqt6ejLr8Ty2N36FAtx3DsDHSdKZwIZtnuKAOf4e5wzA=
x-served-by: cache-cph2320052-CPH
last-modified: Tue, 28 Nov 2023 10:23:02 GMT
server: AmazonS3
x-timer: S1701175008.169849,VS0,VE0
etag: "86cc5de6c0801c5f7f7e663824889595"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 47
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 551

GET
H2 200 distance-from-article.20231128-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 40ms
38ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20231128-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/secretmessage-gaflaquiz/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19b9aac3825075e1042edff03edeffacb5997e6ae4d08ac3a5d3e840a599c8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: XKuhlzIufqCivODuSxUQBzrHQYA.CY4c
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Nov 2023 12:36:48 GMT
x-amz-request-id: NFYKWCQAB9YBXANE
age: 7960
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: PP7QRC73u12KwsNWymMK3W9V55eRILy6hmtZHqbCDIAuqjgkP4RFpLiCGnnfrufDX88dg8+bSNE=
x-served-by: cache-cph2320052-CPH
last-modified: Tue, 28 Nov 2023 10:23:55 GMT
server: AmazonS3
x-timer: S1701175008.170092,VS0,VE0
etag: "f430618092ee35a65fe999777b68389a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2558

GET
H2 200 article-detection.20231128-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 38ms
36ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20231128-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/secretmessage-gaflaquiz/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3afbda57c34b54d947c6bb3f937fc74100849573bc7e13816b02522ff1538107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: _iWGuR0nkE4GQuunccxBWbdU28PvtL6n
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Nov 2023 12:36:48 GMT
x-amz-request-id: QS0FF8WZYT5E5Z66
age: 7937
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1291
x-amz-id-2: KCSfbsTyexjPedpgo/1HcDuwHOGJSHMkOFkTuSVM/f0T6QHQhxaxyDOA0juHUaM1uzpgqNbdEQA=
x-served-by: cache-cph2320052-CPH
last-modified: Tue, 28 Nov 2023 10:24:08 GMT
server: AmazonS3
x-timer: S1701175008.170074,VS0,VE0
etag: "7d7aae93a353a5ea1542cd739092df48"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2551

GET
H2 200 floating-unit.20231128-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 38ms
37ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20231128-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/secretmessage-gaflaquiz/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 736b371994824d8b49bff02d6c1c87c98766fa43db4be62c6ae84821097d333a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 2tcdDR9z3hWOzTWluMmDcuncLjbfy7dC
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Nov 2023 12:36:48 GMT
x-amz-request-id: N62SSJGM5S6H6EHW
age: 7870
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 2493
x-amz-id-2: D63pGCNVqgPWhgRpToJ2ti1hdFqK8rrClQ+81vyRIVXvaPMFC+b6wGlwvFMlfOCKm4buWd+JRLM=
x-served-by: cache-cph2320052-CPH
last-modified: Tue, 28 Nov 2023 10:23:38 GMT
server: AmazonS3
x-timer: S1701175008.170072,VS0,VE0
etag: "80c6966c13b07800a31a451e178c0cd3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 257

GET
H2 204 abtests
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/3/ 0
230 B 99ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/3/abtests?route=AM:AM:V&tvi48=10143&tvi50=9864&lti=deflated&ri=939f1d7579db3fa2611b4f1ee60ef6aa&sd=v2_234532c2daf90f5c5bd288120ec3e8cb_2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f_1701175007_1701175007_CNawjgYQj8BWGP2zuq_BMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABoi7KQoMnujt4ucAA&ui=2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f&pi=/&wi=-5344478599038156219&pt=text&vi=1701175007741&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1701175008149%7D&tim=13%3A36%3A48.149&id=3390&llvl=2&cv=20231128-7-RELEASE&
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/3/ 0
230 B 99ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/3/supply-feature?route=AM:AM:V&tvi48=10143&tvi50=9864&lti=deflated&ri=939f1d7579db3fa2611b4f1ee60ef6aa&sd=v2_234532c2daf90f5c5bd288120ec3e8cb_2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f_1701175007_1701175007_CNawjgYQj8BWGP2zuq_BMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABoi7KQoMnujt4ucAA&ui=2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f&pi=/&wi=-5344478599038156219&pt=text&vi=1701175007741&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=13%3A36%3A48.159&id=8293&llvl=2&cv=20231128-7-RELEASE&
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
DATA 200
OK truncated
/ Frame DFF1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2d60002ba985d5f46e19650ff1c5d4f0299f63349a0b7073b8cfb46bf417613

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 c826222511b92d2ecf010de08f02ecb0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 36ms
35ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c826222511b92d2ecf010de08f02ecb0.jpeg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 291baf62c8f53332630e9d9ecef374d548be73af83c23bd9c11f1cd1fed717e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c826222511b92d2ecf010de08f02ecb0.jpeg
age: 2765277
edge-cache-tag: 311747526743222041849724564868600885064,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
cache-tag: 311747526743222041849724564868600885064,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 411
req-referer: https://magazinecoins.com/
content-length: 17992
x-request-id: 8c31f23cb018a80e18dc4ab6331aa178
x-backend-name: LA_nlb201
x-served-by: cache-iad-kiad7000108-IAD, cache-iad-kiad7000118-IAD, cache-lax-kwhp1940026-LAX, cache-iad-kjyo7100042-IAD, cache-cph2320052-CPH
last-modified: Fri, 27 Oct 2023 07:01:28 GMT
server: nginx
surrogate-reporting: width=300,height=250,bytes=36789,owidth=1500,oheight=1000,obytes=716825
x-timer: S1701175008.183549,VS0,VE1
etag: "641b2ba7187e3dacbb9806d0056de40e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 31, 1

GET
H2 200 eat4kbpf7rt8luh1wrz5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700407355/ 7 KB
8 KB 171ms
170ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700407355/eat4kbpf7rt8luh1wrz5.jpg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 380e838cbc880652638a2b380c6a391237b21e77eed478eb2febc9f9a312e469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 84
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700407355/eat4kbpf7rt8luh1wrz5.jpg
age: 701717
edge-cache-tag: 419427257835524433733285771816476179892,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
cache-tag: 419427257835524433733285771816476179892,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 87
req-referer: https://www.malayalivartha.com/
content-length: 6730
x-request-id: 59859353c188cff44590bf25bca1e99f
x-backend-name: CH_nlb804
x-served-by: cache-iad-kiad7000032-IAD, cache-iad-kjyo7100139-IAD, cache-chi-klot8100096-CHI, cache-iad-kiad7000135-IAD, cache-cph2320052-CPH
last-modified: Sun, 19 Nov 2023 15:22:46 GMT
server: nginx
surrogate-reporting: width=300,height=250,bytes=9793,owidth=800,oheight=450,obytes=19395
x-timer: S1701175008.184033,VS0,VE84
etag: "b708e2b8174923dc2a86104f5ca2f983"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 61, 0

GET
H2 200 903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 25 KB
26 KB 39ms
38ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 359bb2ce18858bd87a64bb12bd30bef0605b54123848444587a0c661a765bd67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
age: 3017986
edge-cache-tag: 392738696118879087880244372989716533787,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
cache-tag: 392738696118879087880244372989716533787,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 83
req-referer: https://recnik.krstarica.com/
content-length: 26098
x-request-id: 8a652e514f1c63cfa4670c2042fa9611
x-backend-name: CH_nlb802
x-served-by: cache-iad-kjyo7100133-IAD, cache-iad-kiad7000130-IAD, cache-lga21942-LGA, cache-iad-kiad7000048-IAD, cache-cph2320052-CPH
last-modified: Mon, 23 Oct 2023 21:46:30 GMT
server: nginx
surrogate-reporting: width=300,height=250,bytes=38649,owidth=1694,oheight=998,obytes=290525
x-timer: S1701175008.184027,VS0,VE1
etag: "10b0c8ce2ef8b625a83d64a1e7a9787d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 9, 1

GET
H2 200 a9a1a1ae-4484-4ad4-9412-0d9716f01fa3__T9wc4DWF.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 7 KB
8 KB 37ms
36ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/a9a1a1ae-4484-4ad4-9412-0d9716f01fa3__T9wc4DWF.jpg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d3ee27de593f890a6cc9951bcf36d8bd85a68654777fefdcc1492aca2c4f865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/a9a1a1ae-4484-4ad4-9412-0d9716f01fa3__T9wc4DWF.jpg
age: 4154901
edge-cache-tag: 561529144447609032831242179347011328285,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
cache-tag: 561529144447609032831242179347011328285,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 36
req-referer: https://www.restwow.com/
content-length: 7244
x-request-id: e9f052e207a2637a9185233079e87386
x-backend-name: CH_nlb804
x-served-by: cache-iad-kcgs7200022-IAD, cache-iad-kjyo7100157-IAD, cache-lga21931-LGA, cache-iad-kiad7000026-IAD, cache-cph2320052-CPH
last-modified: Wed, 11 Oct 2023 10:12:18 GMT
server: nginx
surrogate-reporting: width=300,height=250,bytes=13216,owidth=2579,oheight=1199,obytes=151793
x-timer: S1701175008.189877,VS0,VE1
etag: "cf40dce45c3e0008a234672c46e12143"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 21, 1

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 39ms
39ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c42aee7b6ddf1715a763e71e50e4f6f79b5e99ab95a4020aacdb86903f9ffff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 1752257
edge-cache-tag: 628131638865840138074933382416259481994,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 78
expiration: expiry-date="Fri, 08 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://expertswatch.com/
content-length: 13812
x-backend-name: US_nlb103
x-served-by: cache-iad-kcgs7200078-IAD, cache-iad-kjyo7100095-IAD, cache-lga21950-LGA, cache-iad-kiad7000139-IAD, cache-cph2320052-CPH
last-modified: Tue, 07 Nov 2023 10:22:26 GMT
server: nginx
surrogate-reporting: width=300,height=250,bytes=22748,owidth=1344,oheight=896,obytes=1918731
x-timer: S1701175008.190168,VS0,VE1
etag: "8363cb76fc358862c7546174e59312cd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 189, 1

GET
H2 200 5428881ecac8b2f9209761097649c66c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 38ms
37ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5428881ecac8b2f9209761097649c66c.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 194f9b1ad5c6876de8ad8f118602b6f5e19f84079c795dcc04dbd9381791f588

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5428881ecac8b2f9209761097649c66c.png
age: 3529718
edge-cache-tag: 448019220551160307709216507620583913342,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
cache-tag: 448019220551160307709216507620583913342,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 66
expiration: expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.espn.com/
content-length: 6826
x-backend-name: US_nlb101
x-served-by: cache-iad-kiad7000130-IAD, cache-iad-kiad7000055-IAD, cache-iad-kjyo7100102-IAD, cache-cph2320052-CPH
last-modified: Wed, 20 Sep 2023 15:06:34 GMT
server: nginx
surrogate-reporting: width=300,height=250,bytes=14872,owidth=1024,oheight=1024,obytes=852115
x-timer: S1701175008.190237,VS0,VE1
etag: "b339de31549843162d377ad0a69af1c6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 429, 1

GET
H2 200 ef476a14152aacbc5fa30094c369b2a9.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
13 KB 134ms
134ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef476a14152aacbc5fa30094c369b2a9.jpeg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a65159fc8d84656cbe2780e94737d6c9fb7ec222eef688ba6d833465edf720ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 93
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef476a14152aacbc5fa30094c369b2a9.jpeg
age: 2743797
edge-cache-tag: 631179165280164087682219382401417270539,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
cache-tag: 631179165280164087682219382401417270539,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 95
req-referer: https://d-100375097117085330.ampproject.net/
content-length: 12988
x-request-id: 16ca13dbec240a2d625e92cbd7b19513
x-backend-name: CH_nlb803
x-served-by: cache-iad-kiad7000115-IAD, cache-iad-kcgs7200065-IAD, cache-lga21933-LGA, cache-iad-kjyo7100056-IAD, cache-cph2320052-CPH
last-modified: Fri, 27 Oct 2023 07:01:28 GMT
server: nginx
surrogate-reporting: width=440,height=294,bytes=22298,owidth=1500,oheight=1000,obytes=542877
x-timer: S1701175008.223419,VS0,VE93
etag: "0bea55e9d03eea93f69affbb3f9c7573"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 11, 0

GET
H2 200 59d9c2bd3601a20cfa69853d11a42a55.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 36ms
36ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59d9c2bd3601a20cfa69853d11a42a55.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7052f376d2b4dad4f61f95bf516f246d5a87d944bb13362c62627228f2cf7aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59d9c2bd3601a20cfa69853d11a42a55.png
age: 2954727
edge-cache-tag: 337264958184641207473213030331052466353,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
cache-tag: 337264958184641207473213030331052466353,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 203
req-referer: https://www.mirror.co.uk/sport/football/news/manutd-erik-tenhag-paul-scholes-31327049
content-length: 14188
x-request-id: d13b373c47ce01c6a71557014d45592e
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100089-IAD, cache-iad-kcgs7200095-IAD, cache-lax-kwhp1940040-LAX, cache-iad-kcgs7200023-IAD, cache-cph2320052-CPH
last-modified: Mon, 23 Oct 2023 15:18:11 GMT
server: nginx
surrogate-reporting: width=670,height=447,bytes=33053,owidth=800,oheight=447,obytes=179913
x-timer: S1701175008.225897,VS0,VE1
etag: "691e3312e93e55ac5dbfbdfc6d7e4ae3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 27, 1, 95, 1

GET
H2 200 167aae77-f249-4e87-aa2e-90ede9463481__cK6e8Zid.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 14 KB
15 KB 41ms
37ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/167aae77-f249-4e87-aa2e-90ede9463481__cK6e8Zid.jpg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8df0dd2eda15d87c893a5779875e5c4e99e525e65ce3775d809fcde28752d2be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/167aae77-f249-4e87-aa2e-90ede9463481__cK6e8Zid.jpg
age: 3007702
edge-cache-tag: 546416609743563829596666705367261645681,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
cache-tag: 546416609743563829596666705367261645681,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 47
req-referer: https://rezepteblog.net/
content-length: 14550
x-request-id: 6e3c2e4b81186c5c058071bed7612567
x-backend-name: US_nlb105
x-served-by: cache-iad-kcgs7200150-IAD, cache-iad-kiad7000064-IAD, cache-iad-kjyo7100052-IAD, cache-cph2320052-CPH
last-modified: Sun, 24 Sep 2023 19:18:12 GMT
server: nginx
surrogate-reporting: width=440,height=294,bytes=32150,owidth=2032,oheight=1200,obytes=184454
x-timer: S1701175008.231870,VS0,VE1
etag: "13fd3d564ebcc00e422fcbd6a42691e9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 86, 1

GET
H2 200 582395dd930922584332aa86fce811c7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 40ms
39ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/582395dd930922584332aa86fce811c7.jpg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 617b086625bae27b106bdf422407f79ad3f3f60dbea160f7da77148a64c419a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_294%2Cw_440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/582395dd930922584332aa86fce811c7.jpg
age: 3080463
edge-cache-tag: 621975150247667247051276980246532657431,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
cache-tag: 621975150247667247051276980246532657431,516597067088485307894398999575147827859,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 54
req-referer: https://www.aufeminin.com/tele-dvd/le-comportement-de-justine-l-amour-est-dans-le-pre-fait-reagir-valerie-damidot-elle-me-terrorise-s4073675.html
content-length: 10904
x-request-id: 6110b187e01033a6343f4985ab8b516c
x-backend-name: US_nlb101
x-served-by: cache-iad-kjyo7100140-IAD, cache-iad-kiad7000174-IAD, cache-iad-kiad7000136-IAD, cache-cph2320052-CPH
last-modified: Sat, 14 Oct 2023 19:41:27 GMT
server: nginx
surrogate-reporting: width=440,height=294,bytes=23201,owidth=1222,oheight=640,obytes=54790
x-timer: S1701175008.232190,VS0,VE1
etag: "b05304f5b16de8d2fd1e40ab7493b166"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 98, 1

GET
H2 204 debug
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/ 0
90 B 35ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/debug?tim=13%3A36%3A48.171&type=usage&msg=New_CTA-event-1701175008171&llvl=2&id=152&cv=20231128-7-RELEASE&lt=deflated&uuid=fb67521fe7709d787c9007b589af1797b4328ce1845e717371804328393f5539&dcc=1&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~4896216453702052277~~yAjXuzUomIOz0%22%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 26867

GET
H2 204 debug
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/ 0
89 B 28ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/debug?tim=13%3A36%3A48.171&type=usage&msg=New_CTA-event-1701175008171&llvl=2&id=2241&cv=20231128-7-RELEASE&lt=deflated&uuid=fb67521fe7709d787c9007b589af1797b4328ce1845e717371804328393f5539&dcc=2&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~4896216453702052277~~yAjXuzUomIOz0%22%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 26867

GET
H2 204 debug
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/ 0
89 B 28ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/debug?tim=13%3A36%3A48.186&type=usage&msg=New_CTA-event-1701175008186&llvl=2&id=1476&cv=20231128-7-RELEASE&lt=deflated&uuid=fb67521fe7709d787c9007b589af1797b4328ce1845e717371804328393f5539&dcc=3&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-5602559405384189683~~yAjXuzUomIOz%22%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 26867

GET
H2 204 debug
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/ 0
89 B 28ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/debug?tim=13%3A36%3A48.186&type=usage&msg=New_CTA-event-1701175008186&llvl=2&id=3971&cv=20231128-7-RELEASE&lt=deflated&uuid=fb67521fe7709d787c9007b589af1797b4328ce1845e717371804328393f5539&dcc=4&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-5602559405384189683~~yAjXuzUomIOz%22%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 26867

GET
H2 204 debug
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/ 0
89 B 28ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/debug?tim=13%3A36%3A48.187&type=usage&msg=New_CTA-event-1701175008187&llvl=2&id=3391&cv=20231128-7-RELEASE&lt=deflated&uuid=fb67521fe7709d787c9007b589af1797b4328ce1845e717371804328393f5539&dcc=5&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-visible%22%2C%22itemId%22%3A%22~~V1~~4896216453702052277~~yAjXuzUomIOz0%22%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 26867

GET
H2 204 debug
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/ 0
89 B 29ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/debug?tim=13%3A36%3A48.187&type=usage&msg=New_CTA-event-1701175008187&llvl=2&id=7626&cv=20231128-7-RELEASE&lt=deflated&uuid=fb67521fe7709d787c9007b589af1797b4328ce1845e717371804328393f5539&dcc=6&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-visible%22%2C%22itemId%22%3A%22~~V1~~5617456971129316633~~mJa8zgOlDNQw2%22%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 26867

GET
H2 204 debug
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/ 0
89 B 43ms
42ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/debug?tim=13%3A36%3A48.194&type=usage&msg=New_CTA-event-1701175008194&llvl=2&id=5795&cv=20231128-7-RELEASE&lt=deflated&uuid=fb67521fe7709d787c9007b589af1797b4328ce1845e717371804328393f5539&dcc=7&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-visible%22%2C%22itemId%22%3A%22~~V1~~-5602559405384189683~~yAjXuzUomIOz%22%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 26844

GET
H2 204 debug
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/ 0
89 B 43ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/debug?tim=13%3A36%3A48.194&type=usage&msg=New_CTA-event-1701175008194&llvl=2&id=5949&cv=20231128-7-RELEASE&lt=deflated&uuid=fb67521fe7709d787c9007b589af1797b4328ce1845e717371804328393f5539&dcc=8&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-visible%22%2C%22itemId%22%3A%22~~V1~~515445892987873103~~_XNzyXgU4_t6Jz%22%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 26844

GET
H2 206 https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1700407355%2Feat4kbpf7rt8luh1wrz5.mp4
videos.taboola.com/taboola/video/fetch/q_auto:low/ 373 KB
374 KB 43ms
35ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.taboola.com/taboola/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1700407355%2Feat4kbpf7rt8luh1wrz5.mp4

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.44 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

fd593ea07b6941773988adeb86bad47a8b9b0c6e17913e44d0aa1fd6d7004683

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gaflaquiz.xyz/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

strict-transport-security: max-age=604800
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 12:36:48 GMT
age: 706109
x-cache: HIT, HIT
Content-Range: bytes 0-381615/381616
server-timing: cld-akam;mitm=f;dur=2886;cpu=220;start=2023-11-20T08:28:16.176Z;desc=miss,rtt;dur=0,content-info;desc="width=800,height=450,abps=25441,fps=30.0,du=15.0,vc=\"h264\",bytes=381616,owidth=800,oheight=450,oabps=36686,ofps=30.0,odu=15.0,ovc=\"h264\",obytes=550295,oformat=\"mp4\"",cloudinary;dur=2658;start=2023-11-20T08:28:16.394Z,cld-id;desc=9b588bd383e3d105d1c6a3d500a743d4
Content-Length: 381616
x-request-id: 9b588bd383e3d105d1c6a3d500a743d4
x-backend-name: fastlyshield--shield_cache_iad_kiad7000071_IAD
x-served-by: cache-iad-kiad7000071-IAD, cache-cph2320052-CPH
last-modified: Mon, 20 Nov 2023 08:28:20 GMT
server: Cloudinary
x-timer: S1701175008.264842,VS0,VE1
etag: "de63ab160a63cbf04e9ec538adc3eadb"
vary: /video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1700407355%2Feat4kbpf7rt8luh1wrz5.mp4
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3879, 0

GET
H2 204 supply-feature
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/3/ 0
230 B 37ms
35ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/3/supply-feature?route=AM:AM:V&tvi48=10143&tvi50=9864&lti=deflated&ri=939f1d7579db3fa2611b4f1ee60ef6aa&sd=v2_234532c2daf90f5c5bd288120ec3e8cb_2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f_1701175007_1701175007_CNawjgYQj8BWGP2zuq_BMSABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABoi7KQoMnujt4ucAA&ui=2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f&pi=/&wi=-5344478599038156219&pt=text&vi=1701175007741&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22387.203125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A36%3A48.205&id=1109&llvl=2&cv=20231128-7-RELEASE&
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 next-up-widget.20231128-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 35ms
35ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20231128-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/secretmessage-gaflaquiz/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bac43d16f70997c4c10534c904bd30c5c0a95d7b6fe7069f9fe491c91526851

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: qjHO.aTMI8GjG_DI3mAUmAYg4i1bwAmN
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Nov 2023 12:36:48 GMT
x-amz-request-id: N62WV4B2Z2B2TH3V
age: 7870
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4623
x-amz-id-2: 9Iu1sXRWDX/UHBrM939xYlJTOwwz9E2xogeR0uOR4NEwT6MOi1M+ChCsVnASJ84KCcDKBv2GHX8=
x-served-by: cache-cph2320052-CPH
last-modified: Tue, 28 Nov 2023 10:23:33 GMT
server: AmazonS3
x-timer: S1701175008.214192,VS0,VE0
etag: "5da40426847fb2e35ac63083e37ae623"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 12
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 244

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame E19B 9 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 07:40:29 GMT
etag: 16674218716276178799
expires: Tue, 12 Dec 2023 07:40:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 43DB 9 KB
4 KB 23ms
20ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 07:40:29 GMT
etag: 16674218716276178799
expires: Tue, 12 Dec 2023 07:40:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 1B52 9 KB
4 KB 24ms
22ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 07:40:29 GMT
etag: 16674218716276178799
expires: Tue, 12 Dec 2023 07:40:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame DBBD 9 KB
4 KB 24ms
23ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 07:40:29 GMT
etag: 16674218716276178799
expires: Tue, 12 Dec 2023 07:40:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DFF1 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYJKL395lZbaTH_KR4_UPlbiFcPrs7PNztt-ivPERt7rthZc5EAEgzf-HfGCV-vCBjAegAd78oIMDyAEFqQIDt1lr-l-yPqgDAaoE8QFP0BY9TbgLDdg0graMYN4m3mBosKcFKYTFGA-HIVQrZK9uJbGLo0iPWyNKTiyPznFHiibCwpYLU2c5WQpL4c68569qHbntEEnkKxOpj5JiL_qI9wzVtxutQK5P-Koh4TULnU2y0jRW-wcdl72Fqx-9OFINRu1nmR7aWuQIwVivO0ofu4hFdhCejnW3k1q-7KEj17-FHW6x_VL4KIPgTo5lg-yTXIptV7v0cEfBlTsaUUHbOUoOoEFMGS5flX5ORURwRfJcu-bx5Ppea4wVSJZfnCU9svRBZnbv1G0bwuuTDtalEiYFLIsRnEDdhzql_pbpwATt8d_rswTgBAOIBfjM5LNMkgUGCAMQARgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAeKg998qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQveskGNaCqfwB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMECoOCgzktLEC7rWxArW4sQKwE7_c0hXIE8bNguED0BMA2BMNiBQP2BQB0BUBgBcBshccChoIABIUcHViLTI0NjI3NTE2NTI5OTgyMTAYAA&sigh=ZZJ8zN4Liuk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNDuaLwpJwTXdSky7GB9Rm2iHqyb7sSZT-vWYTMgcpxgHLLlG0KCjQj-S5C6X1mnp1QSeoEYq3SQSIbByE37R844SEOvKr39PCXw0YAQ&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=9578285275&adk=3645834497&adf=3077256435&pi=t.ma~as.9578285275&w=750&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007199&bpp=1&bdt=332&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame E19B 4 KB
744 B 30ms
28ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:18:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E19B 205 B
652 B 71ms
20ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 392992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Nov 2024 23:26:56 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E19B 604 B
696 B 72ms
21ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 20:49:16 GMT
x-content-type-options: nosniff
age: 488852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Nov 2024 20:49:16 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame E19B 15 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 07:40:29 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame E19B 21 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:09:15 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FD09 624 B
245 B 62ms
61ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNVpuoTpvI0n2h4IPIXGzc_bDxhlYmdfpRGjUuaC83nN1FlwTQOYRXCPTyLHhKkCxSDjvQogvKEloTFnygH8TNO6VMw2AiZ8McD6U1wDR9H-2seg-YKdw8KRZDGQqrBDjP-3bIJUJ8vEUB5u4fDpGVHk6kuXYBnxsDUcj9cUAZ904-81tWc

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:48 GMT
expires: Tue, 28 Nov 2023 12:36:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B222 89 KB
31 KB 139ms
138ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B222 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:08:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B222 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B222 202 KB
64 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B222 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DK-3MKLXJwGuoJM2gDOUqggVLg2qt9ka7rQCO-dnakz80v2nJyI0X4cEJ1EKfEkdWhvgtb7ZiLfPfXe-PJRAy8hdLBrQcXSYMSwfPzXBn9Gggbex8

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B222 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5481335514928095589&x=1&ct=76

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3E2F 624 B
245 B 67ms
66ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNX2ABD-kQtjr0LkTAFY1BxCT87fjEjoU4aU8yiAMp8a_OzBwLFTRSb8QfQQdOmXWzaXFDKfaiKX2IsgZheiYjr-X1DEEBJOsGBneio2Gt_a22hqvWB_shpNm4nI_CX7Bbg1eBnoc71JfDw4xlJkgJox0NWSTncDrrKMnSQiM_p7TRNxN1g

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:48 GMT
expires: Tue, 28 Nov 2023 12:36:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EC18 89 KB
31 KB 180ms
180ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31498
x-xss-protection: 0
server: cafe
etag: 4296746511219988724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EC18 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:08:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame EC18 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC18 202 KB
64 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC18 42 B
63 B 59ms
58ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AbhFxXvBQDdD_RMna01s3KHEFKKBBxYJb5Wi2msLDOI_HFyyBIFLOreIO8ZVtZBxmXuQiWTyq46HOCOA2Q6f4uw4LOzypxWh40w7_ewUNH8bLHvCk

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC18 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8484764451639637412&x=1&ct=76

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6B87 624 B
245 B 63ms
62ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNWWqbB_FPRI5kWSbuk4noPIahAfCC5DRSVhk89WYU7ppm5hjHCVffUOnrxxGHB_BjrboPixK2m_GCH3dw7-b_movoxzTwP1pZOyH1hdaVx7s5GD9_c9BOPw_y3yvJ6vFQuzY_SUlp7tYOuFa8mCq7xqocaCEmQTf_VsC3BSWV0tdosc60g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:48 GMT
expires: Tue, 28 Nov 2023 12:36:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DBBD 89 KB
31 KB 173ms
173ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBBD 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cs-iuz2dJrr94I956nyPINDMSmJ9-uNhRFgtnitdebl7jTay93A_O9BXEEeyTqBzd-Fl_HGrgmkIrM84J4h_IajqcbXqSxTG1hyxs_8wYqk8TOVpI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBBD 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15279612539341614407&x=1&ct=76

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1474271/76103297/xbbe/creative/ Frame DBBD 263 KB
80 KB 50ms
49ms Script
application/javascript 52.210.22.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DtzMldpy87XEPbzUA24Z8yRZv5YTqNhWUwioUz7b32auoPB6BcuBFjLKFJtde-dVslrvWxA6jV_ViBJr780us6GiQHn7XoP8883QrvA3a0XEMPrISgXsOk1VkA5cyRKJFvR1pa3_FP-6m0-uuQUH1MA6d7CX2LklkgEFctRytje9PNqv0S-RQAoCZ_4IS4swLXd3Ux4SkRcqkBtST-Xjy1F8J7bUApgq5ks4ONKwv8pLMPR2VaCqqjxXFZbatN2RVsAxC8Y9GsILnh88c94ti1eIxAlSavyhiXJekuNgGTDwBlPMAZbOwAKFALORptuy0jKXcA0t-dlgRMo1LUPRGJs70n3uxIDDH0JiFcTiQPUslnyKaOPDsZSwxv-cE5Uw6nxqM8uU7AtJZyMAqyC2C6PtkH762eTr5CN9SbTuREXkWxl6W04VugfJeZ_Kh2bbels9KkDVgiEmw8Kz7CqWGcnoC-v-3WAkuqNMn7nQTKNj2jjXTavlLn6bEfNwnEXStxRIqHkUN9461Xab0smOwqpnNRT7ErwAlNRhjjNoF5jx3y320HyScFumiXX7wrhdaAfznsl2mA8DmzNlfkKwDpQ1L_d7A3q8N3o9jHbBxEvobQQK1k7qQVX3GCQY2Z0W0uRep5vITqeQW3X4g79pmZYZ1K5UhY8QgsKVDyFBUoyLTG_xrK4exwrL78Z2wNzyOw2upBjgFm8U-toq8D-uX3468hv9qNM98I14xaNVLIEkS5Z_8z98NW3xLYQo5B_ARAojnUnBoXQl_YtZCr2tCGD70owug49UH9pg_e4YsxyJuajPm_39WMb2H7tlVZ9y6-wmqrNqhcE19GRWC8RtBhCLy03UUzy1yOLV3NOf8K-I40Z_1VaAGQ70PuUVoefKIWQgtOlYMlkoAb3DTBJWd8lidXKrhLLABMGzqrNLKks2niNrR_wuh_0FbjGoNT3n_rwFt_15lx_gC_4TvdvDpru9iVUf11_9M4xPbIKbEqxb5PrMdmdQS9e8FEYHVobNLFOIfXzcoCu8K_gTJiXUeMK_jbiSZGQs8MyNeQeePFguBPryPVUXebZSmZZcF7JSzvkWdpHOiJ6b5IqDwpdBU9NtKaXZWtHjK7Os4rU3oa9UGIDFUGCj1IbpxT_e9uSXlgXF4Fr_FT56GSdmho10byjZiPgIZAPyL97OflF0fp5edvG0mkoArVSsyyPo8tGlTpwiFWM7zSEkboVTbvTz9d5tIwMlPQ3jjg8IfMzKqXOEeumlKQNezmjawD4FLptZidvRA34DOAfIZLrkcb8IskCG1MnxXcjKFdZ1P2PaYIf4FiPuB1hc1z2v8GA_WvaYwyJmyNJ7wOXab2T4Nk1QsBSgsiy1erbrb-0YvFl8wv4Ba9uZmB1-PCWB9kr-2nNqEU8BiLkjr9pHGerVdFfV3_T-yMIgNk8Vwx6sEj_yEVHsxA210Q8uksB2Gr1PPot4NLB2UqcWDVScU08-6nL5hnjlki8xoN5Q_kQzfI0w9HYSmmg9Iwk4w4-5UFtVQGTqwOPbzwMs4QZ7i3gfydRqRRLwd51tyLRc0nkATiDQFZHOJDN3xIRkIGFs5u3zJtCGjTTJyZ1fAKpn59j34tptj5DOdPmFZfRFKeqY7QDRm7AS9dsoe6do0c2Odr34ZeK1JgAxgTPagVfixq0F0iJZJLvlK_FgfjkYozu4jILjGo1v7CaGoTdPOgDyIJFWY7HW5Mn80gqeM8aJNSuuwUh5RyeaQ_f_J6EM1z9WV6U_gjvZw6tm4HKKgmW3s-OiLHUTg5p0LD_AcgOuL6itqPwzCJjwdVDhCKf6WDZ9MxVNeYQJh1mjO3h8K021qHJRD3rc0_dTcG8hvPjjjCFhtmv5c-ojVKGmlB2Fyv7tE-pEb6aKqIcOw2ppV67VW4wHPl4CBvG9xBluXUzBw2iVmkNX5mf1D6hs1v6LF2HdaVEzhfQuTgYeg6DwAD5R_uxcyYpYZfkHbbKaRdbtwKX5ZS0vy_x8CFD7iclaHLwTtgHp2vSvaJkBiFEpkej5E0VlJlg7u_8x48UVMeV0JY6-0PfFg_dNTzQhHkbDn7viKL2IdY7nW-5DOkRpPvf-Ka0lKMVnNzS_9-3x8bnAFLcEiTHUjWZC30AvXEzojbZwi1djCdG0FUUeUyWqMf5Dt-ffIcpbUR5SFXy_EKTfRtJvAqYrXK_5-anAHf6rMGksNrYNL5WJfav7ZBPW-8RmC-driP6HdnP834fTydmC89C4ZR5VEl5tvW2L-X7FtLMGASiVJsTnAMwJNOMHRmz33x7Ex7CGvlq8kfxRXwcEio_sUU4adyPsMs-3uuZjGQNSMPeDSDoX5nJ6U92NiEV5W-S8yua62ddlo4QAS2mGcqo0tJYeOQq2TJ3jYU7Drp4D6DKP5CTX9KM8T0UfpvCCbKfxKVZa4shkS_HRT3sZC1jSM_sbLLXhN95QZhoH7HvHv9gLsz5GVQHd6R4NLOqIBKcicT206AgzDqnnNv_wVjd9yjmzPmC05aNa9aqYPPCOrtjwFlkomqqsegs-zdLxBjCssP9rN3RLQshjuZ9DvQzZdjQf6HJmftGz7sRNXOeAyaUm1JP-iqZBr3aIOu6rwETW1Ck5dwcE8HXr3sgzX6W50kZN_pf0zTYOUBxtN-5QZyTlGVyj8O_fIVyMa-AF19tOaMqX3LSxj0U0QZ8LHW1tc9TBydowsjq04_tc3XGG72HYRAjl-ps5lYvu9alDcaxxvpgiaTWuTCF99QbXuO-Fsdp01sl_pbXMUUZV2UAAjIPKFSsoO-LVLzW0K9Z841Zolh538oNxFsdLXH1HUmHuJpcHlGsp1OrbA9zMAGU4TgyS3gV3qo6e0T6vkLhsMmZYq-YY-Y8wEcExDHtbyomYOzw9hXfvirrOBQZfPZrjWKdojEbK2yCaDocb0H36uxwaw7PJz4yeBidSSkC2GNQIJkUtg4CoYMiiMDH458Ryn9jO9UuWhic0jbSdgAg83Wnf4MKIdE0TL5h3O_m65PYYfTysxatFKrzjrgQL5mjxKYKnU1SyrYDDfp8E2pTfPHXoh_oDPR0iqx3aNvBAtlGKp9GH5-iWj_abwFE8kNcjoUs6sgAjE-K5Ooz2w_mzsiUWVyDJTH4QqaevyhaXQW9b6Xq_XRauBAaV3qdBOvUiVKqIp5Nujb3ZWifFCuR8i9JIjiOyYM30rthQlSXxm5KimTPQqF9WsJLoYhrTWBCqyQpS992BOLoQCtMkkQEEmcgIn64yl_nL5qhd_MTHeoHcm3y-nELAh6HWm2yLJl664MzxoAAFTrAsLVMki6UVHLw0WNSAvMHemHvg0epuFYNcQl_2aiH6W3ALLXqeFnAll4PcZCHjOpPy6WZPKrVjWh89Gnfe1HnviIgjN-mxtXT1ifoghK0ZKqSMOxRccaJol3eCRQXxOPdxfvnd5eLdS8kDh9lRh-e_RUV7OhCdnmO53U7VcguOLJSQkpRqhtF7PFuHUz3v7LScLI9OB8fmMbHMS9sUSTT1ryzu3OjYchye-J7ekD5BN-vFGSuDfd0-gkT3jQJBl2HMhtbGmLkZDtZhaGnrex0RWBLiYtgmoy6bk3utl0Kgq8lRPQtfBxiufbZBaFLk7RzHqH1nbTmaMytxixEu1s623RHlg21J_XBlZYIaTtS89CKJJEAK0lMPao8x5fn5k5isRmAeWxuDQqbJpLz2YrtwVJqLo7zXP8ohX3yB3BDfXKyZ1Hqk2POuvIz9OXmxpVCAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAWAB&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20118583893&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j4hKyIZQMFukRnnKf2yOPo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.22.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-22-122.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f95a1fda63dbf42a7e121cf09dc9efeffbd2a31958bcb3cbad4bc7562732ac48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DBBD 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:08:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DBBD 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBBD 202 KB
64 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 22:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52301
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 26 Nov 2024 22:05:07 GMT

GET
H2 204 debug
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/ 0
89 B 30ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/debug?tim=13%3A36%3A48.295&type=usage&msg=New_CTA-event-1701175008295&llvl=2&id=3859&cv=20231128-7-RELEASE&lt=deflated&uuid=fb67521fe7709d787c9007b589af1797b4328ce1845e717371804328393f5539&dcc=9&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~4896216453702052277~~yAjXuzUomIOz0%22%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28970

GET
H2 204 debug
am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/ 0
89 B 30ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/secretmessage-gaflaquiz/log/2/debug?tim=13%3A36%3A48.295&type=usage&msg=New_CTA-event-1701175008295&llvl=2&id=5&cv=20231128-7-RELEASE&lt=deflated&uuid=fb67521fe7709d787c9007b589af1797b4328ce1845e717371804328393f5539&dcc=10&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22filter-next_up%22%2C%22itemId%22%3A%22~~V1~~4896216453702052277~~yAjXuzUomIOz0%22%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28970

GET
H2 200 c826222511b92d2ecf010de08f02ecb0.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 48ms
46ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c826222511b92d2ecf010de08f02ecb0.jpeg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 43b383f74300298db317837e66d37f05ab2ec84f8236704901eb56c94634a939

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c826222511b92d2ecf010de08f02ecb0.jpeg
age: 1087919
edge-cache-tag: 311747526743222041849724564868600885064,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 311747526743222041849724564868600885064,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 240
expiration: expiry-date="Mon, 27 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://de.ccm.net/
content-length: 8074
x-backend-name: US_nlb105
x-served-by: cache-iad-kcgs7200088-IAD, cache-iad-kcgs7200142-IAD, cache-ewr18148-EWR, cache-iad-kjyo7100139-IAD, cache-cph2320052-CPH
last-modified: Fri, 27 Oct 2023 17:53:12 GMT
server: nginx
surrogate-reporting: width=160,height=160,bytes=15989,owidth=1500,oheight=1000,obytes=716825
x-timer: S1701175008.308199,VS0,VE1
etag: "048a3d5d40200a091b8cb51cc67c3c3a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 0, 1

GET
H2 200 eat4kbpf7rt8luh1wrz5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700407355/ 4 KB
5 KB 124ms
123ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700407355/eat4kbpf7rt8luh1wrz5.jpg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2fcb5f0b3cc34d0486826ac2a84993cd394da356f6ea208c7e54f9d27a3e5a4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700407355/eat4kbpf7rt8luh1wrz5.jpg
age: 631710
edge-cache-tag: 419427257835524433733285771816476179892,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 419427257835524433733285771816476179892,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 243
req-referer: https://whatsnew2day.com/
content-length: 3968
x-request-id: d157c52885f1d5fb913f368a6711733b
x-backend-name: US_nlb103
x-served-by: cache-iad-kiad7000095-IAD, cache-iad-kcgs7200178-IAD, cache-lga21967-LGA, cache-iad-kcgs7200160-IAD, cache-cph2320052-CPH
last-modified: Sun, 19 Nov 2023 15:22:46 GMT
server: nginx
surrogate-reporting: width=160,height=160,bytes=5472,owidth=800,oheight=450,obytes=19395
x-timer: S1701175008.308531,VS0,VE89
etag: "9c68bffec65919f1debf5127aefda3ff"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 51, 0

GET
H2 200 903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 10 KB
11 KB 49ms
48ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 680ea157971c77dd6f21d89407c5d3b10458b26c6e4219075e12e71a99b37548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
age: 5889789
edge-cache-tag: 392738696118879087880244372989716533787,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 392738696118879087880244372989716533787,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 78
expiration: expiry-date="Thu, 21 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.discuss.com.hk/
content-length: 10622
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200082-IAD, cache-iad-kcgs7200082-IAD, cache-lga21954-LGA, cache-iad-kiad7000127-IAD, cache-cph2320052-CPH
last-modified: Mon, 21 Aug 2023 09:44:47 GMT
server: nginx
surrogate-reporting: width=160,height=160,owidth=1694,oheight=998,obytes=290525
x-timer: S1701175008.308532,VS0,VE1
etag: "198282bef633946a1d17d53c244033fb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 16, 1

POST
H2 204 csi
csi.gstatic.com/ Frame DFF1 0
54 B 51ms
50ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpibod58&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 76105514 Show response
unified.adsafeprotected.com/v2/1135760/ Frame DFF1 23 KB
6 KB 265ms
97ms XHR
text/xml 34.242.245.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/1135760/76105514?mon=76105515&omidPartner=Google2&apiframeworks=7&bundleId=&ias_xsid=[TIMESTAMP]&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20509697656&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&xsId=ABAjH0jWo6TJ9ML8Xjw4XnJ6vbwc&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jWo6TJ9ML8Xjw4XnJ6vbwc&originalVast=https://ad.doubleclick.net/ddm/pfadx/N7442.1972103DOUBLECLICKBIDMANAG/B30857687.379597277%3Bsz%3D0x0%3BAUCTIONID%3DABAjH0jWo6TJ9ML8Xjw4XnJ6vbwc%3BEXCHANGEID%3D1%3BSELLERID%3D916475631320%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.gaflaquiz.xyz/%3Bnel%3D0%3Fves%3DdGltZXN0YW1wOiAxNzAxMTc1MDA4MjQ5CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdWd6aHdrVFRMb2hJQV8yUUNQUWNPLTk0SVdGazZXc0lmYlJjSUVEZ0Q4UlhPOXhPOTJtWWVnQjVGSUNpTUNnZmxEaXQ1WmRBd2VQVVh4ZXppaU5oY0lqemgzNXFYTEppdTQ2Qm9jcy1lNVJ5SkY5cVNVZU4wNGw4dUZ0OTJzdEgtR2tSbFhta3lqU0dRSjktQy1MdTFDLWs0NHJIaVZMaDBXWnVRR0IySmdycmUzMWgwRGxwZ2dwcW8xNFlGVlRxWGJEdExJMzhkTVphNl80T3ExMDlmdF9VWlFvMW40eVgzNFpQRl8wa3FXUTEzQ2RGTHVKaG15RlhaNnlJa1Z6ZGVDZ1JybzRjZWV5bHRhVWFkd2NJWDhESUxjbS1BY0VZWWxpTzZFLXFqd0E4TnVYdW1XTWVscXhuUkhvWUY3d20yTG4wUUcwOFNjQmVHbERCR1NDM3oxTmVGZWdDQ0xNMXBPM2NKeGRfTEk1QjhlbkNSeEFvYkdxU3l0dDJLR1VBVDlpVjJxOWVBVUtxdlo0dWN4Vkl3emlPNUZVWUxyWWFDbi1DQW1VbUd0LW1WWENTZkhTRkxEajUwclpCa3gwOHdNLVRQdktZTG9KX1hwbzNYU040dHNad0EyRFJNcEx4R1pqUzZBeUtiUlVYU2xVRUg4Y2Z4Vmx1dmVYcU92U2YxbE5tR1dIVDhDb3B3YVZqVkR5ajRaZ1pzdFE2WTFFWG9CcEZaZ0gzVVZWbGRLWVNwSUdtbHlLdEl5aHBjUDJaSDdxREFEYUtHbm9rMTlzejlGaVFHeHRRYjNWOE5yYTVuNmJTQml1M1Y5R3otcWhmZXJmWUZWVHM3WVFGRjROdXJDTUg3WWF0OWJCTGdFSDdXMUNkMk5NMGhVcnhWS1A5MDBOYTlvdHdtczVTMUZfbjQzcTJpejh0VTVsNFJ5cThURFd3V1c5bTI3QUpRTXN3VXVTVXhtTzZiay1rM1NkSW9XZ0paUEZlTnpVM2pfS3pnWklhZVpGbFlhY0N3VmlsTV9rNWFuUHRvOW9JRkJXVlNxVjVYamhXZVlGbVAtZmNhR0J2cENKSjRfV05ETzBWWFcwdTZBaW1hV2VJWmxmUDhyS2hQRHJSVld2RF9rTjg1TVpWT2FaZVhPZGNfbzFfby1CR3JweEYtTENBY1dqbjJTMXNGT0JvQTEwc2RFVjBrQ3gya3VCZEZWMTBuUjY0bTRDNXo4TUE2a2lUX1QzdFdLQ1pfNDVPVXNaMmtMN2IycXdfR3ptRi1DZnVoaER1TXFXaGtTdEc0SFhrM1R6bVZBY3dibTdCXzRRQzhTcnZzOEkycE1WQ3R5OS1NUHJCR1EzZFRxM19hSlRvc3V0ZmxqUWNybGZxTUl0VzlMd19Vai1lcHBwekVleWJMWlNUVWxwRTN0alZJY1hyVkRwTGUwLUNyZktyQnI2MXZyMXBTajlWN0p6aHhZbW9FSUFJYVFSUG14eVRGMW5BWHpzWEg2MElldjNobzM0TjlvTXFZZ3ppa0tNUlZ4TFJ0aFZpQXI3bWRnQ1hLcHMzM21LWEtpWnlfc2Q5ajdGLTRRQ2lGaTFWYlNkbkNmSlFjdThYYUxBWkZHa2NmdjRFMDFZMWlORUFrd1Q2My1GbUJXZGpGY1A4SjY4UHJTcmJHZUR1aGFZZGFUSTd0MkV5UDN0REJZR1ZTclFoU0dZNUxHc2lwLThqQjNYcGlkVzZUWkJaQjE4Tm56MEhHcUpvN3piV0JYQXFDTjZSbnZkVnQ5Nmp2Y0xxSnQzek1nZW5fUThRamdPb05OX0FQa2lRS3dLVEkmc2FpPUFNZmwtWVNFS0VsUFBGLVhobzRMVXpOTGU5eGNPc09kUDNLX1NkeTZsbWF6Nnk4T0hpb3hITTdtaGZBc2UwQVFkajRmc2lIYWxBWTlRY3RZVHFzdzdDX0s5Q25FTi1la3c4YUx5MTk1Q0xSWC1JU1dDQ210a0Etemo5V2xhbzFhRnlXb1lJbHhFN3FqTGxkZEVHWkJ5S2hSWVJMT2xVeHBZM0ltSEloOE5lLUpFbmxseUptM1B4V2RtbVFhbjJoNzVYbTVzR09FRXc1U29rRGhtejhVTEJ5SDZJY1RNMlgxUVhRb252SXVDTjl1RlYxQVYtMWVZZ0UwNFRYSDA2VXVhWmhQVWxZVURHNFBMWGswZHVrWUpfb0xTZHN5NHZHT2VjTGhEUHNUSWcyV3ZSb0N0VkJmZTl2T1FhMnd4VGF3OFJuT2VjRjg5b3hOWHVwZlN5cTImc2lnPUNnMEFyS0pTekdDOUxKRlVrYkJhRUFFJmNyeT0xJmZic19hZWlkPSU1Qmd3X2Zic2FlaWQlNUQmdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cuY2lzY28uY29tL2MvZGVfZGUvcHJvZHVjdHMvc2VjdXJpdHkvZmlyZXdhbGxzL2dldC1zdGFydGVkLmh0bWwlM0ZDQ0lEJTNEY2MwMDMwNTMlMjZPSUQlM0R0cmxzYzAyNzA1NCUyNkRUSUQlM0RwZGlwcmcwMDAwMDElMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg%26dc_cid%3D203224912%26dc_adid%3D570667618
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.245.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-245-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 459fd29bd44e6c75dbbce57e7b0efe135a57e198d265ec6a5930c912e214c29b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 12:36:48 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Id: clitto0pd6pm5vf8jub0
Content-Length: 5873

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame FE2C 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT-JxRXXa7i0Bfz2u8y06Fe3H9EDgIKYcUSIY0h-OMiTf4BVEaU6Z_sFzgXynMvlwiOr4ozrRoTZHWEZM7FXInnolMNeDxvsOtSfqL2ggSEEygsTmfggKIBbZ2yWtb0kHuf9hqz0BqKpuhVdI6igtjQ22zzoPTEA8b2MICpRuByLyOLYg&cry=1&dbm_d=AKAmf-AH2UciWHCfucUv48EOIiccqWO4glXy-tJrRMLC5gD5_mTABsTX0pX7AiZv2EXiB3kJFP0njppNXbIfMYY3fYAGJsgrW4JV8g2-USh_tyugJ9YvF8zVrwAlH4H7hhRgckNi8WsjrBQ9PaAcLYYiLYzy0S1ik-MVAmeyYad_JY6-97tckioNw8FVfqh09x1yJNPfdxwPAHZUd3FWHfooO04tHMwQSeHIgtA2AVO8BOL191_QsymHZIAdi_tQ0scdeOcEEEb7RMiYV6QjIDMQsoZ8YR6ANOZb7m2vhh2RXQ9iikhUY6_OWDaylk6mXjfo23JpWer6TMV2-outhHxhYGkz6k3BSKOK9AQFz8OWiOy-gD0t3Y617tYE6PRbYp2WZNAUPugebPRuGVN7YXWykvF_Z4LAHDycF6f9w0eh00aWLi_yjZGYOfz3Oo7kglgB3Ghb4szDhdd2et23YIaVMgzj1ncMoseBeZ9m9Qqcfq0QNcxyPlHNblpMRXkd8Zp5sr35Hpr-zuL7N7novlm6UpJ-CNewBamotoYdNzCJUMNJ2S2PHC-1gfEhyASXepnRxvBrrvrZmmyKCdV3URGlAjf3EX_3VJFom7Uqk1498YxRGTuxuyTlCRcs8-YjNr9GmU4D3LDLTjXkWoOtLEiRatCNW4m8OJqTxtXs7nvldAWzjzIMwPpth3C57tmzX48Bq-ki_GUZHcgVnz1JiJRNifnKm_OpKOqfO5oZbspPw-xnGgrzzh0HlzvFwFiwvT8THGw_Rwf_FKdLCffQEx4tW_JFG5V_lIJobrBoD6kkCLXkik2ZJzndomjy5GD0q99IR4Me-1VMu7RS7mYP51g2mrR6nkUNXIWQg1_vQWJ09iUVgm0GWCo-MLIQNkMr_LOTwTVtEsHJ3gW-HMT9iR6sf9Wyckf0F61V1l_KdAqa8_FdJzfDHPoWRrFZmesuy1McHV2lcJHBw6Fis4mYsYZyAFjpQNkE4s4x-Nz4ZqIQaCpLndxjyw06IltsIbNSGlg9nPJcT2mcWBLGgPLBjd1NYV0484bfN-NrxZ7QHPVTA0tNxTacWzJpXGOSHXH4tail_TlWblXjGM1bP4xoUEfuALvCiLrmhcw8nlUiO8W2poRWtUZwza6VXueTKHKG_hNUV_HJf77LsZ38iVwwOBzx0yBajy0IpxyZ4ouu1SRXOCPmXpYGg1BhLrVgFf0FvLJBewEv3sCB_7AcF_R5-qZLsiYFfVQErSWdF4uz5_uJgIYaJtSRIBqU2KdkZaVC9jdkpwd9ponRJZ-yJNaprBaxIb63SLGOfofsc110J1-On4panpBTsiofhA7RRohJkcxbM2EbD4UdqnmQAMIPVgfyL910v1AgEX3baK8ayMVwwhyIX0B6FM0yiipY9BMNEjmC-OCAyxpKWWLZACCSCio1ivVKD_7FFRniO7dszsjgnAglFme962NbdpOgW3YsMTpeksL_un7aHIyHhr8w_64B8Vkqmc5i8v12GdgVp5Tzqv0nhIGRksqfcKORy0MthFYwfpJWE96aL1TN_2ynweMJpua5QN3YaEifZ_aNLnZGDZ7sLipJETZzisoXdGiHuZkxy0EK67sCdBC9gbTPvEBl-JwazeHPp0oiiMS0je6tUyhDCVp05EDsMpEcQdJhznH8bFaylE6pK-mDZZwGcchvUkNzOwfElrpnqvxpFiYR1NlEZyb8m3L-7d1R7ICvoKlfKEqkNAF4ipNkG7Yf2c35CXmAIhkexaRhfxGTFl0YKLuHyKYqWc965gCL92lcmQcdF4yzHbtLI24zcKrRFLFC_aeOFdlr4fd7gBh8xkIh1syjdIWLXYe9Ge4MG8_tLV6WhNiFeRajFZp9p76PKJW6Ij14IhAvhziZT8U9tJHBUDVrAN70Mq3RpIufi2AIe8l9JWueVHUtbn-UWsVlexkk3AI-T_xWIDQzcQnQ_meE08WvQSAQMAqK4Gkpk2WdhZEJ1r2SJoW3BELQ2nxjOO6W1T4Prog2RKRJpGBL6WHfB2rmPVxP5RzEF3xAuXdJmYceguh1F7GoOYmkGBi14rnWPyjlNXGyfZNH1lypYwTVbpPDj-4V6IU9bo4tw6aGLhKLQhTdb0ZgslJ5wa3J-F3SgVYgQGV-Z_eJo98ooJofkq3uhUTVG58d3oSB2YZR9SocrSGj3AN_-yaLxKxcrCHTeARs3F1CC2xPG58pGkdfcYRGgkqyflds3V_WKRjSjhvA2cmnnXiZF39OZUUraC70L9OizxtzgOyLFjJTX4ZvHSMUpb3d40eOiHkY7zT1KajaDPUJfBKQ7f_Wb5lHVaSPdbrbOX6u8INQfAs6PTo5rnMTOt7UXBV3lFCJIye3t_8J2iG0uvs8UDleg12ap6_mv1jTtcqUeDNfOg6EfCmk32SNwDkE8yo8XAew_nNttaz9fhF1vRIuQHWFtCq3MPG5L4ybdxhlW-KH_AmGLwA_r9CPZmWrX4KttB8PoXsDpCK2wDFb5J4vbgkgLCPDljHBDMMI96MLfV7Nidj3CmyEJ1ASiM6tX8p0D4Yvkmh2LFBlbQTavHYcGN5qEf_FKF-WyYKhABQ8kJDtV5gnF4rQjKG78SiZl01Lh_DJqKRLsYMMpqk2UK3gVcqLlpUyWQbOmJEmYcHhbCLu2-NjrisTpJPBsjDbhSIxx-AtXrOKnIGyqbj0k2visHlbBccYdQmIUDN41UCe7RT-OZZRgKryWux_IC5yeMu42lyHKEjAETYwLctNF3ZijzZv1e1bRVKXp9dIP7S-bWhVzE_Qpd-RsbX9jJ77Kp1QvEhzN9SPKdzq1eaMEkwUEjs_OwUQPQZtavKHOEEhbIdqviIcrzhbqaQ3vD84JMWEzA6SgxgFs9luxqKoeu8_zJ7-RpPlX0gIcBcbh4uwkveATyc2MvxoxbZfWzSUsr0B_6Z7Bbm2SONOBOhucI-UYmw_RpokVEWQEHNkkpzgBojAYLylHbN_dTJsk54XPx8hW3Lb809I8A0jw7vdphMee9xDLkpzturaEKl_jfVUwQ&cid=CAQSTwDICaaNq-Izz6zxkWywYtVA51b1HjEs_K7e2vpm0pJOxmG4Jp9xwsLuz9tMybWUBX8VnUGOlN1EPP9_MC7xj2IOQvCTZWjQAfPf-Rc0MOkYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=12378267314779064000&adk=250412560&idt=118&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame FE2C
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DTJfZuu1nVZBC2aprBXKb-3ZFSdulTYrftp9jmGGQRUl1up5gR7Ga...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DTJfZuu1nVZBC2aprBXKb-3ZFSdulTYrftp9jmGGQRUl1up5gR7GaFi9872j6ZNbAx92aWkPUe--Wk9...

73 KB
25 KB

64ms
63ms

Script
text/javascript

66.102.1.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DTJfZuu1nVZBC2aprBXKb-3ZFSdulTYrftp9jmGGQRUl1up5gR7GaFi9872j6ZNbAx92aWkPUe--Wk9NPGhHwpu5CyrxoPwy2W1khgTr3U_0Wr2H7Qlcrlr6_m98797kXjUpPvFVJvm3ZAxwO59GE-qxG_XuWugqAdvmskBYOsrrgsoRYS-RQAoCZ_4LkOtTZwUYJC8WH-z4oal2al94F2LCeqAmkPBQ9kET9LMDCrHdR7xnyzp-0-PXyB7AMq7xGxzhES8nQwTdTCiVaqxsKrc8znqKUgVo_wW-ymAE871NOuy_ybWh_xvancMr1yJyhNydSicuYRKStr1fqaZ72tSRq--iT5HSVWt5ewW784HJjFfw2N86u9mSTvFHAc7TlyUvG3lZoDj2fzSLgn6holYWzOfA0r8Ew2i0ic7babhGNQFhLDB8xWbz_q15yh5IOIKhXJWAGI2eRwfh5aU7jgBPvLoB1QWUtIHBwHY8GSqy4fKRyxGYzgcFFnaXHMPzyJ5M7LG61tbzW-Hj3tFiUi3Q-Y7pLbG5uySgkcJYDCSfHfi7fNbskceSI1BoKclHySTtXlxAJwk9YOHOIHt9zSgDpvnykK_Rgus0nEC0ZgUQ2gqwDxqKRmtwqEYDPTtpbBYHL2t4-n-CE2wgtmK9mjA-Ih0Bhvamyo0D0lSYWgGVWw8UQkN3N0hHlHPgDUa8AKRsBw4YRH_FBZQc6Lswn8zFXKvuHN9KLUXtWhigjVNJFWVnSH7bLYwWd09i7cYmuKb7Km_jWZpSo_zHX1oZrDe7WGS4w4PWrZbpzCK9f0BJAvfYgYw5KbWWYn_tV0W4io8w_pV7THtiKKi_f6-EmX5nrd33HYK42fCcUmG6gTNAiJFFUBQnuPXWriOZMpYztEJMtbDkL1dMjYvutZ0s3cOrkItninwyd498ZHYe3N8Ea9QgkzkCLQPJl9bruotV1D2sF2NM-WWUXV_8BA4QrFzCno49xAGT-_4Wm98zumnlq_kKe9MJm35dFPGsFOtywHkMiUwxf4p0AHPJJNPpAji8GPjafL9_1fhvulqUPHj0_eGqd-PYU1_JbnGgVZO_fbG4D87cAoiVxMmoSb9IMtsQxF93P9gi1RBgA6c_lLNC13b6JDmrjjLKuyWhy-SuKpfvdqhUHe8gbkxZ_kjnCzqu-6Mo4atHv2a72J3d0PbdlDK1ArPWlqk5L4O-cQjAsRr1eDFKrZAtUf3SjBx-EWb40N2Ni410U3ZWJNIixSv6EoI3A5qfLabuf0QXQ_iPv6r2OuRGWMMp92KOwveJ9R8hyZCdWZFmqKzQR_nGKHbhB7u5ywqokrU8t9w1K9VXsn15KsaZnBzohO4-Pk76_SP8Qh1vmSqoXcspYz6YDQ-lnEL1cF6u2h7v7hRzddpRyEXtZGKFCTDKraA6z9bJTJn2DEjgXYWCvIpioiaW6A-xjDYPCpghJhp3d1hhjjfi3Sjm1c1xA3Wmrj35LYyC9vWzBpBuG9VVgBPai-G95LZIBp2NnayY3wen7k1qguXkciDnDI3vGuUZfw7o6Y8aReP973duUzd0zyqRTv7gl4beOppS6mKubk_aERQVEC9Sol1HrxCVa6t4mki1765xQF2z9CEqBPg4iqWoKpPWrJbakNpNoodZsfM_cguglWas8KK9zHWxKQNO-25WJ6SwTRcO3SEQV-BPHnS3wFAZru0R7e1S3GtzK1SvpvjmcZ29nrs7h0dBYA8h7Ryx2IUXqgPG1DfNVG_UK64NL_9KStoHB_HJs9EhsgxpHoYBN-_Z6V8kTqmy3frs-AJ5c7qMXCNG6iK4TdDoG0CosoE_h9W9kEwyo_vHfP6cW9y7ymX6AIA0MRb8oeEr-_miPU24cJktnsk1-mi4Fo6fXxQ_ir1XPOwglQR7SqR2yEzBPVyVqA5aQ5Vr6Q4_Bz-rHkgKW1hPD3TfZ0OiY0u9i8ilAOsc-ZzEHqDMClUvJjEjVk-LRuh4wjz5VHB9rGqDUExSJIjTsqnJOLrH6rTQF6sYPuyVWs_UxvnKKXVNr5qQ20C1--_FRBPs5lmnkNQoLvR5yBfDa1JlxkECo2YtD98rsMSeC3Lo4_xSxXtiEZyWjNFeSxmf4P2zLtK-pAlaGoMaxJbCwoKLb6J16AOnl-VvJ4H_o7_rf5l8iqvkPgcNzUv0YUxxbkv4wLO7MI41U3juLQAAydWByt6o4GldOD7tCTmixhYwfsvArM1_vwL0PQj0-wgXM42X1HbdaSI5q5cLLA0NiAibR0JGxSGuHZ_Fv3O1OLTHmF4IPoWFDSMMURi55fiz-992DYFrhbz85x1RMN2eHUjIQUWSYZm6mUMvQSLnwSbG3WJzeHzm_B7MEQiC5MpB1XVbwgmhBSlP5Q6Np_hGt7QcuLh_T-zRhaj3EsfFMYgguOhdNtGt9dAvkWQ5LtbIQtJ77z816mGc4mqsGSUVtwy2CtHL54HkiMJNxADU_bmLn066-91LBRStuDTr6wOb5QdAmI3A9fkIG76n6t_QyRy7K04mKgLdNZB7_XBFfHc-ZRWiCEEnDFKIUvG1Df0S00A2YPm26MXJ0OnEWgnX3pXvV6PPMrLIsXrPUUmj2YCsH6cO47lqO6FVblNAX4aDCb4QBqebI3hBCqfe1fRwXlii_9fbHJ9JtjsF3QGGcUtGs1optSMtqxSdSZQR6kO9wYUJM7m4Qy6bTZPHtDPL3F-1YVA0BaK-N4PADyDCE1rNbomQ5oNpyE41N0Jab_hvyPPDd-MPr4gwDcOgzXI2WrpcN3gB1CnEMWzgFQ4J-l7wYrBBSl2GR7Bx83C7R0XIWROsAT1SyXzd7RYQUp8OGXUcbCX5oYzumeOzVTl8K7iHMDmJjcnZRY2ktsaMkpp0ZADMYUMEZNLmnfEFCbXin-MJM8XOKjqcAuDCIYJ8BGDLF9fSLLXiGt2MOSpj9iC-1FGpvoTAptWssdlxb-JHcG4AQZ9JoaUC9SK_c1YqMOZ4bPEE2KzHyEadlkiAj7tB6lvkynh_6nL8kePYs9MBV6cxhA7dWFMpueKkn17mxOutNbDykMlkcvVCVChyIqq-VgXI5mYbiiUgNahTpdnp_1MnkhTmFnAqxl2ekszBZPUA0WDND5KjhpcTIlkdQMN_YRMlOvZgYu3gt6wAayEgOShdVK0OIvnbjHckghu7FtXrQVTxvEeTzSH7ODg06fnIBRrUzGYGfEKEF0O2rvyOGawdMumuYVvNtkal8-Tc5Aa8LKyoy9GH29n7vZsDpxL-0BiX5JSMjicOE4ldCJoY3J0LX_n72skQb8Z9ZRxHKHykzUseQXWp2t97tNUUN5Y5dq0CXYViEhK2SyDWDknQigNZfdViBCqMz4zgu-5BtyMjbQqzCmIW623IIRdaqsMv7DaYlmqlBUSmoja_k2HCdZEhL7t9liCzRtGm3Rp30NvaTgQFKfajVzEVCzPs4lLsbNJpLrFmU6kHwlW6BRIeij66kWoiD4Yx3j04eekvo0wlCxFSIS9NMZf90-mhVjuJbvGeEnNz7j-5E-VpM0VxceoZtRH5CiTRsZfJ8dUvVlisVRKQBLLvR5YfoOEk3050zaCs6NGgenRKMh4wEF6wM5AXaO23K47pCPHHC138tGu_mxAm2w5dLlu-LMusEkYnWaz8AzGc7y9hZuoqKLMWWP9m9ADR6cO6HYCaiBckG1rB8UCqPOX4d185UX4T_HNP3hFrXIMxDOwurX6GLQCSWqS8cUjmfFUNk2gQUHQRpVCAQSTwDICaaNq-Izz6zxkWywYtVA51b1HjEs_K7e2vpm0pJOxmG4Jp9xwsLuz9tMybWUBX8VnUGOlN1EPP9_MC7xj2IOQvCTZWjQAfPf-Rc0MOkYAWAB&bundleId=&ias_xappb=

Requested by

Protocol

Server

66.102.1.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f157.1e100.net

Software

cafe /

Resource Hash

0ff71d5065ac7b60128927f0519ef6ec4afdcad52b5428dabb3851ec339277af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25665
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DTJfZuu1nVZBC2aprBXKb-3ZFSdulTYrftp9jmGGQRUl1up5gR7GaFi9872j6ZNbAx92aWkPUe--Wk9NPGhHwpu5CyrxoPwy2W1khgTr3U_0Wr2H7Qlcrlr6_m98797kXjUpPvFVJvm3ZAxwO59GE-qxG_XuWugqAdvmskBYOsrrgsoRYS-RQAoCZ_4LkOtTZwUYJC8WH-z4oal2al94F2LCeqAmkPBQ9kET9LMDCrHdR7xnyzp-0-PXyB7AMq7xGxzhES8nQwTdTCiVaqxsKrc8znqKUgVo_wW-ymAE871NOuy_ybWh_xvancMr1yJyhNydSicuYRKStr1fqaZ72tSRq--iT5HSVWt5ewW784HJjFfw2N86u9mSTvFHAc7TlyUvG3lZoDj2fzSLgn6holYWzOfA0r8Ew2i0ic7babhGNQFhLDB8xWbz_q15yh5IOIKhXJWAGI2eRwfh5aU7jgBPvLoB1QWUtIHBwHY8GSqy4fKRyxGYzgcFFnaXHMPzyJ5M7LG61tbzW-Hj3tFiUi3Q-Y7pLbG5uySgkcJYDCSfHfi7fNbskceSI1BoKclHySTtXlxAJwk9YOHOIHt9zSgDpvnykK_Rgus0nEC0ZgUQ2gqwDxqKRmtwqEYDPTtpbBYHL2t4-n-CE2wgtmK9mjA-Ih0Bhvamyo0D0lSYWgGVWw8UQkN3N0hHlHPgDUa8AKRsBw4YRH_FBZQc6Lswn8zFXKvuHN9KLUXtWhigjVNJFWVnSH7bLYwWd09i7cYmuKb7Km_jWZpSo_zHX1oZrDe7WGS4w4PWrZbpzCK9f0BJAvfYgYw5KbWWYn_tV0W4io8w_pV7THtiKKi_f6-EmX5nrd33HYK42fCcUmG6gTNAiJFFUBQnuPXWriOZMpYztEJMtbDkL1dMjYvutZ0s3cOrkItninwyd498ZHYe3N8Ea9QgkzkCLQPJl9bruotV1D2sF2NM-WWUXV_8BA4QrFzCno49xAGT-_4Wm98zumnlq_kKe9MJm35dFPGsFOtywHkMiUwxf4p0AHPJJNPpAji8GPjafL9_1fhvulqUPHj0_eGqd-PYU1_JbnGgVZO_fbG4D87cAoiVxMmoSb9IMtsQxF93P9gi1RBgA6c_lLNC13b6JDmrjjLKuyWhy-SuKpfvdqhUHe8gbkxZ_kjnCzqu-6Mo4atHv2a72J3d0PbdlDK1ArPWlqk5L4O-cQjAsRr1eDFKrZAtUf3SjBx-EWb40N2Ni410U3ZWJNIixSv6EoI3A5qfLabuf0QXQ_iPv6r2OuRGWMMp92KOwveJ9R8hyZCdWZFmqKzQR_nGKHbhB7u5ywqokrU8t9w1K9VXsn15KsaZnBzohO4-Pk76_SP8Qh1vmSqoXcspYz6YDQ-lnEL1cF6u2h7v7hRzddpRyEXtZGKFCTDKraA6z9bJTJn2DEjgXYWCvIpioiaW6A-xjDYPCpghJhp3d1hhjjfi3Sjm1c1xA3Wmrj35LYyC9vWzBpBuG9VVgBPai-G95LZIBp2NnayY3wen7k1qguXkciDnDI3vGuUZfw7o6Y8aReP973duUzd0zyqRTv7gl4beOppS6mKubk_aERQVEC9Sol1HrxCVa6t4mki1765xQF2z9CEqBPg4iqWoKpPWrJbakNpNoodZsfM_cguglWas8KK9zHWxKQNO-25WJ6SwTRcO3SEQV-BPHnS3wFAZru0R7e1S3GtzK1SvpvjmcZ29nrs7h0dBYA8h7Ryx2IUXqgPG1DfNVG_UK64NL_9KStoHB_HJs9EhsgxpHoYBN-_Z6V8kTqmy3frs-AJ5c7qMXCNG6iK4TdDoG0CosoE_h9W9kEwyo_vHfP6cW9y7ymX6AIA0MRb8oeEr-_miPU24cJktnsk1-mi4Fo6fXxQ_ir1XPOwglQR7SqR2yEzBPVyVqA5aQ5Vr6Q4_Bz-rHkgKW1hPD3TfZ0OiY0u9i8ilAOsc-ZzEHqDMClUvJjEjVk-LRuh4wjz5VHB9rGqDUExSJIjTsqnJOLrH6rTQF6sYPuyVWs_UxvnKKXVNr5qQ20C1--_FRBPs5lmnkNQoLvR5yBfDa1JlxkECo2YtD98rsMSeC3Lo4_xSxXtiEZyWjNFeSxmf4P2zLtK-pAlaGoMaxJbCwoKLb6J16AOnl-VvJ4H_o7_rf5l8iqvkPgcNzUv0YUxxbkv4wLO7MI41U3juLQAAydWByt6o4GldOD7tCTmixhYwfsvArM1_vwL0PQj0-wgXM42X1HbdaSI5q5cLLA0NiAibR0JGxSGuHZ_Fv3O1OLTHmF4IPoWFDSMMURi55fiz-992DYFrhbz85x1RMN2eHUjIQUWSYZm6mUMvQSLnwSbG3WJzeHzm_B7MEQiC5MpB1XVbwgmhBSlP5Q6Np_hGt7QcuLh_T-zRhaj3EsfFMYgguOhdNtGt9dAvkWQ5LtbIQtJ77z816mGc4mqsGSUVtwy2CtHL54HkiMJNxADU_bmLn066-91LBRStuDTr6wOb5QdAmI3A9fkIG76n6t_QyRy7K04mKgLdNZB7_XBFfHc-ZRWiCEEnDFKIUvG1Df0S00A2YPm26MXJ0OnEWgnX3pXvV6PPMrLIsXrPUUmj2YCsH6cO47lqO6FVblNAX4aDCb4QBqebI3hBCqfe1fRwXlii_9fbHJ9JtjsF3QGGcUtGs1optSMtqxSdSZQR6kO9wYUJM7m4Qy6bTZPHtDPL3F-1YVA0BaK-N4PADyDCE1rNbomQ5oNpyE41N0Jab_hvyPPDd-MPr4gwDcOgzXI2WrpcN3gB1CnEMWzgFQ4J-l7wYrBBSl2GR7Bx83C7R0XIWROsAT1SyXzd7RYQUp8OGXUcbCX5oYzumeOzVTl8K7iHMDmJjcnZRY2ktsaMkpp0ZADMYUMEZNLmnfEFCbXin-MJM8XOKjqcAuDCIYJ8BGDLF9fSLLXiGt2MOSpj9iC-1FGpvoTAptWssdlxb-JHcG4AQZ9JoaUC9SK_c1YqMOZ4bPEE2KzHyEadlkiAj7tB6lvkynh_6nL8kePYs9MBV6cxhA7dWFMpueKkn17mxOutNbDykMlkcvVCVChyIqq-VgXI5mYbiiUgNahTpdnp_1MnkhTmFnAqxl2ekszBZPUA0WDND5KjhpcTIlkdQMN_YRMlOvZgYu3gt6wAayEgOShdVK0OIvnbjHckghu7FtXrQVTxvEeTzSH7ODg06fnIBRrUzGYGfEKEF0O2rvyOGawdMumuYVvNtkal8-Tc5Aa8LKyoy9GH29n7vZsDpxL-0BiX5JSMjicOE4ldCJoY3J0LX_n72skQb8Z9ZRxHKHykzUseQXWp2t97tNUUN5Y5dq0CXYViEhK2SyDWDknQigNZfdViBCqMz4zgu-5BtyMjbQqzCmIW623IIRdaqsMv7DaYlmqlBUSmoja_k2HCdZEhL7t9liCzRtGm3Rp30NvaTgQFKfajVzEVCzPs4lLsbNJpLrFmU6kHwlW6BRIeij66kWoiD4Yx3j04eekvo0wlCxFSIS9NMZf90-mhVjuJbvGeEnNz7j-5E-VpM0VxceoZtRH5CiTRsZfJ8dUvVlisVRKQBLLvR5YfoOEk3050zaCs6NGgenRKMh4wEF6wM5AXaO23K47pCPHHC138tGu_mxAm2w5dLlu-LMusEkYnWaz8AzGc7y9hZuoqKLMWWP9m9ADR6cO6HYCaiBckG1rB8UCqPOX4d185UX4T_HNP3hFrXIMxDOwurX6GLQCSWqS8cUjmfFUNk2gQUHQRpVCAQSTwDICaaNq-Izz6zxkWywYtVA51b1HjEs_K7e2vpm0pJOxmG4Jp9xwsLuz9tMybWUBX8VnUGOlN1EPP9_MC7xj2IOQvCTZWjQAfPf-Rc0MOkYAWAB&bundleId=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C096 91 KB
23 KB 105ms
23ms Script
application/javascript 2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5920058
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 7BTt7YQiJxUUVmDUeoPJwA2NyNjiHAwmgIhUfaMBt0XVaK-41Z4zIA==

GET
H3 200 css
fonts.googleapis.com/ Frame 4C86 6 KB
706 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:15:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4C86 2 KB
822 B 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:09:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 4C86 23 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 10:09:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4C86 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:08:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4C86 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C86 202 KB
64 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:48 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 4C86 37 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FE2C 43 B
215 B 539ms
178ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c8985277-ad2d-bbc1-e794-f48fee1f98d1&tv=%7Bc:vgJBzI,pingTime:-3,time:52,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:360,h:280,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~360.280%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkY1M+11%7C121%7C13%7C14*.1474271-76103297%7C141%7C15%7C16%7C17%7C1811%7C1911%7C1a1,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:15%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FE2C 43 B
216 B 534ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c8985277-ad2d-bbc1-e794-f48fee1f98d1&tv=%7Bc:vgJBzJ,pingTime:-6,time:53,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:54,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~360.280%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkY1M+11%7C121%7C13%7C14*.1474271-76103297%7C141%7C15%7C16%7C17%7C1811%7C1911%7C1a1,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:15%7D&tpiLookup=ao:www.gaflaquiz.xyz*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD09
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

43 B
736 B

48ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNVpuoTpvI0n2h4IPIXGzc_bDxhlYmdfpRGjUuaC83nN1FlwTQOYRXCPTyLHhKkCxSDjvQogvKEloTFnygH8TNO6VMw2AiZ8McD6U1wDR9H-2seg-YKdw8KRZDGQqrBDjP-3bIJUJ8vEUB5u4fDpGVHk6kuXYBnxsDUcj9cUAZ904-81tWc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdqR9QH8EE2lJItjbIMTy%2F6qMKqiZvuAs8fwA4YiV2p5e7cVX09CBb8UYqWbMwoeSsPWjV7c%2BKlev%2F19oWCI%2BmVq1SIVNJnGUfYweSc%2F3WkVrMS0votfnenWLgz%2Fmysjk8M96hzR3GsKKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2a89ababe9bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD09
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXe4Mm3EOp3ikkf3ajvaAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

43 B
731 B

43ms
43ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNVpuoTpvI0n2h4IPIXGzc_bDxhlYmdfpRGjUuaC83nN1FlwTQOYRXCPTyLHhKkCxSDjvQogvKEloTFnygH8TNO6VMw2AiZ8McD6U1wDR9H-2seg-YKdw8KRZDGQqrBDjP-3bIJUJ8vEUB5u4fDpGVHk6kuXYBnxsDUcj9cUAZ904-81tWc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2RHLCe5VOgfOaek1lgdX61RM2Xz9Lv1Rj%2Bx2UEbalLbvrqWcBB2EYPXY9dTxh11hjBaIK7Fk%2F9l129JSfnEVm1%2BIFv5t6CmXjpyttjhETzLmF9J0L0TaDuBPGRym6F9bN1G1gSurob5xA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2a89afb119bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame FD09
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

43 B
841 B

30ms
30ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNVpuoTpvI0n2h4IPIXGzc_bDxhlYmdfpRGjUuaC83nN1FlwTQOYRXCPTyLHhKkCxSDjvQogvKEloTFnygH8TNO6VMw2AiZ8McD6U1wDR9H-2seg-YKdw8KRZDGQqrBDjP-3bIJUJ8vEUB5u4fDpGVHk6kuXYBnxsDUcj9cUAZ904-81tWc

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
an-x-request-uuid: 122fff27-c4ac-443a-9896-b2e9f2c89325
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD09
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
an-x-request-uuid: 1e2f2e6f-fc26-4ec9-a564-fa208dbc037f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D
x-proxy-origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3E2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

43 B
732 B

54ms
54ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNX2ABD-kQtjr0LkTAFY1BxCT87fjEjoU4aU8yiAMp8a_OzBwLFTRSb8QfQQdOmXWzaXFDKfaiKX2IsgZheiYjr-X1DEEBJOsGBneio2Gt_a22hqvWB_shpNm4nI_CX7Bbg1eBnoc71JfDw4xlJkgJox0NWSTncDrrKMnSQiM_p7TRNxN1g
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i78E39YXwNVxkwfITJPiML3TWTE2FapbQ6h3lQ8l3W%2BnvwdZwvq904UYDp5bgs19G8z3qC%2B6ltVUka8c2GEOPX0ablJ1Hf8a8vcCTkCNYD253rHCK0kjWvinN9FLJ%2BENw2D4Ltiqcg38rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2a89abac19bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3E2F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXe4Mm3EOp3ikkf3ajvaAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

43 B
734 B

39ms
38ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNX2ABD-kQtjr0LkTAFY1BxCT87fjEjoU4aU8yiAMp8a_OzBwLFTRSb8QfQQdOmXWzaXFDKfaiKX2IsgZheiYjr-X1DEEBJOsGBneio2Gt_a22hqvWB_shpNm4nI_CX7Bbg1eBnoc71JfDw4xlJkgJox0NWSTncDrrKMnSQiM_p7TRNxN1g
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJYJQfN0xbwEq2OVjyPMXJdbpc4pbtScLEcrRoXNPIQvvPXKbJRggSw46j9O0NvlXRK%2BE18ZY24l7SuPBZu%2BVjsfX8JkvTdnQLmqLWowG%2BgyrAZaflk8JM7bm6Sz3ELNUa2HnAk0sfI5OA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2a89afb0d9bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3E2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

43 B
841 B

29ms
29ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNX2ABD-kQtjr0LkTAFY1BxCT87fjEjoU4aU8yiAMp8a_OzBwLFTRSb8QfQQdOmXWzaXFDKfaiKX2IsgZheiYjr-X1DEEBJOsGBneio2Gt_a22hqvWB_shpNm4nI_CX7Bbg1eBnoc71JfDw4xlJkgJox0NWSTncDrrKMnSQiM_p7TRNxN1g

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
an-x-request-uuid: 52339206-f7de-46f1-b6ea-3b690f7a41f3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E2F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
an-x-request-uuid: 0d4228f8-953c-4ad2-8965-b4d56d0130ca
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D
x-proxy-origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6B87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

43 B
732 B

41ms
40ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNWWqbB_FPRI5kWSbuk4noPIahAfCC5DRSVhk89WYU7ppm5hjHCVffUOnrxxGHB_BjrboPixK2m_GCH3dw7-b_movoxzTwP1pZOyH1hdaVx7s5GD9_c9BOPw_y3yvJ6vFQuzY_SUlp7tYOuFa8mCq7xqocaCEmQTf_VsC3BSWV0tdosc60g
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfD7fcEY2Tp2bzxz6PrS35dmoL7vQ3sGG%2B6sqdmklMMAuYxpIZIj38d%2BAtCVeS3aCjJSMtefro9JogJeCtARNwglYRukMKMIeoYVOMhTN4ZXt4gIYEdG4YUnm54w1gYpJCk%2FjVz3bMnIGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2a89abac89bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6B87
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWXe4Mm3EOp3ikkf3ajvaAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1

43 B
731 B

37ms
37ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNWWqbB_FPRI5kWSbuk4noPIahAfCC5DRSVhk89WYU7ppm5hjHCVffUOnrxxGHB_BjrboPixK2m_GCH3dw7-b_movoxzTwP1pZOyH1hdaVx7s5GD9_c9BOPw_y3yvJ6vFQuzY_SUlp7tYOuFa8mCq7xqocaCEmQTf_VsC3BSWV0tdosc60g
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ag%2FmVxTJ59VoV0%2BKk0p1lfD3UZo1yT4woSuMPEUOh0ccqoIB8x1MmYrqW1ym0Mj8bFrnKZULmjjDGtggdhMprbUDsq5Hsplm050WfSK0uEED0q8NVZu%2Bx1KZg9Uann3ATd0q2GaUwZLDfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82d2a89afb0f9bbc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJpEFlIXYbrGyJOWV5XbVJc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 6B87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

43 B
841 B

30ms
29ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjPlIz8ATAB&v=APEucNWWqbB_FPRI5kWSbuk4noPIahAfCC5DRSVhk89WYU7ppm5hjHCVffUOnrxxGHB_BjrboPixK2m_GCH3dw7-b_movoxzTwP1pZOyH1hdaVx7s5GD9_c9BOPw_y3yvJ6vFQuzY_SUlp7tYOuFa8mCq7xqocaCEmQTf_VsC3BSWV0tdosc60g

Protocol

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
an-x-request-uuid: 4313aeb0-8fd6-49a4-9b72-eca9b5615586
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOEWvED7gsX02HrJZMYxbDI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B87
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
an-x-request-uuid: c6580893-eea5-4c49-877c-15ff0a78c07c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcwODkzNTMyOTgyODEzOTkyNw%3D%3D
x-proxy-origin: 217.114.218.22; 217.114.218.22; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2796 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An_PKAzWdcjhiwpW_SfAI2-_JkL_jmF1fSAF8kHFMv_M_pc6HxZSH4Ph5u2BR_hj1RVg6ELiKtwYJ9--LotPTpGGTqKNg80boNyo-xWFQqxizukL5aO51N6eNNjNn3xr1jegg_Czv2c26CyE5FrhpOIPZ9uDS6X7SJpucD-4t6PUgC1fc&cry=1&dbm_d=AKAmf-DFePaC72kWC398fo-nsAzdB-H3Zge4s8P65l-ZX9LgIkfZ3OC-Q1Tw8YGDZmWcfu-tTBm8P3YapOYmfqJ3s8heRQNbqnbPO8bWaIX9tl5qFATBKevuKXnUPgtHO0fmys71QDIwI1JPrNlaUHiM35DeFoO6s9lA4VQmw1xYHUNDasgJ8EBHI_xauicvGKg9cI8e0xvXpY2y8RiUpp889HR_FhjmMiVNt9tbgaL39IAcgQyALXxmts-l-ohIDkR8gViTL1T7vmLwgTpZ1R3H-l6w-gS0x6_Jija-W53MwRzZF2fpbCltgeAlLe2vaaIRSHWDyWB9ZXDjp4OhqqiHS5Pzji4MA_RXCMaK3s2Wfjtu2HM_heMLKjz5_T2I-jPbpNsbQrDjRGgs5L64bpqx14Ph8EwDMPAZEAF6EjSO_VfN_V63zDzgtOfa_95olC7thWd5yMciHHxqIk1rcw7R2GYKlqLndA6_SWNgYmL8PeB7WAyS7T3QI61X-Set2CpVG6qTwsjwxSnJZ33VezuyPuWvdjhlZi6i5Tl8ViNG55bcimL2VExSMTJWznc1qdx9x_qtjp0q3xQbatpvsU7udmE1M2OJUSG7qCefwyyauYwF1CdzXBhIxdOraiZkpSSf-7qRZIqvR2R9EVOImGGaXtHG8hQPcYBWMPc-eSYyKwSMtoXaB1oaNLM2kTi5iL8V37qMs-VxU6tEmEnSrQVX5wuT3ecLFxVxkx1gbMgxqBEhSBiwslbl6TdnqcBdJvVHzTKpzlqMPQ_UYzCop4ndlbLrM6n0fA07-UvH-nUf_X51Bhx_Odk0VLJgBFhvRZ-_r_er0sA6OPFE8SggKKLXY_4UtDWoCxDx7ioUO97PDGZmsq5Sa_MNLQw8dqv8cYKYdqKD_7zIqM4B1nI0oI0wYCwlvYaBcu1_-xUVhUtfRUd0lem95_fC_u3dbitBqcVmc_sm5LFmCZvMzrFv4zik5JmJ9yk4y9jRZDzGof4tq-3UhWNFYS--_Mu7mbTPCeP6o4qcSsRrcJWd2240g7hk2WdL6_aCTBPKdzu6PBKeJpSxXO2JQ_ZzGy0Ji14r1Bk7TcBEQIFZvcOK8umThZMXqueqxveOb0RDJBJ8mIEkTOxiUeoHtcGP0dSIXakl5Cil6cnjZvNOz_9Y2sCMnKpUOvPfjT3MNKs0MSZ2JGi-Tp61DMf5nDb9jNJCJ8A0W7UsXbISSsZiQTtbro6WJJD0bp0z9YV16t2EKtx2pXiniL3J4gWX35fX6DAOOy85gNYgXNz5FZquVbwWjf8cFOFkaBohM0GFCjCskpo7IhTz-RCUC7_pGuml0p0FxDKULv9Y21tA-TvraR7heCAzoD80mysBGnVY6DjL13S8fnSJcnCpCCxiQ-C_GxlCGgMgbqQ7moipjeH5qmQdJPVNIvWuCSQOggGgvl_t-LdZw-UgD6d2uHf4eMYrkK0XIti22krVyHaJvx1G9YiOhsv-kKOL6KiqBY4v6NCnYKqeCGPeNj_hObjekKGXeSD41fkd3eOreI5KF1kfz4bsMQmlZgAVYU2i9IkuYez8wED1LbmFhud_P7yJ95BXOeroBCxPLWabnuQHg9TpjTMfEEnk8MegmT1HsrXw9-_j2UL9M-Vz6uepbgg2pHg03BEM2IwA9uNZjCrk2gAkZ-MJnZqGwHnbTw_KnPBR5pZhGVfFRcrqQddofYcHJxpFVC_BD-FCN1EKN9GlxLsm34vHDmJEJA2pWI69uRYebSPPBk3FtejXzzWEsXlL7KSe_ApfqkOlRT_X4Cqwu6bI1L0qC05navn0i1T1LY44rp-FBF9nBnCDRdFvYOW9gS9EWQmVbLn8hQ_xCpsPqxPq8HNWN6nDINpAOvW6XhqIJWupIGBPRQDzbE7NKm2NT6V9eKKXH6Lhdww1ClEh5keYiW4RD8VNE1UciRyFcrr7gKjug02235YrGeb7TEi9yKhPfuYgPINc0HpdafspjGcLY18vXiVaf3vY_jEEwVB1wrcRVOMx027xAqhHki3rgQ7LjDru8hvzyzHX8ad4LzZ_ff1YuxLS--TVUqySdUADmlGmiLKKQ_O6b5fidrxM_4y1YcHAKOxcSlfrxPH7Cf13xaunjdeVrbHm2d5w1CNwwad2R4vLG749SG-eYKdL3fNhKTnHU9At-dEOsN5ctX1UTip0h9wp4TdNS6CB-ZcIQZ9_76Mpn4oLFjTDqWuEAVNHTAgFG2bVXIsTe03rs7etp-ip9TpCP3SaK5EPDWbsRhCgY0omUdh986CF4zyEr7NrMGjmzceRXgxMf3qiRiuhO2OUZAt6ROvCfxnsWKGHIKv4rRfIhlOSooxoS_rNSzG95KMEL3K9oQ0fIAaDICHuP89D14s4BH2Xb4ilrDUb393Sch4Q964-DtkcowbuOQmZwBeu99Wsl58n8l0OO0d_tllU0TkXxxVno0ZJxXrIrwmco8scv1DQd8p3P7Rykf8VpwqEMLt0XvBCKN7HeCE3uTE2bgy6gCmCHwM4sqQj2PDW2CURCEaehUtjjsv5TmHf-x_DVEIIG9EIk6GdkyspkPOqjG_ljaiibISdcbJ4nF_EQJ9ItD1F2kZiBpsnHMCzLocO8lYqSWsImYQU5wzsRdeq_8gAFDRrSA0BTRRYQRdiHx5Gkk6RKy5-82OsDr7RRcVIb3JEN_LOeZfJoP9lknRa_yyrR2JDuShG0qHB1cvqxsMQ_t3S1wSEFA7dl3Zdfs5oFH5tS_8p2NpR3p68AmsoUkjdkCFsrYFmuLl7elbz1pZvJYRUrEEV2xYSSzCqzfpKgkbsqSoR0l6pkOA23cq2PydMtWG0LZX31aEewY67J3f_aEJkxk6vFvMEncsL_0uowqFMsabVpJdbGky4O1s_wRFn6YARMJ0IszzumcKc9BPeRG8EAKXDROOMVvVGKku9R2kxa_KrV6GTUaniGBkCbAgWnB11T39rr3SJ_JhgbB9n3HhrocDda8xCsWcp2rEPgyf3ZqeDotm5aYdQtRyTihYVL_hQ2E63b-YJ38TMEFL-7_7y88n-om3vtc0b75zS5St5c03NQ4buOzcVDBwF5YpAfv8z4X96nz30HSm1gfM4C7mwC_Sj0CJmlpAp4_BxS7717dPP-AKC8V1DHwAkPbidKUdOLYfamT7T0H20nDtpAPCoBR9Jgjk_OMrnm6tu7XrJUZta_IlJt7DL_WpfaqWrhGfYDA3BDTkgBpAnC5-F5dL0E8iFEIK5tEC7wwih7Qpe3lm6YjrbgYN8nPdCOS0tUrxEpuwOyUnG5Sx7UB8cRLl3ev8z5XACh3eZ4wS1VLJc3hwIf4b5VvW0VwIGwkMwdrczSD5nyjry28EuRMyMfbycREA-vFUIu0ukxh7zwdCfXecVjP-DwJAX9ww4KVRojp5Jbbo0_uM4f8-geh5VFya3YHZKXUa1adSJW7CsJ57v2WrJzGDDdvCd1z3z9WP4NefNrR3Bhco0eJEBy4dcRoXebz27oRfThnxs-mMywbTeO3vebKhSa2DU1PenUvuhPKxretcFpy-9lTF3i6RN-TMu5c0jNrplnv2hqbzLgu9H-3jzvtn7DZ8zN3Sl6-63JybLHAPg4Imx6E3GTP0bsglMh0WriJNkgOOPOrAUgJYs0XKnd1tBLNC8PZNF5PCOOUFnmRlJBF-0e-BkGiZPfWl-bOydKe8usiD49ZnkgW9HmYpqv8-8GbbZGsV6UxoCy3nNGe5lGFoVbuWo9Ou-5tNU6gPSnTvWBEY&cid=CAQSTgDICaaNStIA2lharQ3kwaZfXmKkpk4Y7YeMIp5Y0-M5fPvfWIALHEMY3rtWktJTRaE7M4Ie9KST_TrZRbx3Y5KS2kg9QiduTG0VObnnORgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=5974193147930523000&adk=356101037&idt=150&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE3NTAwODEzODQ3NAogIHNlcnZlcl9pcDogMTgyNDc2OTk2CiAgcHJvY2Vzc19pZDogMzM2NTQ1NDEzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 2796 0
858 B 123ms
57ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE3NTAwODEzODQ3NAogIHNlcnZlcl9pcDogMTgyNDc2OTk2CiAgcHJvY2Vzc19pZDogMzM2NTQ1NDEzCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDEyNjA1ODkyMDk1MjU3NzMwOTEKZGVidWdfa2V5OiAxNzA4OTc2OTY3NTU3MzM0NjQ0CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMS0yOCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc0ODQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDg2MzgKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FkLXNydi5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9rbGljay13ZWx0LmRlIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xc609a60aeef815520000000000000000","13":"0xdc96607a738f84370000000000000000","14":"0xcef74da04684df550000000000000000","15":"0xcc97493d25356c560000000000000000"},"debug_key":"1708976967557334644","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"1260589209525773091"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FE2C 43 B
215 B 519ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c8985277-ad2d-bbc1-e794-f48fee1f98d1&tv=%7Bc:vgJBA1,pingTime:-2,time:71,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:917,beZ:918,mfA:920,cmA:921,inA:921,inZ:923,prA:923,prZ:929,si:932,poA:933,poZ:946,cmZ:946,mfZ:946,loA:971,loZ:972,ltA:988,ltZ:988%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:360,h:280,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:71,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~360.280%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkY1M+11%7C121%7C13%7C14*.1474271-76103297%7C141%7C15%7C16%7C17%7C1811%7C1911%7C1a1,idMap:14*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:15,sinceFw:55,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 2796 11 KB
4 KB 83ms
27ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1701175007517036&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6nBf395lZazHH8Cg998Ph5K-4AWm5b2gaYWVnKfJD_AuEAEgzf-HfGCVuqaCsAfIAQmpAgO3WWv6X7I-qAMByAObBKoE7AFP0ExO4ep_ejo3CNgmlxlt0jPFrozQw_9d8x3Jl7MmoIZneqS8_MpEu-bo4KgvmVidlbfabaf2jo6p77_sPD5xUOtAUpzrhvpsiB1djOGMgNy_Cz6H9gDaEb9njOUmdgMLMm2K41w6b822ORyT2_YJb84IWfnqxcktMQHljPgTcDTre8xF9L5LT3v9K9l3igydIr2n2wz5qyG54LNp1YaUs5nBBWPdXLL5l1L3jDo9utnT4Rbv3X7Dib-0t9A37rtaqdj1lVzniCRtJvvOx369EHJ4QJX1gpN1mWU4uiNmeZlEeb5eVH6awcF9KcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNStIA2lharQ3kwaZfXmKkpk4Y7YeMIp5Y0-M5fPvfWIALHEMY3rtWktJTRaE7M4Ie9KST_TrZRbx3Y5KS2kg9QiduTG0VObnnORgB%26sig%3DAOD64_24fUfVLbd7fF5gD1oHtqAYs_MNpA%26client%3Dca-pub-2462751652998210%26dbm_c%3DAKAmf-BxAiQs7zW-uW0agVvsgVJElD2gM07K3SLHODsjko4wycpOJoOSzAPiPaeh8u6JwgU4mgpl9gb4ibvrynHgCuwpPrYwo_vrcgvmsuzvR3kT0aDNkEzzc-LFe2wCsCUllEt1aVoikxIpvnx2if-Pd9Q4H2R4duHWdsWVvHYtb7_1qWxourY%26cry%3D1%26dbm_d%3DAKAmf-DGsPUCpKGZqG5b-GlsVXi4nudm4ibIJKXcg3KCptgQ5hcPHb12BlK-De3kqloylHqxIP3-8RtUECZk2V1rX05hVaCedo1xu0U3ex-DboypxtqTo4xYZD4BVRc6uULMfyFYf7fepDIZhkyHyf0JY3qQmUaWPKCUukjnUV0xLiJH1J1GR05GtIVbXn1Tc1VRpMLWTQ7xEhK61GeXXXacDNXoTUCLkY8C9ORxAsxzfMPJlE-W4Z6RE8FIZxxxwewswjh50lHyrBMmvClguV9lAMaN2dNiZ4rZN_lIOyCRjWfBPqXpm04ZC3Hlfvu4CxSWHJaQxfe0EGGo32fpWFDYBWq9lmFvP8LcW95Oh44SO9_uJkMjDWNLHDO48zuf0LyPCyG4klUQFcBmQerfiE1Vx-D21fFBX5ZtvO4QDkeZzvEDCzkP-SgXC3mfz7uJlIB2k2w3Q03k2pI03IKOKqkAFoBPgQis_KBRs3ZUAYHItzJgMTI_HBfBy7jVwpNh2HA-8IBTaQJn9U6MVtEk2w94tiafLYqqiSJMzzdQlNmaSM-YtRXD_WU%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=90&slotname=7951882379&adk=4164559049&adf=1839787983&pi=t.ma~as.7951882379&w=728&lmt=1701175007&format=728x90&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007196&bpp=3&bdt=328&idt=184&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=8115316249199&frm=20&pv=2&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 29f042d1345dc3f04bcca4098635ac350095f142d5742172f8e914f9e8ac9ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 12:36:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4160
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C2CB 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 245917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 74ms
22ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:29:33 GMT
content-encoding: gzip
age: 425235
x-guploader-uploadid: ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 22 Nov 2024 14:29:33 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 85ms
28ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 300296
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 82d2a89b195a3a4a-FRA
expires: Fri, 01 Dec 2023 12:36:48 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 145ms
71ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 Nov 2023 12:36:48 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 94ms
22ms Script
application/javascript 2600:9000:223c:ac00:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:ac00:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:30:08 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 401
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: _Qjs3PEmgO8ljYpX8Q2-LcjXs5XhRZDDIgPLiGql6aZepz4u9GZqow==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 79ms
20ms Script
text/javascript 2600:9000:2250:d200:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d200:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Tue, 28 Nov 2023 10:03:28 GMT
Via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 9201
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: vgoZQ64zj3I6oU_ESvBaWJ_oIRC2eHU-zRNX4kxU8b4WaZYJm3oypQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 86ms
35ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: MP5RZZWK6RM79EXM
age: 2245
etag: W/"d12fc51ceb66081fc72dabad6e4e0ded"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82d2a89b0dd730c6-FRA
x-amz-id-2: GqyrslHw5MjYdrFL4EIEkKlz99KkgvFiqZxMnlbINNigcqixCX3qa5LV4pln/apEh0o2bdz2fgVbTVmQ/Xvq+Q==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 80ms
24ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 17909
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: eTmgEbJ1fvRyXM6W57vyOjCn7reGfetlLwvVXlv4DTHAKjob1y3IKQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 85ms
36ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 7992195a88345570ab5c8fa4dbcb55c9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 69ms
28ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 30450
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230066-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfuWlWh3qIYwJHA%2Bmdx6DLtEGyrveB2Hfhxb2nLGlsWnbmLFa%2BxeFvtRyELQ4GEZvvBOIgeDBGS6eeCaTJetqk5W0Ot0W74yRLBqAOSHy%2FwQNHt%2BlB5F202tV%2FNbtIokbvBH6ezZpRssEw10G0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82d2a89af8be1917-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 637ms
637ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2450216882897498&correlator=1269962589124301&eid=31079631%2C31078018%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=26001828%3A22373938685%2Cz1_dfp_ron_display_companion_b_pre&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C320x50%7C320x100%7C300x100&ifi=9&didk=1850812150&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D8c50cf0ada69104f%3AT%3D1701175007%3ART%3D1701175007%3AS%3DALNI_MYfvkaD5v0ovZNobeQlOX-uF5DTJg&gpic=UID%3D00000ce156e9d58c%3AT%3D1701175007%3ART%3D1701175007%3AS%3DALNI_Mbr5oVkEQMtJHStzlgXhOm1cZX2QQ&abxe=1&dt=1701175008426&adxs=1010&adys=438&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&vis=1&psz=360x0&msz=360x0&fws=4&ohw=1600&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=true&a3p=EhgKCXlhaG9vLmNvbRioubqvwTFIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBioubqvwTFIAFICCGQSGwoMMzNhY3Jvc3MuY29tGKi5uq_BMUgAUgIIZBIZCgpwdWJjaWQub3JnGKi5uq_BMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRioubqvwTFIAFICCGQSFwoIcnRiaG91c2UYqLm6r8ExSABSAghkEhQKBW9wZW54GKi5uq_BMUgAUgIIZBIZCgp1aWRhcGkuY29tGKi5uq_BMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YqLm6r8ExSABSAghk&dlt=1701175006868&idt=1540&prev_scp=site%3Dgaflaquiz.xyz&adks=4280173973&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f47c55ec7912b9c5d35e1c6a4e645f4177f5ebedeb742bcb30e41c9b007810a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11403
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E796 6 KB
3 KB 125ms
55ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:48 GMT
expires: Wed, 27 Nov 2024 12:36:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B222 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3644458542965&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B222 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3644458542965&version=m202309260101&ct=76&x=1&cor=5481335514928095000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B222 109 KB
41 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BprWlrFEHy_gbuYh-yQG7QwWqEUEHeeQNE1gLxbtzR-hHNBDjVYTiItl_mrVDcsGWfA0d53cn0uFI6wmviE_VTHJWvOg9Nw9BazhMlPpa1OPkQcZazlOqhhPwguhckE45bJQxi7SZFxRdFJkBC-C5LW_f9VjX7169so0QB033ivnkx7xY&dbm_d=AKAmf-Du-oOd1wOs2oJWZimZilm61p0_IaVM3CJKWvRSe14npcAOlFhSsXxI3_mVWDwuX1s2JfBL6jGvlg4hIR7T-7AbwgC1bXM92ct2y3ZlcbvrF2B5_TFxwKinf_K1jIzelY2PFgzSXCVO3uzNLkHSlTyG4GtpffTxmTmpujNleeXQlSknOJTOwTGB11m4a55-Ztu3Dq42zMR-zg4y-gwZqb2zwkyWNwrwfnY6PZ8dqEbaeC7awU9cqIOnnumuzgHM2ydSY-UpZsNdYWhQtpkcr_Dlfah4TqtPIj0nvgQI7Zqwt20XFnjnUBQ2mcbw0ondr_rDloBQRbg3yxjWKtX-ksCbkwpefrchFtYT8kcC8o7JMj1dVxcNHH2LMemaHT3xmJN189WnsMVjSoDW6MzVrXGwni1PWPix-Dn1lDug35VGP2BojJpRTawRQ8yJv4elskctzGdWckOerP6T9OQi4RUDu5k5J_86C2CkraRfz0aB5K7IHA0-vFewFYMxsAmTRibCEbeiipLcxpvcsAM-6paiFhLI53tb2NnwaTRoUlonVH-WJpDPjXblYdN1KecdUCcwifwQh0Qt1ruNuteL6ncZsRVjuTfn4qs5xYGJ1grx6oDMpR91nUCY4_zstXBancOicvgnQ0n2T_0c79WEkp93EQSicFxnfYbCEpy8YQrboZXQ3JrEnmPaxX2rdYLMWJQPGX_7RrE7p38DDUX7jc1nVUX8NeQ-6L-qfgq6qZqpZQ91kXaSsM3h9t_JpJ-UIIDnm_fq0HA2Ephm8ne3QqCBFVVAxPu2bgQBUw_lDziS0GU3d5h-S71MBTrycYM1ediSOxBiQwRBG6fSsqRe4ZTDxTymI7qjQvsHDIzsa3odxyOwR49GVxvTOisd0XYeAMnGGuW_NCUnl6ZWEfTz3T5nsW5Vy3CRi7dP0rdy1CYjrKQmR-_8_dipZMsQuhgMfTGt-xAxcHHPC4xktRjPgFIcCoqoVVqwZ5W0QPxdk6bxWhpJ_hgY4s7Pu5p82OfzVGTYfqEIaMsAPRn39R8sy_B4C81JmMp1aIAFvRigirYi21QY13sPBUdBvh7LP9YiSyp2_d5gdHMnZqFqLjnDKXVO-eu2B8GtoguEUneaZTPp-4-wxhxbrtJX-ip7kwbNnYP-AU4K8_Ooj8hoEdJHYcReNDqhncO7PInbJEGLWkjcZOOnd-deBQ5ZDsQ2EpFayv_g3E52f1xep9TsB4dJzZKcwFLyzOnItK7oUfEDHj2wWKhezAX0i1iKiZLCbYiIOE8i_J5rAfqmFvk5H9aocoVzs1WoiDQ2pTIpeB2m5AKnJSKNTt1lTdeSG2bTnux0Cqg7IM6XuB_72gM4C7AbKyAaqFoYTP5mUElIwX_X7e7Fu1cn1Vuygd5cso8jGY2M9wjxbUsHPn29Sp_nKMxtqIhVTZM0hGixlc07gF8Nj8HPwQlWJoR2M6bkOzZjc2nIGfOV1khnI9kBo98cHPUwp1lTCpInsgeparVurMumjvc9bsO7-ePhFZJVjYnLVkSgDlqRnWXlFW8P5iU4g0AmL4kvOQoSBlZWige3796aJno2KBoHfvYWoCbzODn9L9wG1vgT-uywFiC2aeq2wgDPC6GPfB4hfEokQ8jgcnivp_3lA_q07rWDIIwLiRHsbDd6T94LIoxZVqusVXng4owztF7r3fYFQQ9Elev75AsTaHJ1J1uyyxYIoU7nDmHeofQ3gfowUoGKXhMoofzQPUu6_WGzhUioMnJXxHqb7zdVFeqaHCfBJBSvnCFJu4SEe9fDvHF7Zhr6i9IX35O7KBLROeEh7OFx3NBWH76t__oU1I8JVcFHJfb41_83xIuYsfrNqLXqrdLU88DiVFZrjIBN8-wbUbocV4_kd7uVXOo0P2io-jFvaGvLhmg-_5VAmgdfnKqyK-EK1HwoKqvvKdcjlsY0GHXuinLN43CNQNIC_4RUpXlEzb1rcFeHA6tyRIb5uGw5LFP4PrdQ5iAQQQHib_hX89OwDiSZhq7nsL7EdmwVL9WeCRQdXU7-C7Gepe6r-fWTUrlx-kceR0DrTTg7FRSmlm3ZiVeVGIqj1atXOJv26oUGZEROQ0fdbJv6fzek03d19L9rOasgMcirK6kElKzlQDHdrNGpEOBuoxMx3DFulIiI0pgNTp0-NhXip4wVJNNF_K-ApPLp822M_waaJiCV_YGTILGR8uSNnpXRT61_4JSQzPZaFbDLGsq_LPikuRkdRJG7cQ_kO7CZCigrG7h4Xpdf24vdb3Dhtx06Se4yIdJ0hxEKeMVgNwVHgo8AMKxGhiDv60mrNychu-mkVEZEMWsrB9mQMG5HVWvyZQf3t9E6goWXctzS00GowE7mQ4VOBnDdGXt-r3tn1mW23SbE0iVzCVM8RzEcgJCrRqYusSes2vKPviymm91H-fDoMHLWbBnFZpHBJ4q6dmP_eqNzJzCrMNqGuTMkyiSLjTW-bH5H7pRQ9qaxfVfiBNvKgtzmOk8rqYP5RWgbqblwQP-WqrO7_nS4Fo0fr3fOUiJVQgyqvlKn64uDXrIG3H8dX55yU7pO-uFx3D7cihyNkPfaefcDvxj7VNWQDFWJtNlvVj24bQmXjAhjn_TnfSCggsrCV9T5cyilclt3C_AF2PhCg3LAfPSDBNV-2hjr5sfBbCmcbjnUBrWUX8XmBiSGtELvmx6J1xA0qsZYAfQUhHBk03O8oQbLdxImBN3YGfZnx0hPAfNR1gkk4lO8-j4LfCRxbDVYFgsTPPhsuYj9NNry2xlN7mFsm7_Rgbq5dSDhGrXogT8c4sPflRLM21JJlC7uKDzx1n7_iE_uxY-rYUEIoFZmokB-ukq3ruTK7gWNJQTDBC3SGj2c1gQW5_dAsJvuWAtij9GHp-DeKh_P80ndua6tq5bco5M5R3XJKk2ttIHI1PNrRErd2eqbwB8rNepByGKY77DjnoavT2iGNgVtKQJWCguGNkUVcQ2NmQT-0OGA1nqL0uQQkMnI7X1QTP7oNMDcPvBlXFaDTe-6hYEzAUq4kv0sVvmE4v_IaF3zHZiVdr8yZW3CYeuhHbR445xVot12j7opMEpSSCf6G00UX3BxIJhgQeBUqoPqRupbbZwO5LKESjOb2Ph9-3ustgmhYW1Ugqsp3xyP57lTNje3-5u0MnmARML2LLl3pSKsElMzT6vPuZRBThgJOkw7y1U2dNIOVJRdtq0l6-DQYZaC5l9Mbfd4kVFsbaUYukRebeueEgUcfJuugxvzWl_usrba60iqcscb-u2oaQE2MV97_v5mryuSNr5RYuelO5ikfbuM8bN7hUnt-lCUw3pe8MoRkgYO7uv_qJh8J6KKmX8dgBh8HVeXHtaJCsMBVVbigYxYuhPDcXJBIoDotnufCAIvhxDtEiZPxHIJXSTvj12WbV5INaNYhQErF5hSJTo3ulrPHXrE8kvQYFnM8LiEapJWbUCXKTSKYGR54D5JpoCKYxRsPbdjF0xK5qRIcNF4Qnc_EVgqC9H4HNMXbhQeKOVgCpX-B_FbxsIANNE5M-TDL3cnsQiqYYQ9Zalu4YdterEIinUzSb27B1HlhLRo8obur9cdQqNjXOI8QGStzlZwXI2wAVJbuQt5QRfdGMMXNFD2iLd_rqg0spsypN53VmgSlEgGoIBiCDHM7gIaagAoR3-Nx0nul53PjSQFbod5JyJQvn4&cid=CAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=5481335514928095000&adk=1877897943&idt=172&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb253ae288b6ced99c1996343154a62c9487bd3532bde5d1bbcacf7a12244fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41944
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 61D9 38 KB
13 KB 20ms
19ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 245917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame C2CB 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 10:13:51 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBBD 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7472349828017&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBBD 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7472349828017&version=m202309260101&ct=76&x=1&cor=15279612539341615000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DBBD 16 KB
12 KB 212ms
211ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-YKbAYyEm326vjEtuSbyM_JJmjIV9xKKcD_EeGx7pJcKoUR9bl9ZKpDNN5PP7LUWBQBINnPI7lk8aBZmj8xuoGy4Gb-1se_aoUWMbxRXln54Fe10fN94p1UB1G8uHxFqnNZacwEs1W92BXcKL_Ac2FWHwn9CTFlEejM_M6t2ApZa21uA&cry=1&dbm_d=AKAmf-A63ymKOBjMTSaxNQx_bQa9Bm6-vfOnQzTVJH6u2zGo1qSGMopmdwhkfItOYTO92--Ia9UJYjniZWt2Vl3-A055xJBaiXy35v7avuA1gCWKh_silelFjsWYXk0rm9KGYb0IZAf7Z5cLNFrs_nvpoKJPYXcf2TFgmup0XM1ZxrgtAFdNSnRyytTPiAsb0JVR6V5VkyVsoRb5XjuObxb5cc_erRg9IS8eCMroJmLVmjiw1Pz7sJBB-G2GBrYcQwOBDMsJHR04sFoJf_0exm1N2Ythbxy4F9yPCAS25GAZflgByJeDHzVLJZ__JoSmAmL3ESJurVvjAdNJSGwPafx1ZEAGO2749aWDIXyNqmJJ6eYFGHD8LAzkeMKJ0AR5rTnlAKQOGGi6uM-m_uhCIHkhwNDWg0im_4DP3cxiJpF1WXDae2RSCJxj8Xi0MUCeMFUzDv1iRNy6mLDGzFoz9kzNLGiWC-0KpOctvhILx1lZDUMJQWned871nWaZrP4_sjo6sXXZguI9QARQ9vEDrHOpYNxFRxcLCPDbTYEd9EqUOdN4xPwv3RXFqPQN8Teg3BjRaWpIF95xyoiMV82SioZ4ILdUShJl5a7eqQOs7W6DUoQdWOO0KRI_G9IiDDlKDPN9dr-2W_lw9HBLMCvBEngCAA9_xUMwYsDGa6QJpgk1gQO-B7pKx0CChq0E-CyYCvUp57RGwYRXBs3gv5ybzTtwg2Bbm28ZIpaS7dKWfbk6G5cfgkehX9526dgVqjFVbEQA-RRcoRveD2ieaSDmZgCoBFHXitJ3_GMTxM3Mhjqi2quaxcCgsA6xlYiXYxSUZD00X6uSyNnbfkR8ROIPWaBIB0wgFd8dzRFJYPEYC0UPAGvE5EAzjyb7PqUwYsiZdgsQXheai6N5UURyhmv6qnZM-rYz40Whk7hum-iVrybAyNjjExD6Jn3RZap8ef10yHJuIMAnCAZlHN4yLEfgf2btFm2MrEPZ_kazwapq-GUDfZf_gcYlslUbqjtTUJn3nFiohO_HiE3OkCOgGF8UYvq3LT2zpR_tFZiJWBfd5QTbqHFMydBzufvAOI6BKhSDOQ8shvquOfI-WaODvY7jniG9YWiTxwyrWIP47hnErLGsfasPCxhYiNQpZu5ubnYnkNOrRj2mAB_e5ByP-gvRGAABEcBbZ2rRYaZzsCUc54dkP5D8nd1t9M-pMrSa7-y_UA6QBLZ_2GA7QIv6QTn8NHF09AzaFU2bDBhxa4nUegZYFdnNmerD0qTDpMXmMB3f5-6wEUN8yvWF_cQDyCgtI_PsMa1FWdnwEGsA5OKROzyse-kAJFwcR0SebXTa-vmXUyw_CbNK2BJ4EA_eWD_GuPTgao4aC2Ssk8waxQJo9V3-UN7Ntjoz6feEAMcIrLFWw3YtsvxvU4w1Jyvf8Oo1NnpcIYSjc2f1HL2RyURvdukwCnZy5eDWV9aXhwgttY4zy8gW3PNfaUhRe4mrO1pUtctFz6jSbBE6IfM8XXEgf5lJfistVFbK8hzeEHlwQmNUzrkHelBBfmCxrhwL_2u8lwJDHaUe55Wtad_gzmzb9GDBzEnRSF3bhHuQTdnLVk7UqtNGRCnoYSnmFvNplBPJTXtODPqwyHCSPWtB3bjmrpteAED7O9NNPbqBdLn06a-Jr-f7lGIG58ER_-d0Ua6wNu-r3GT04ozMCgqTRtMTHtJHnDb3BNqFs34TYGjS6Rf-xu9gADvcPSWsnGJyJ3YV8UQryqSnmnQO-ibXu34lZr1nkhcIKeSJVFIAZmnX3DDf2FVPOq5_mMsQeg3B1ffnU-OlTqjjvaxlHWC_QLul3Jd8Y9TFrI0pY8ETn6XUsn0p_DbATyA64e2dEIKpaQt0EXBJdSXdS2hdTILodQf4hEXv7Y-Ey7ZmeNcf2j-eZzW3FzpmhOmAVoZUD_g9XsPkatuOOPnEbPqlcPQsIYAvP1PYsLCgtrBOvaxQuckUO6rWrvWoR5Km3iiDRoeBT1S30o5kg5pM8HkWbeXFXFCuNjHBWLS-jlj5bU9v343HXYg-yk6RkN9wnsbQOsBj_wECkRmOTRh5dZ-WM2xdIS7gORiyidZCcumE8unorb3HpKdDhPDQsPF4Oie4kK-PIa9Dnt-LIjkx2peAOOevcZ0YAz-e7zAm5mkX-UEGP9YRlodUP_0J2IdNk1WSL9K_r31AhoMOz4DySTWZGeYzPyKtYR-Nf4113miXzAsEffP0QFeJ5ssDlJqKpynGI69Y5yUpyvrm5CSnrQaBgrDFFUt5uXZgH3SHVyN-w_nGrDBRE_5DOwSN3yQhi-ebCiom3hphQcbMHm4P9BbNjC0KaSQv_2xdR_KIQz7L5BSnV8mN0AWi0rHBzI1goDLZN69EQY_WsXWvScghNgpqeo_rm3xvpchMtcEMDmnGNBuPDSJIMPvbdRxNiqNAUQxkcteiSc6PocmrpFlWOfIZINy0tFR_g068vgon7Gu4a8xPKP2X2bgh6oopNEkRtO7MSeYFdTigwB9zAvgbnMzbBARhkHCPx6fzxXWousfUOMycIT4B_YQN8XaiAA91H9EIRy7HcnN7zOmpJpNwH1DfY5Xq8OOf6bStpTMqZQPaLeQuD7qe0pTS0_pT1w7q94gOCSVaX1i_yWyNrzCJBNDP_LHtlfjUeaokkPAIyz1FN4w60WNPUkuKLqDPQTJw5OQXVjOB3tXEqazsyrT7w8nSL6WLqLlte91t-JZvzzo5ryRX05_yqbC4-8hiD0SiBMyEkHVdAtZxrCCTkKM7-gYcve7nnXwLlZUmOBVBfLPkvNuW4mrXqsaRCAlcD7z_RJgsgj4kyeKt7qXYQV3tP70kvZp1MRH2r31ZBLQKMdIVTOaGsYfrDbyEBRcd5ykhyY87uHVkV3QzQXLhGi8txCkvIJyXV8N8uTDz9NVi32LJMuBKJL2uhNDv7wa0s8zHJ-42qd5ppp9LHaSOuWSMVGLMLnBdAUfOzMKMMIL2sRJdRxff8YaoPViRSjIGDAUPGryHj1ljk1j7YqKy4zSSs3k_5g&cid=CAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=15279612539341615000&adk=2085914665&idt=182&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1746d0f39d62722e598c64f983e1e1c3957253e80e2f15cb3a198093dbb0ecd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12449
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC18 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5811723281551&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC18 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5811723281551&version=m202309260101&ct=76&x=1&cor=8484764451639637000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EC18 109 KB
41 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BF4qOM1bpYjd0b7EO9HyKiYm2IP5pLi8Pc7gvwqwXNKRTiOawcr3U0MbV6fjy-IMgHhi5trMdBKybi93C6E8SM_YiOyYnZHbNaYH66tigmOOzQ1zgZW_X3iTfzMbEufIOq65PDnJvOgAzbGU31adbp3W4RVkFpyM_5Dsxzwvv4slT7L-M&dbm_d=AKAmf-BI8pabaOcg0gqpkFk72jIAHIUCk0oLbXTkLJZwpvE1JHjMGc4YtDEOp-CFaK6zktqrS6tGpzgEqb5HjGHCvZ7eXd1818E-uvwkliEiKyZB7PsiNgZgt8jGdkkLf14zuOLXAJvupG7T-BI1DObcHumluupVI-gx1bJ9JaD_fKDWcPuPBVw0vDpLb1tDCqCk50nOssFeQInSN19zVnOHcnVAdWmuEYdDjk5tJyqOYUVaUuQSAtLyt8gOLjO5BZo_7oTO3UHBlhJ45LnX_Y8soeFHELlStAT2B9DHepojEWcbr2sxt3VrQ7UfLgYzyDQoTwzCkEepoRA9dCVuyih0SUcV1uDkmGI9QBIPD5_atMHMPpka3oGjfpmvsRLgbEY1XZYhIBkf6xl5bQL9FNcNYS5NEQo44lWrCTait2U9pb0FPzzBk5OjdCoWxLzM5K85SSZL8XJCBDT1EfRjLo9eoGDucTCCjaL3qP01Gjt6UsYvCesOj1AbLKGe36kEMrfUxY8i1fAWg2BcZik2jOgMnrz9v9mKyJgas1USZIVXMCP2l2owGPYW_xLVKHMLusI52k8lhuF1Ph3hRbb20O_1Q8OK8Rsv7KuCraE1knC2NrpAm2yAKbii2iEWvGo3CxrE-xsoU5UFl3NXljgMbOBzFe44FCl2TP2-Yi2An_Fafrj22E2VXcFUgSm0-Cd9xBZaNi5UUMkobU1qQjZTKCWdtW2oLEvPQVqjNjex7MzYQYEPCiBwgL-RD5CL35pn_hWCsZ9fhYzLYMfar2YgZ2XRHf0HKn_Az72HBA5376lxmzJd3toO-6sMhR2j8gTTYUwVZAnGnTmZ32fYAroznZChZALpFwf7eOEP0kqjCm_6gXG_yS4KC-43hXMKiGJrKKTHUNq6lslKYY0a7YZOuTfyswqbRZ3ZgYNZ7kQPvr8dIDngspcreEUNG6T3fFwj8ZR1pDE2vJbcLd_TO1lRbucj9Y0SschkgxDxnFji1fILNXjMQnyFCZni8a96-YTx2QKrohsW6laNPJcbpnc3wLsbayHtw-hOPmhfAm-A4rk-Ce9w3of2ZouaC-Q6JCvoYsGjQ6SKYTGzlblKHg5l5OcPMTOXlqLxQ-NSr5g9wGtNM1o1KaQkUEMXBa1emKgBEwx82anUbygLszPtenz0YbwdcB5M8StqYuwTmNpkFdalcLrsGaQsYjyejdHI4MozTW6M5IcjQ-iMyexA-TbGVwG4VwLPBJCXlHuA1lPTNl3f04WPa0qTIo4rlW2I0vi8_qXo_KV-IdP4seJFtGGyalDFuBfLtuz8H6wpIC59XvtBkTH3DRXV9hSNb29qTVtlX8kDGpj-3TOFcoBsqr61EUVitqq7OSbpoUgUJCeRzr0Nau5MxcgwvAesYSDeUiTvG4iiS1yfhbzBGT8Q4JHsLtZoG9hjdI01MzLK1ibNx0Spb4x9L_jXJWoox4M3__T2H5Nv1RE7TBWGtjSHo-viK0mDwKj83bke2OkBuVFYVcTt6YFmWm3HjyE0DkSPKY51vfHFJj4Fa7EFSYigfbIu_dTbSLt68Wk594vofccgO78kYeYNAMIhLwubwkg3K84RRtce0NIOylVKL114XwCtjrfut9opLLzLGL6_Sr7YiEd50V6DImmi370yxu7V9Yxw-Lq-GUMCt07SwehFZ2hZMr6pxCT2Pg68825chYlM3gCs_SnzTiLUYSdTbh-Pg6EkDhelbGVJ9pTX6IJ-0cE0J0SGtK5yGecsI1CJE7GY7cTLkgCI6s_-RU-xmnEm0y5PGFURZoJMiuLXAe_nneJB6-uNWeOEfzwIrrI-nZU17tzY__rAXXFPmRPSOEFFKFF3sMTfewp1sdD__8PGWIuVvhGW4zCnonqgjz9YaPQXGyg_RTE_u1VVxJLl3palg6l0iNYoLKRXyYWYMDHw-nMoASrKDHpI0O2F8BcEyDGyz5mQgcFJsaipBEb45ZcLP7Eh1TPjJeQ6nbUe0Ci52gXFNoPyzXQnmUPdwOwmi5dMKX5h0J0bijHaPLXl5-KqnWF8NVWx5tRb6k5lyE6pnD-RM9LvxHk7_Qpx-KX5KL9g2_OFYS9SLa79NLG-aFuhwuP4pC67dacWzi9Xg2Sa-Am0StTJVnRKVR1ws-Z-0gG19zWebKaKssh29aoHRC5vQt38Ci6DOJggBqMrvSO9MFDME-T5TxQc12gwxA9TbF72diHEDKRq0BjwGdvWkmAzpc_Qt9BFFm_SMK2KE8KgjFjwkey_42sJAwVGzdBW5BSPXBBnABpLst4H_HhvcLThAzJWxKCr2wehiirJTDqzFrFzm5jw7liFVt4qvOR3Vcvp75pD3ZSCh4bsx1k_QnEFhcUDYQ7Lzinou0DmJxqwdDJADyoC02shjCoSJNDPporA7opnyJeHfU6AyT_z5d3APTkiiM-HsQzLnG4Tb26DY3k0rXWUwZKj4Zc9R3Bp6bhii40DkCKtHsSGeljIiEbycDKfrNpET8c9F0v_xfS8IDCmbMJqmUD93GNS-tE60ig3wcZyZnYja-DywZpkAi311PaWc1Ne-k7jLB1QTKPqX2aP1NZX79ayxI5ZaHTOCKFpP2l8YOpgHOxURT3OvXFX0goxRt6mH5SFgI_IRNufEAmi-aH5yB46cKvBSIzOnno-gdl2ORLDFvZIc6NONXlqxMllXqFfHGrYQivDXjU3VuvwmaR8BEexVIWALdCm2HRDuSYw5PchGjAs-1f3Ft4HurS51YlF9oi6tojOZIu42jXigvSJp7eemwiyCAhXKsNESwA1vkaJ4d6vuYmi-DgToF1so7l0sIhXsxpIfLLK8Yz2ktZLtZq6X5cXo71IcNHv9L6_OwueSgQJXu_QR_2ThuHeqL9MwZM5wZqpGlx8sbjUw9U34hse1l8SJRlKcuvA2UF2rapQyUJLsCHZoKJVl5743xzyue2RcAnu0G-JJrpexMiIYsrzXjLTMOD2ZnfDChAJtK1uwTWATyrEt6OgMAJjxCGMBd_go0FjnflcWaxDIm_2MwYXTVvsDX2-g7MEHDIXtuvGIJVobnXEbNjy0BLRtpiH2KwXloHPz-AfOsFJoKq1Qcn84mTprgzcdEcU1mhhTBRlIFR6xXCLZWTzYB3SqbOVAcMUhpEhaIBynmUurc3gByl_RbA3Z6b4VmhaYobo_knpYWY-bEBCn4RqoOo1wbvw-JtIrfQ5e4ivK3o8xqmICSdFLZNFzBHh-oLE7hh4gVMLy91STZRTSuCeXIIVLZPyjxAf-XKpxLWPtGnZS-QsLHQaafKkRYxO7441lnkzxB5aYro3iIxGGmDmt_lxyhLeLaIv_U1e6vc32ZYOjuLJ1W-cQSRTotfJYTkjciY_GFXXcyLguDTcFjCnZnvAPlexZZZHXWMUyOJh3xG_yF6H-eDEBF1JvgnDO0EDphGRiUH2NfswhioQNQ4kvrJaEUqLubsef3EPwKqM_kT8EaezIbXBwHUTmPr1nIMEQiwQUgcDS4StCKGnUFEhvXgXfRc4_CQ7fa2MLT7SWORW42-hbaBl-yxXgkQLmaqV5swk4Bbk5HX64oBpGS2VyrT2aBSVK7iOwojZ4gm47ODd8UoDF1d7yR4OQqU1Mnp6fZM2MZh3Xh_HoNlVKGc4Tta9ZPZTKNXgGXpKlgF10qFSS7YvIOrraVGjbvCRBTPYDHoxKSATXouCn6w&cid=CAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAQ&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=8484764451639637000&adk=929882891&idt=212&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e91c75e5bc4d41136139358f680cadb41cd8bacdafd607abff249e72bb9d7c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42201
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal90008.redintelligence.net/ Frame 2796
Redirect Chain

https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5fc4a1bda9&subid=&uid=b28443de6e5a6079&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5fc4a1bda9&subid=&uid=b28443de6e5a6079&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

183ms
130ms

Script
application/x-javascript

138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5fc4a1bda9&subid=&uid=b28443de6e5a6079&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6nBf395lZazHH8Cg998Ph5K-4AWm5b2gaYWVnKfJD_AuEAEgzf-HfGCVuqaCsAfIAQmpAgO3WWv6X7I-qAMByAObBKoE7AFP0ExO4ep_ejo3CNgmlxlt0jPFrozQw_9d8x3Jl7MmoIZneqS8_MpEu-bo4KgvmVidlbfabaf2jo6p77_sPD5xUOtAUpzrhvpsiB1djOGMgNy_Cz6H9gDaEb9njOUmdgMLMm2K41w6b822ORyT2_YJb84IWfnqxcktMQHljPgTcDTre8xF9L5LT3v9K9l3igydIr2n2wz5qyG54LNp1YaUs5nBBWPdXLL5l1L3jDo9utnT4Rbv3X7Dib-0t9A37rtaqdj1lVzniCRtJvvOx369EHJ4QJX1gpN1mWU4uiNmeZlEeb5eVH6awcF9KcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNStIA2lharQ3kwaZfXmKkpk4Y7YeMIp5Y0-M5fPvfWIALHEMY3rtWktJTRaE7M4Ie9KST_TrZRbx3Y5KS2kg9QiduTG0VObnnORgB%26sig%3DAOD64_24fUfVLbd7fF5gD1oHtqAYs_MNpA%26client%3Dca-pub-2462751652998210%26dbm_c%3DAKAmf-BxAiQs7zW-uW0agVvsgVJElD2gM07K3SLHODsjko4wycpOJoOSzAPiPaeh8u6JwgU4mgpl9gb4ibvrynHgCuwpPrYwo_vrcgvmsuzvR3kT0aDNkEzzc-LFe2wCsCUllEt1aVoikxIpvnx2if-Pd9Q4H2R4duHWdsWVvHYtb7_1qWxourY%26cry%3D1%26dbm_d%3DAKAmf-DGsPUCpKGZqG5b-GlsVXi4nudm4ibIJKXcg3KCptgQ5hcPHb12BlK-De3kqloylHqxIP3-8RtUECZk2V1rX05hVaCedo1xu0U3ex-DboypxtqTo4xYZD4BVRc6uULMfyFYf7fepDIZhkyHyf0JY3qQmUaWPKCUukjnUV0xLiJH1J1GR05GtIVbXn1Tc1VRpMLWTQ7xEhK61GeXXXacDNXoTUCLkY8C9ORxAsxzfMPJlE-W4Z6RE8FIZxxxwewswjh50lHyrBMmvClguV9lAMaN2dNiZ4rZN_lIOyCRjWfBPqXpm04ZC3Hlfvu4CxSWHJaQxfe0EGGo32fpWFDYBWq9lmFvP8LcW95Oh44SO9_uJkMjDWNLHDO48zuf0LyPCyG4klUQFcBmQerfiE1Vx-D21fFBX5ZtvO4QDkeZzvEDCzkP-SgXC3mfz7uJlIB2k2w3Q03k2pI03IKOKqkAFoBPgQis_KBRs3ZUAYHItzJgMTI_HBfBy7jVwpNh2HA-8IBTaQJn9U6MVtEk2w94tiafLYqqiSJMzzdQlNmaSM-YtRXD_WU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ancestorOrigins=https%3A%2F%2Fwww.gaflaquiz.xyz&random=8772794025753&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=90&slotname=7951882379&adk=4164559049&adf=1839787983&pi=t.ma~as.7951882379&w=728&lmt=1701175007&format=728x90&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007196&bpp=3&bdt=328&idt=184&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=8115316249199&frm=20&pv=2&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195
Protocol: HTTP/1.1
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9ef61f64c59ab09b4c42ae1c91674f17f25f93ad2876c6a64bffc5883216c63a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 12:36:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 97448700089785004444550012522008
Connection: close
Content-Length: 1350
Expires: Tue, 28 Nov 2023 12:36:48 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 12:36:48 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5fc4a1bda9&subid=&uid=b28443de6e5a6079&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6nBf395lZazHH8Cg998Ph5K-4AWm5b2gaYWVnKfJD_AuEAEgzf-HfGCVuqaCsAfIAQmpAgO3WWv6X7I-qAMByAObBKoE7AFP0ExO4ep_ejo3CNgmlxlt0jPFrozQw_9d8x3Jl7MmoIZneqS8_MpEu-bo4KgvmVidlbfabaf2jo6p77_sPD5xUOtAUpzrhvpsiB1djOGMgNy_Cz6H9gDaEb9njOUmdgMLMm2K41w6b822ORyT2_YJb84IWfnqxcktMQHljPgTcDTre8xF9L5LT3v9K9l3igydIr2n2wz5qyG54LNp1YaUs5nBBWPdXLL5l1L3jDo9utnT4Rbv3X7Dib-0t9A37rtaqdj1lVzniCRtJvvOx369EHJ4QJX1gpN1mWU4uiNmeZlEeb5eVH6awcF9KcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNStIA2lharQ3kwaZfXmKkpk4Y7YeMIp5Y0-M5fPvfWIALHEMY3rtWktJTRaE7M4Ie9KST_TrZRbx3Y5KS2kg9QiduTG0VObnnORgB%26sig%3DAOD64_24fUfVLbd7fF5gD1oHtqAYs_MNpA%26client%3Dca-pub-2462751652998210%26dbm_c%3DAKAmf-BxAiQs7zW-uW0agVvsgVJElD2gM07K3SLHODsjko4wycpOJoOSzAPiPaeh8u6JwgU4mgpl9gb4ibvrynHgCuwpPrYwo_vrcgvmsuzvR3kT0aDNkEzzc-LFe2wCsCUllEt1aVoikxIpvnx2if-Pd9Q4H2R4duHWdsWVvHYtb7_1qWxourY%26cry%3D1%26dbm_d%3DAKAmf-DGsPUCpKGZqG5b-GlsVXi4nudm4ibIJKXcg3KCptgQ5hcPHb12BlK-De3kqloylHqxIP3-8RtUECZk2V1rX05hVaCedo1xu0U3ex-DboypxtqTo4xYZD4BVRc6uULMfyFYf7fepDIZhkyHyf0JY3qQmUaWPKCUukjnUV0xLiJH1J1GR05GtIVbXn1Tc1VRpMLWTQ7xEhK61GeXXXacDNXoTUCLkY8C9ORxAsxzfMPJlE-W4Z6RE8FIZxxxwewswjh50lHyrBMmvClguV9lAMaN2dNiZ4rZN_lIOyCRjWfBPqXpm04ZC3Hlfvu4CxSWHJaQxfe0EGGo32fpWFDYBWq9lmFvP8LcW95Oh44SO9_uJkMjDWNLHDO48zuf0LyPCyG4klUQFcBmQerfiE1Vx-D21fFBX5ZtvO4QDkeZzvEDCzkP-SgXC3mfz7uJlIB2k2w3Q03k2pI03IKOKqkAFoBPgQis_KBRs3ZUAYHItzJgMTI_HBfBy7jVwpNh2HA-8IBTaQJn9U6MVtEk2w94tiafLYqqiSJMzzdQlNmaSM-YtRXD_WU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ancestorOrigins=https%3A%2F%2Fwww.gaflaquiz.xyz&random=8772794025753&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 28 Nov 2023 12:36:48 +0100

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame D389 38 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 07:37:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 277157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 07:37:31 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame FE2C 111 KB
39 KB 80ms
20ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame FE2C 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DTJfZuu1nVZBC2aprBXKb-3ZFSdulTYrftp9jmGGQRUl1up5gR7GaFi9872j6ZNbAx92aWkPUe--Wk9NPGhHwpu5CyrxoPwy2W1khgTr3U_0Wr2H7Qlcrlr6_m98797kXjUpPvFVJvm3ZAxwO59GE-qxG_XuWugqAdvmskBYOsrrgsoRYS-RQAoCZ_4LkOtTZwUYJC8WH-z4oal2al94F2LCeqAmkPBQ9kET9LMDCrHdR7xnyzp-0-PXyB7AMq7xGxzhES8nQwTdTCiVaqxsKrc8znqKUgVo_wW-ymAE871NOuy_ybWh_xvancMr1yJyhNydSicuYRKStr1fqaZ72tSRq--iT5HSVWt5ewW784HJjFfw2N86u9mSTvFHAc7TlyUvG3lZoDj2fzSLgn6holYWzOfA0r8Ew2i0ic7babhGNQFhLDB8xWbz_q15yh5IOIKhXJWAGI2eRwfh5aU7jgBPvLoB1QWUtIHBwHY8GSqy4fKRyxGYzgcFFnaXHMPzyJ5M7LG61tbzW-Hj3tFiUi3Q-Y7pLbG5uySgkcJYDCSfHfi7fNbskceSI1BoKclHySTtXlxAJwk9YOHOIHt9zSgDpvnykK_Rgus0nEC0ZgUQ2gqwDxqKRmtwqEYDPTtpbBYHL2t4-n-CE2wgtmK9mjA-Ih0Bhvamyo0D0lSYWgGVWw8UQkN3N0hHlHPgDUa8AKRsBw4YRH_FBZQc6Lswn8zFXKvuHN9KLUXtWhigjVNJFWVnSH7bLYwWd09i7cYmuKb7Km_jWZpSo_zHX1oZrDe7WGS4w4PWrZbpzCK9f0BJAvfYgYw5KbWWYn_tV0W4io8w_pV7THtiKKi_f6-EmX5nrd33HYK42fCcUmG6gTNAiJFFUBQnuPXWriOZMpYztEJMtbDkL1dMjYvutZ0s3cOrkItninwyd498ZHYe3N8Ea9QgkzkCLQPJl9bruotV1D2sF2NM-WWUXV_8BA4QrFzCno49xAGT-_4Wm98zumnlq_kKe9MJm35dFPGsFOtywHkMiUwxf4p0AHPJJNPpAji8GPjafL9_1fhvulqUPHj0_eGqd-PYU1_JbnGgVZO_fbG4D87cAoiVxMmoSb9IMtsQxF93P9gi1RBgA6c_lLNC13b6JDmrjjLKuyWhy-SuKpfvdqhUHe8gbkxZ_kjnCzqu-6Mo4atHv2a72J3d0PbdlDK1ArPWlqk5L4O-cQjAsRr1eDFKrZAtUf3SjBx-EWb40N2Ni410U3ZWJNIixSv6EoI3A5qfLabuf0QXQ_iPv6r2OuRGWMMp92KOwveJ9R8hyZCdWZFmqKzQR_nGKHbhB7u5ywqokrU8t9w1K9VXsn15KsaZnBzohO4-Pk76_SP8Qh1vmSqoXcspYz6YDQ-lnEL1cF6u2h7v7hRzddpRyEXtZGKFCTDKraA6z9bJTJn2DEjgXYWCvIpioiaW6A-xjDYPCpghJhp3d1hhjjfi3Sjm1c1xA3Wmrj35LYyC9vWzBpBuG9VVgBPai-G95LZIBp2NnayY3wen7k1qguXkciDnDI3vGuUZfw7o6Y8aReP973duUzd0zyqRTv7gl4beOppS6mKubk_aERQVEC9Sol1HrxCVa6t4mki1765xQF2z9CEqBPg4iqWoKpPWrJbakNpNoodZsfM_cguglWas8KK9zHWxKQNO-25WJ6SwTRcO3SEQV-BPHnS3wFAZru0R7e1S3GtzK1SvpvjmcZ29nrs7h0dBYA8h7Ryx2IUXqgPG1DfNVG_UK64NL_9KStoHB_HJs9EhsgxpHoYBN-_Z6V8kTqmy3frs-AJ5c7qMXCNG6iK4TdDoG0CosoE_h9W9kEwyo_vHfP6cW9y7ymX6AIA0MRb8oeEr-_miPU24cJktnsk1-mi4Fo6fXxQ_ir1XPOwglQR7SqR2yEzBPVyVqA5aQ5Vr6Q4_Bz-rHkgKW1hPD3TfZ0OiY0u9i8ilAOsc-ZzEHqDMClUvJjEjVk-LRuh4wjz5VHB9rGqDUExSJIjTsqnJOLrH6rTQF6sYPuyVWs_UxvnKKXVNr5qQ20C1--_FRBPs5lmnkNQoLvR5yBfDa1JlxkECo2YtD98rsMSeC3Lo4_xSxXtiEZyWjNFeSxmf4P2zLtK-pAlaGoMaxJbCwoKLb6J16AOnl-VvJ4H_o7_rf5l8iqvkPgcNzUv0YUxxbkv4wLO7MI41U3juLQAAydWByt6o4GldOD7tCTmixhYwfsvArM1_vwL0PQj0-wgXM42X1HbdaSI5q5cLLA0NiAibR0JGxSGuHZ_Fv3O1OLTHmF4IPoWFDSMMURi55fiz-992DYFrhbz85x1RMN2eHUjIQUWSYZm6mUMvQSLnwSbG3WJzeHzm_B7MEQiC5MpB1XVbwgmhBSlP5Q6Np_hGt7QcuLh_T-zRhaj3EsfFMYgguOhdNtGt9dAvkWQ5LtbIQtJ77z816mGc4mqsGSUVtwy2CtHL54HkiMJNxADU_bmLn066-91LBRStuDTr6wOb5QdAmI3A9fkIG76n6t_QyRy7K04mKgLdNZB7_XBFfHc-ZRWiCEEnDFKIUvG1Df0S00A2YPm26MXJ0OnEWgnX3pXvV6PPMrLIsXrPUUmj2YCsH6cO47lqO6FVblNAX4aDCb4QBqebI3hBCqfe1fRwXlii_9fbHJ9JtjsF3QGGcUtGs1optSMtqxSdSZQR6kO9wYUJM7m4Qy6bTZPHtDPL3F-1YVA0BaK-N4PADyDCE1rNbomQ5oNpyE41N0Jab_hvyPPDd-MPr4gwDcOgzXI2WrpcN3gB1CnEMWzgFQ4J-l7wYrBBSl2GR7Bx83C7R0XIWROsAT1SyXzd7RYQUp8OGXUcbCX5oYzumeOzVTl8K7iHMDmJjcnZRY2ktsaMkpp0ZADMYUMEZNLmnfEFCbXin-MJM8XOKjqcAuDCIYJ8BGDLF9fSLLXiGt2MOSpj9iC-1FGpvoTAptWssdlxb-JHcG4AQZ9JoaUC9SK_c1YqMOZ4bPEE2KzHyEadlkiAj7tB6lvkynh_6nL8kePYs9MBV6cxhA7dWFMpueKkn17mxOutNbDykMlkcvVCVChyIqq-VgXI5mYbiiUgNahTpdnp_1MnkhTmFnAqxl2ekszBZPUA0WDND5KjhpcTIlkdQMN_YRMlOvZgYu3gt6wAayEgOShdVK0OIvnbjHckghu7FtXrQVTxvEeTzSH7ODg06fnIBRrUzGYGfEKEF0O2rvyOGawdMumuYVvNtkal8-Tc5Aa8LKyoy9GH29n7vZsDpxL-0BiX5JSMjicOE4ldCJoY3J0LX_n72skQb8Z9ZRxHKHykzUseQXWp2t97tNUUN5Y5dq0CXYViEhK2SyDWDknQigNZfdViBCqMz4zgu-5BtyMjbQqzCmIW623IIRdaqsMv7DaYlmqlBUSmoja_k2HCdZEhL7t9liCzRtGm3Rp30NvaTgQFKfajVzEVCzPs4lLsbNJpLrFmU6kHwlW6BRIeij66kWoiD4Yx3j04eekvo0wlCxFSIS9NMZf90-mhVjuJbvGeEnNz7j-5E-VpM0VxceoZtRH5CiTRsZfJ8dUvVlisVRKQBLLvR5YfoOEk3050zaCs6NGgenRKMh4wEF6wM5AXaO23K47pCPHHC138tGu_mxAm2w5dLlu-LMusEkYnWaz8AzGc7y9hZuoqKLMWWP9m9ADR6cO6HYCaiBckG1rB8UCqPOX4d185UX4T_HNP3hFrXIMxDOwurX6GLQCSWqS8cUjmfFUNk2gQUHQRpVCAQSTwDICaaNq-Izz6zxkWywYtVA51b1HjEs_K7e2vpm0pJOxmG4Jp9xwsLuz9tMybWUBX8VnUGOlN1EPP9_MC7xj2IOQvCTZWjQAfPf-Rc0MOkYAWAB&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20118583893&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0g7PQ8r_W1GGJQIOqhpKqR2&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2462751652998210%26output%3Dhtml%26h%3D280%26slotname%3D7647785186%26adk%3D3458766646%26adf%3D734745017%26pi%3Dt.ma~as.7647785186%26w%3D360%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701175007%26rafmt%3D1%26format%3D360x280%26url%3Dhttps%253A%252F%252Fwww.gaflaquiz.xyz%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701175007200%26bpp%3D1%26bdt%3D333%26idt%3D198%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C750x280%26correlator%3D8115316249199%26frm%3D20%26pv%3D1%26ga_vid%3D344698243.1701175007%26ga_sid%3D1701175007%26ga_hid%3D2132356980%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1010%26ady%3D118%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C42531706%252C42532524%252C44809315%252C31078301%252C44807764%252C44808149%252C44808284%252C44809054%26oid%3D2%26pvsid%3D2450216882897498%26tmod%3D708313881%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D200&adsafe_type=d&adsafe_jsinfo=,id:c8985277-ad2d-bbc1-e794-f48fee1f98d1,c:vgJBz6,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-kvnrs,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tWUkY1M+11%7C121%7C13%7C14*.1474271-76103297%7C141%7C15%7C16%7C17%7C1811%7C1911%7C1a1,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:15,oid:cc0b729a-8dea-11ee-bb56-56c29d3db588,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:35:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame FE2C 31 KB
12 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 04:49:49 GMT

GET
DATA 200
OK truncated
/ Frame FE2C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f57eeeff70e24baf0bc00634fcf662f5bcd2e19a891b5226dcbda0084304411e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&rid=esp&cc=1

85 B
203 B

131ms
131ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&rid=esp&cc=1
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 32b99b7648cc880c2c70ea717245a86a853eabd2f305af8db1027535677b9c4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-EpKhvVTPgccSDBVcpl3oPXPnhyE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gaflaquiz.xyz
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.gaflaquiz.xyz
location: /esp?url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 61D9 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 10:13:51 GMT

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
215 B 83ms
24ms XHR
application/json 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://www.gaflaquiz.xyz
content-type: application/json
access-control-allow-credentials: true

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
233 B 78ms
22ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gaflaquiz.xyz
date: Tue, 28 Nov 2023 12:36:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 50ms
50ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpibod9p&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame DFF1 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 22:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Nov 2024 22:32:49 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-4g5e6nsy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame DFF1
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
https://r5---sn-4g5e6nsy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

109ms
22ms

Fetch
video/mp4

2a00:1450:4001:64::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nsy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4690D9932DE42EFBD93022B578C333C86BFAD858.59CFF9128A19AED0EF6F3688C9E979546D13B192/key/cms1/cms_redirect/yes/mh/06/mip/2001:1b60:2:240:3247::5/mm/42/mn/sn-4g5e6nsy/ms/onc/mt/1701174536/mv/m/mvi/5/pl/29/file/file.mp4

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

HTTP/1.1

Server

2a00:1450:4001:64::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 12:36:48 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1513496
Last-Modified: Fri, 12 Aug 2022 10:34:35 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 28 Nov 2023 12:36:48 GMT

Redirect headers

date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r5---sn-4g5e6nsy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4690D9932DE42EFBD93022B578C333C86BFAD858.59CFF9128A19AED0EF6F3688C9E979546D13B192/key/cms1/cms_redirect/yes/mh/06/mip/2001:1b60:2:240:3247::5/mm/42/mn/sn-4g5e6nsy/ms/onc/mt/1701174536/mv/m/mvi/5/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 50ms
50ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lpibodiy&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&msm=1&aits=18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.yf~videopreviewvisible.yl&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
338 B 151ms
46ms XHR
application/json 52.48.81.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.81.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-81-28.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2c9ac08c5d577d2712c4ceebe0bf9c83014aada61d8f6093130242c2ac7902e8

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-cache
x-server: 10.45.23.213
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 5282 577 B
471 B 51ms
50ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&cmcv=&pix=undefined&cb=1701175008651&uv=148355465&tms=1701175008651&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!uftchrwf_vC!ul148355-465_vA!unf_vC&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=a3681b2f-be07-4848-9b64-e8f97f5a9f88&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.1/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e64d5a72c7287c3d1112bcd246cf4f69c3be3f6eb5c6685b1cd63732e2acd38d

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cph2320052-CPH
x-timer: S1701175009.661515,VS0,VE16

GET
H2 200 sync Show response
am-match.taboola.com/ Frame FA6C 439 B
533 B 40ms
28ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.1/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 83745af2c6c22c8f5bedf39c667c6c26cbcc334f8d5184679ad512e21eaa41e2

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 28 Nov 2023 12:36:48 GMT
machineid: 3406
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
811 B 114ms
114ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1701175008654&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1577&pt=-1241807090&tz=60&viewable=true&ddast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3050475&dpubid=523515&abtst=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!uftchrwf_vC!ul148355-465_vA!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.gaflaquiz.xyz&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.1/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e8290bcbfcb4d0d95b42539f3370a6f35922b4c0d425e0e345fd657276584f4a

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1466
x-cache: MISS
x-served-by: cache-cph2320052-CPH
pragma: no-cache
server: nginx
x-timer: S1701175009.663810,VS0,VE79
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 39ms
29ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&cmcv=&pix=31589837&cb=1701175008651&uv=148355465&tms=1701175008651&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!uftchrwf_vC!ul148355-465_vA!unf_vC&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1701175004389.1!ts:1701175008651&mntl=1
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
content-length: 0
server: nginx

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1627455/73523873/ Frame B222 255 KB
77 KB 48ms
48ms Script
application/javascript 52.210.22.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1627455/73523873/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20492283353&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&xsId=ABAjH0gk5pBoBN8BdV-qt7uF-Hux&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gk5pBoBN8BdV-qt7uF-Hux
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.22.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-22-122.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: baf3a6616c444a15a7dcb2484fd3a4721a22503fc210169ab2adc8d6165ed636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B222 111 KB
39 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame B222 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BprWlrFEHy_gbuYh-yQG7QwWqEUEHeeQNE1gLxbtzR-hHNBDjVYTiItl_mrVDcsGWfA0d53cn0uFI6wmviE_VTHJWvOg9Nw9BazhMlPpa1OPkQcZazlOqhhPwguhckE45bJQxi7SZFxRdFJkBC-C5LW_f9VjX7169so0QB033ivnkx7xY&dbm_d=AKAmf-Du-oOd1wOs2oJWZimZilm61p0_IaVM3CJKWvRSe14npcAOlFhSsXxI3_mVWDwuX1s2JfBL6jGvlg4hIR7T-7AbwgC1bXM92ct2y3ZlcbvrF2B5_TFxwKinf_K1jIzelY2PFgzSXCVO3uzNLkHSlTyG4GtpffTxmTmpujNleeXQlSknOJTOwTGB11m4a55-Ztu3Dq42zMR-zg4y-gwZqb2zwkyWNwrwfnY6PZ8dqEbaeC7awU9cqIOnnumuzgHM2ydSY-UpZsNdYWhQtpkcr_Dlfah4TqtPIj0nvgQI7Zqwt20XFnjnUBQ2mcbw0ondr_rDloBQRbg3yxjWKtX-ksCbkwpefrchFtYT8kcC8o7JMj1dVxcNHH2LMemaHT3xmJN189WnsMVjSoDW6MzVrXGwni1PWPix-Dn1lDug35VGP2BojJpRTawRQ8yJv4elskctzGdWckOerP6T9OQi4RUDu5k5J_86C2CkraRfz0aB5K7IHA0-vFewFYMxsAmTRibCEbeiipLcxpvcsAM-6paiFhLI53tb2NnwaTRoUlonVH-WJpDPjXblYdN1KecdUCcwifwQh0Qt1ruNuteL6ncZsRVjuTfn4qs5xYGJ1grx6oDMpR91nUCY4_zstXBancOicvgnQ0n2T_0c79WEkp93EQSicFxnfYbCEpy8YQrboZXQ3JrEnmPaxX2rdYLMWJQPGX_7RrE7p38DDUX7jc1nVUX8NeQ-6L-qfgq6qZqpZQ91kXaSsM3h9t_JpJ-UIIDnm_fq0HA2Ephm8ne3QqCBFVVAxPu2bgQBUw_lDziS0GU3d5h-S71MBTrycYM1ediSOxBiQwRBG6fSsqRe4ZTDxTymI7qjQvsHDIzsa3odxyOwR49GVxvTOisd0XYeAMnGGuW_NCUnl6ZWEfTz3T5nsW5Vy3CRi7dP0rdy1CYjrKQmR-_8_dipZMsQuhgMfTGt-xAxcHHPC4xktRjPgFIcCoqoVVqwZ5W0QPxdk6bxWhpJ_hgY4s7Pu5p82OfzVGTYfqEIaMsAPRn39R8sy_B4C81JmMp1aIAFvRigirYi21QY13sPBUdBvh7LP9YiSyp2_d5gdHMnZqFqLjnDKXVO-eu2B8GtoguEUneaZTPp-4-wxhxbrtJX-ip7kwbNnYP-AU4K8_Ooj8hoEdJHYcReNDqhncO7PInbJEGLWkjcZOOnd-deBQ5ZDsQ2EpFayv_g3E52f1xep9TsB4dJzZKcwFLyzOnItK7oUfEDHj2wWKhezAX0i1iKiZLCbYiIOE8i_J5rAfqmFvk5H9aocoVzs1WoiDQ2pTIpeB2m5AKnJSKNTt1lTdeSG2bTnux0Cqg7IM6XuB_72gM4C7AbKyAaqFoYTP5mUElIwX_X7e7Fu1cn1Vuygd5cso8jGY2M9wjxbUsHPn29Sp_nKMxtqIhVTZM0hGixlc07gF8Nj8HPwQlWJoR2M6bkOzZjc2nIGfOV1khnI9kBo98cHPUwp1lTCpInsgeparVurMumjvc9bsO7-ePhFZJVjYnLVkSgDlqRnWXlFW8P5iU4g0AmL4kvOQoSBlZWige3796aJno2KBoHfvYWoCbzODn9L9wG1vgT-uywFiC2aeq2wgDPC6GPfB4hfEokQ8jgcnivp_3lA_q07rWDIIwLiRHsbDd6T94LIoxZVqusVXng4owztF7r3fYFQQ9Elev75AsTaHJ1J1uyyxYIoU7nDmHeofQ3gfowUoGKXhMoofzQPUu6_WGzhUioMnJXxHqb7zdVFeqaHCfBJBSvnCFJu4SEe9fDvHF7Zhr6i9IX35O7KBLROeEh7OFx3NBWH76t__oU1I8JVcFHJfb41_83xIuYsfrNqLXqrdLU88DiVFZrjIBN8-wbUbocV4_kd7uVXOo0P2io-jFvaGvLhmg-_5VAmgdfnKqyK-EK1HwoKqvvKdcjlsY0GHXuinLN43CNQNIC_4RUpXlEzb1rcFeHA6tyRIb5uGw5LFP4PrdQ5iAQQQHib_hX89OwDiSZhq7nsL7EdmwVL9WeCRQdXU7-C7Gepe6r-fWTUrlx-kceR0DrTTg7FRSmlm3ZiVeVGIqj1atXOJv26oUGZEROQ0fdbJv6fzek03d19L9rOasgMcirK6kElKzlQDHdrNGpEOBuoxMx3DFulIiI0pgNTp0-NhXip4wVJNNF_K-ApPLp822M_waaJiCV_YGTILGR8uSNnpXRT61_4JSQzPZaFbDLGsq_LPikuRkdRJG7cQ_kO7CZCigrG7h4Xpdf24vdb3Dhtx06Se4yIdJ0hxEKeMVgNwVHgo8AMKxGhiDv60mrNychu-mkVEZEMWsrB9mQMG5HVWvyZQf3t9E6goWXctzS00GowE7mQ4VOBnDdGXt-r3tn1mW23SbE0iVzCVM8RzEcgJCrRqYusSes2vKPviymm91H-fDoMHLWbBnFZpHBJ4q6dmP_eqNzJzCrMNqGuTMkyiSLjTW-bH5H7pRQ9qaxfVfiBNvKgtzmOk8rqYP5RWgbqblwQP-WqrO7_nS4Fo0fr3fOUiJVQgyqvlKn64uDXrIG3H8dX55yU7pO-uFx3D7cihyNkPfaefcDvxj7VNWQDFWJtNlvVj24bQmXjAhjn_TnfSCggsrCV9T5cyilclt3C_AF2PhCg3LAfPSDBNV-2hjr5sfBbCmcbjnUBrWUX8XmBiSGtELvmx6J1xA0qsZYAfQUhHBk03O8oQbLdxImBN3YGfZnx0hPAfNR1gkk4lO8-j4LfCRxbDVYFgsTPPhsuYj9NNry2xlN7mFsm7_Rgbq5dSDhGrXogT8c4sPflRLM21JJlC7uKDzx1n7_iE_uxY-rYUEIoFZmokB-ukq3ruTK7gWNJQTDBC3SGj2c1gQW5_dAsJvuWAtij9GHp-DeKh_P80ndua6tq5bco5M5R3XJKk2ttIHI1PNrRErd2eqbwB8rNepByGKY77DjnoavT2iGNgVtKQJWCguGNkUVcQ2NmQT-0OGA1nqL0uQQkMnI7X1QTP7oNMDcPvBlXFaDTe-6hYEzAUq4kv0sVvmE4v_IaF3zHZiVdr8yZW3CYeuhHbR445xVot12j7opMEpSSCf6G00UX3BxIJhgQeBUqoPqRupbbZwO5LKESjOb2Ph9-3ustgmhYW1Ugqsp3xyP57lTNje3-5u0MnmARML2LLl3pSKsElMzT6vPuZRBThgJOkw7y1U2dNIOVJRdtq0l6-DQYZaC5l9Mbfd4kVFsbaUYukRebeueEgUcfJuugxvzWl_usrba60iqcscb-u2oaQE2MV97_v5mryuSNr5RYuelO5ikfbuM8bN7hUnt-lCUw3pe8MoRkgYO7uv_qJh8J6KKmX8dgBh8HVeXHtaJCsMBVVbigYxYuhPDcXJBIoDotnufCAIvhxDtEiZPxHIJXSTvj12WbV5INaNYhQErF5hSJTo3ulrPHXrE8kvQYFnM8LiEapJWbUCXKTSKYGR54D5JpoCKYxRsPbdjF0xK5qRIcNF4Qnc_EVgqC9H4HNMXbhQeKOVgCpX-B_FbxsIANNE5M-TDL3cnsQiqYYQ9Zalu4YdterEIinUzSb27B1HlhLRo8obur9cdQqNjXOI8QGStzlZwXI2wAVJbuQt5QRfdGMMXNFD2iLd_rqg0spsypN53VmgSlEgGoIBiCDHM7gIaagAoR3-Nx0nul53PjSQFbod5JyJQvn4&cid=CAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=5481335514928095000&adk=1877897943&idt=172&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:35:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame B222 31 KB
12 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 04:49:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B222 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1627455/73523873/ Frame EC18 255 KB
77 KB 49ms
48ms Script
application/javascript 52.210.22.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1627455/73523873/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20496570232&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&xsId=ABAjH0i5lF3hSAHl6oTepNMf9plw&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i5lF3hSAHl6oTepNMf9plw
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.22.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-22-122.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cfb8e4f1743b2af292f89bf8d74acd6cb223f344779ba19fbac80488dfa722fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EC18 111 KB
39 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame EC18 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BF4qOM1bpYjd0b7EO9HyKiYm2IP5pLi8Pc7gvwqwXNKRTiOawcr3U0MbV6fjy-IMgHhi5trMdBKybi93C6E8SM_YiOyYnZHbNaYH66tigmOOzQ1zgZW_X3iTfzMbEufIOq65PDnJvOgAzbGU31adbp3W4RVkFpyM_5Dsxzwvv4slT7L-M&dbm_d=AKAmf-BI8pabaOcg0gqpkFk72jIAHIUCk0oLbXTkLJZwpvE1JHjMGc4YtDEOp-CFaK6zktqrS6tGpzgEqb5HjGHCvZ7eXd1818E-uvwkliEiKyZB7PsiNgZgt8jGdkkLf14zuOLXAJvupG7T-BI1DObcHumluupVI-gx1bJ9JaD_fKDWcPuPBVw0vDpLb1tDCqCk50nOssFeQInSN19zVnOHcnVAdWmuEYdDjk5tJyqOYUVaUuQSAtLyt8gOLjO5BZo_7oTO3UHBlhJ45LnX_Y8soeFHELlStAT2B9DHepojEWcbr2sxt3VrQ7UfLgYzyDQoTwzCkEepoRA9dCVuyih0SUcV1uDkmGI9QBIPD5_atMHMPpka3oGjfpmvsRLgbEY1XZYhIBkf6xl5bQL9FNcNYS5NEQo44lWrCTait2U9pb0FPzzBk5OjdCoWxLzM5K85SSZL8XJCBDT1EfRjLo9eoGDucTCCjaL3qP01Gjt6UsYvCesOj1AbLKGe36kEMrfUxY8i1fAWg2BcZik2jOgMnrz9v9mKyJgas1USZIVXMCP2l2owGPYW_xLVKHMLusI52k8lhuF1Ph3hRbb20O_1Q8OK8Rsv7KuCraE1knC2NrpAm2yAKbii2iEWvGo3CxrE-xsoU5UFl3NXljgMbOBzFe44FCl2TP2-Yi2An_Fafrj22E2VXcFUgSm0-Cd9xBZaNi5UUMkobU1qQjZTKCWdtW2oLEvPQVqjNjex7MzYQYEPCiBwgL-RD5CL35pn_hWCsZ9fhYzLYMfar2YgZ2XRHf0HKn_Az72HBA5376lxmzJd3toO-6sMhR2j8gTTYUwVZAnGnTmZ32fYAroznZChZALpFwf7eOEP0kqjCm_6gXG_yS4KC-43hXMKiGJrKKTHUNq6lslKYY0a7YZOuTfyswqbRZ3ZgYNZ7kQPvr8dIDngspcreEUNG6T3fFwj8ZR1pDE2vJbcLd_TO1lRbucj9Y0SschkgxDxnFji1fILNXjMQnyFCZni8a96-YTx2QKrohsW6laNPJcbpnc3wLsbayHtw-hOPmhfAm-A4rk-Ce9w3of2ZouaC-Q6JCvoYsGjQ6SKYTGzlblKHg5l5OcPMTOXlqLxQ-NSr5g9wGtNM1o1KaQkUEMXBa1emKgBEwx82anUbygLszPtenz0YbwdcB5M8StqYuwTmNpkFdalcLrsGaQsYjyejdHI4MozTW6M5IcjQ-iMyexA-TbGVwG4VwLPBJCXlHuA1lPTNl3f04WPa0qTIo4rlW2I0vi8_qXo_KV-IdP4seJFtGGyalDFuBfLtuz8H6wpIC59XvtBkTH3DRXV9hSNb29qTVtlX8kDGpj-3TOFcoBsqr61EUVitqq7OSbpoUgUJCeRzr0Nau5MxcgwvAesYSDeUiTvG4iiS1yfhbzBGT8Q4JHsLtZoG9hjdI01MzLK1ibNx0Spb4x9L_jXJWoox4M3__T2H5Nv1RE7TBWGtjSHo-viK0mDwKj83bke2OkBuVFYVcTt6YFmWm3HjyE0DkSPKY51vfHFJj4Fa7EFSYigfbIu_dTbSLt68Wk594vofccgO78kYeYNAMIhLwubwkg3K84RRtce0NIOylVKL114XwCtjrfut9opLLzLGL6_Sr7YiEd50V6DImmi370yxu7V9Yxw-Lq-GUMCt07SwehFZ2hZMr6pxCT2Pg68825chYlM3gCs_SnzTiLUYSdTbh-Pg6EkDhelbGVJ9pTX6IJ-0cE0J0SGtK5yGecsI1CJE7GY7cTLkgCI6s_-RU-xmnEm0y5PGFURZoJMiuLXAe_nneJB6-uNWeOEfzwIrrI-nZU17tzY__rAXXFPmRPSOEFFKFF3sMTfewp1sdD__8PGWIuVvhGW4zCnonqgjz9YaPQXGyg_RTE_u1VVxJLl3palg6l0iNYoLKRXyYWYMDHw-nMoASrKDHpI0O2F8BcEyDGyz5mQgcFJsaipBEb45ZcLP7Eh1TPjJeQ6nbUe0Ci52gXFNoPyzXQnmUPdwOwmi5dMKX5h0J0bijHaPLXl5-KqnWF8NVWx5tRb6k5lyE6pnD-RM9LvxHk7_Qpx-KX5KL9g2_OFYS9SLa79NLG-aFuhwuP4pC67dacWzi9Xg2Sa-Am0StTJVnRKVR1ws-Z-0gG19zWebKaKssh29aoHRC5vQt38Ci6DOJggBqMrvSO9MFDME-T5TxQc12gwxA9TbF72diHEDKRq0BjwGdvWkmAzpc_Qt9BFFm_SMK2KE8KgjFjwkey_42sJAwVGzdBW5BSPXBBnABpLst4H_HhvcLThAzJWxKCr2wehiirJTDqzFrFzm5jw7liFVt4qvOR3Vcvp75pD3ZSCh4bsx1k_QnEFhcUDYQ7Lzinou0DmJxqwdDJADyoC02shjCoSJNDPporA7opnyJeHfU6AyT_z5d3APTkiiM-HsQzLnG4Tb26DY3k0rXWUwZKj4Zc9R3Bp6bhii40DkCKtHsSGeljIiEbycDKfrNpET8c9F0v_xfS8IDCmbMJqmUD93GNS-tE60ig3wcZyZnYja-DywZpkAi311PaWc1Ne-k7jLB1QTKPqX2aP1NZX79ayxI5ZaHTOCKFpP2l8YOpgHOxURT3OvXFX0goxRt6mH5SFgI_IRNufEAmi-aH5yB46cKvBSIzOnno-gdl2ORLDFvZIc6NONXlqxMllXqFfHGrYQivDXjU3VuvwmaR8BEexVIWALdCm2HRDuSYw5PchGjAs-1f3Ft4HurS51YlF9oi6tojOZIu42jXigvSJp7eemwiyCAhXKsNESwA1vkaJ4d6vuYmi-DgToF1so7l0sIhXsxpIfLLK8Yz2ktZLtZq6X5cXo71IcNHv9L6_OwueSgQJXu_QR_2ThuHeqL9MwZM5wZqpGlx8sbjUw9U34hse1l8SJRlKcuvA2UF2rapQyUJLsCHZoKJVl5743xzyue2RcAnu0G-JJrpexMiIYsrzXjLTMOD2ZnfDChAJtK1uwTWATyrEt6OgMAJjxCGMBd_go0FjnflcWaxDIm_2MwYXTVvsDX2-g7MEHDIXtuvGIJVobnXEbNjy0BLRtpiH2KwXloHPz-AfOsFJoKq1Qcn84mTprgzcdEcU1mhhTBRlIFR6xXCLZWTzYB3SqbOVAcMUhpEhaIBynmUurc3gByl_RbA3Z6b4VmhaYobo_knpYWY-bEBCn4RqoOo1wbvw-JtIrfQ5e4ivK3o8xqmICSdFLZNFzBHh-oLE7hh4gVMLy91STZRTSuCeXIIVLZPyjxAf-XKpxLWPtGnZS-QsLHQaafKkRYxO7441lnkzxB5aYro3iIxGGmDmt_lxyhLeLaIv_U1e6vc32ZYOjuLJ1W-cQSRTotfJYTkjciY_GFXXcyLguDTcFjCnZnvAPlexZZZHXWMUyOJh3xG_yF6H-eDEBF1JvgnDO0EDphGRiUH2NfswhioQNQ4kvrJaEUqLubsef3EPwKqM_kT8EaezIbXBwHUTmPr1nIMEQiwQUgcDS4StCKGnUFEhvXgXfRc4_CQ7fa2MLT7SWORW42-hbaBl-yxXgkQLmaqV5swk4Bbk5HX64oBpGS2VyrT2aBSVK7iOwojZ4gm47ODd8UoDF1d7yR4OQqU1Mnp6fZM2MZh3Xh_HoNlVKGc4Tta9ZPZTKNXgGXpKlgF10qFSS7YvIOrraVGjbvCRBTPYDHoxKSATXouCn6w&cid=CAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAQ&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=8484764451639637000&adk=929882891&idt=212&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:35:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame EC18 31 KB
12 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 04:49:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EC18 41 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FA6C 70 B
148 B 142ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame FA6C 43 B
426 B 158ms
49ms Image
image/gif 2a05:d018:d29:3602:d09c:564c:cd27:b30c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:d09c:564c:cd27:b30c Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame FA6C 0
15 B 24ms
23ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5282 70 B
149 B 139ms
45ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&cmcv=&pix=undefined&cb=1701175008651&uv=148355465&tms=1701175008651&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!uftchrwf_vC!ul148355-465_vA!unf_vC&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=a3681b2f-be07-4848-9b64-e8f97f5a9f88&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 5282 43 B
425 B 159ms
52ms Image
image/gif 2a05:d018:d29:3602:d09c:564c:cd27:b30c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&cmcv=&pix=undefined&cb=1701175008651&uv=148355465&tms=1701175008651&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!uftchrwf_vC!ul148355-465_vA!unf_vC&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=a3681b2f-be07-4848-9b64-e8f97f5a9f88&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:d09c:564c:cd27:b30c Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7D21 15 KB
6 KB 39ms
39ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.gaflaquiz.xyz

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 284574
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/ Frame 7883 253 KB
163 KB 60ms
20ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80ffba77f81b5431329d5d6f73af0c4d9c2d168541a64d56faa12b7661520400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 104001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 166447
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 07:43:27 GMT
expires: Tue, 26 Nov 2024 07:43:27 GMT
last-modified: Tue, 09 May 2023 05:43:42 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame FE2C 0
0 58ms
57ms Fetch
image/gif 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssvVs-l-PFGMw59PH3jGwuq9bmzBlRuzYMuGLqs1k0z-0N2cv-7tUESAqfDJCQMEPSP5anXFOBCWJP_4h8Sgyj64eOrABU7FvEItk9gGt3fL4AL4WRRIVRxrtnF8wP4v6eIjVQBTTBg8N5vAYN1dwOcEhhfFDEydxsHwMQcfOS48guK8V1YZpF5geRlP38TQIwxeeqstQebsyv7Lsvve1gZtELRrpxaIv4z&sai=AMfl-YT-CebvWtJogRB1T-wnXL1nfW4XVzAELGx9rRCNIJNmywTCKYF_UK_xi69YbQEjFrczV3JhNLtP7qP46UcCjC8mW5icEy2da1izEpe6-X33xGTvVHGDGgNwZvqCnHYd1QMMCevzorzefeKWQeNpUg5tk_A&sig=Cg0ArKJSzBqtiXlNYX71EAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=237&cbvp=1&cstd=236&cisv=r20231109.90224&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8C25 281 B
555 B 76ms
20ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&cmcv=&pix=undefined&cb=1701175008651&uv=148355465&tms=1701175008651&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!uftchrwf_vC!ul148355-465_vA!unf_vC&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=a3681b2f-be07-4848-9b64-e8f97f5a9f88&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 28 Nov 2023 12:36:48 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FE2C 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c8985277-ad2d-bbc1-e794-f48fee1f98d1&tv=%7Bc:vgJBGw,pingTime:-10,time:474,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701175008792%7C%7C99f527afb30df84d52783fd956c7cdab%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C64ff74422267b566642ea8eb9ee0a82c%7C%7C8466b5d49b0b1d1b2f7b39c7988b8e54%7C%7C36865364e5ce9ac14aba006361163a24%7C%7Cf6a51161699e146d14202eaa7ac8bbce%7C%7Cef13dbfa7930f5054f5b4ea11622f03c%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=7647785186&adk=3458766646&adf=734745017&pi=t.ma~as.7647785186&w=360&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=360x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007200&bpp=1&bdt=333&idt=198&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C750x280&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=118&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=200
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DBBD 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-YKbAYyEm326vjEtuSbyM_JJmjIV9xKKcD_EeGx7pJcKoUR9bl9ZKpDNN5PP7LUWBQBINnPI7lk8aBZmj8xuoGy4Gb-1se_aoUWMbxRXln54Fe10fN94p1UB1G8uHxFqnNZacwEs1W92BXcKL_Ac2FWHwn9CTFlEejM_M6t2ApZa21uA&cry=1&dbm_d=AKAmf-A63ymKOBjMTSaxNQx_bQa9Bm6-vfOnQzTVJH6u2zGo1qSGMopmdwhkfItOYTO92--Ia9UJYjniZWt2Vl3-A055xJBaiXy35v7avuA1gCWKh_silelFjsWYXk0rm9KGYb0IZAf7Z5cLNFrs_nvpoKJPYXcf2TFgmup0XM1ZxrgtAFdNSnRyytTPiAsb0JVR6V5VkyVsoRb5XjuObxb5cc_erRg9IS8eCMroJmLVmjiw1Pz7sJBB-G2GBrYcQwOBDMsJHR04sFoJf_0exm1N2Ythbxy4F9yPCAS25GAZflgByJeDHzVLJZ__JoSmAmL3ESJurVvjAdNJSGwPafx1ZEAGO2749aWDIXyNqmJJ6eYFGHD8LAzkeMKJ0AR5rTnlAKQOGGi6uM-m_uhCIHkhwNDWg0im_4DP3cxiJpF1WXDae2RSCJxj8Xi0MUCeMFUzDv1iRNy6mLDGzFoz9kzNLGiWC-0KpOctvhILx1lZDUMJQWned871nWaZrP4_sjo6sXXZguI9QARQ9vEDrHOpYNxFRxcLCPDbTYEd9EqUOdN4xPwv3RXFqPQN8Teg3BjRaWpIF95xyoiMV82SioZ4ILdUShJl5a7eqQOs7W6DUoQdWOO0KRI_G9IiDDlKDPN9dr-2W_lw9HBLMCvBEngCAA9_xUMwYsDGa6QJpgk1gQO-B7pKx0CChq0E-CyYCvUp57RGwYRXBs3gv5ybzTtwg2Bbm28ZIpaS7dKWfbk6G5cfgkehX9526dgVqjFVbEQA-RRcoRveD2ieaSDmZgCoBFHXitJ3_GMTxM3Mhjqi2quaxcCgsA6xlYiXYxSUZD00X6uSyNnbfkR8ROIPWaBIB0wgFd8dzRFJYPEYC0UPAGvE5EAzjyb7PqUwYsiZdgsQXheai6N5UURyhmv6qnZM-rYz40Whk7hum-iVrybAyNjjExD6Jn3RZap8ef10yHJuIMAnCAZlHN4yLEfgf2btFm2MrEPZ_kazwapq-GUDfZf_gcYlslUbqjtTUJn3nFiohO_HiE3OkCOgGF8UYvq3LT2zpR_tFZiJWBfd5QTbqHFMydBzufvAOI6BKhSDOQ8shvquOfI-WaODvY7jniG9YWiTxwyrWIP47hnErLGsfasPCxhYiNQpZu5ubnYnkNOrRj2mAB_e5ByP-gvRGAABEcBbZ2rRYaZzsCUc54dkP5D8nd1t9M-pMrSa7-y_UA6QBLZ_2GA7QIv6QTn8NHF09AzaFU2bDBhxa4nUegZYFdnNmerD0qTDpMXmMB3f5-6wEUN8yvWF_cQDyCgtI_PsMa1FWdnwEGsA5OKROzyse-kAJFwcR0SebXTa-vmXUyw_CbNK2BJ4EA_eWD_GuPTgao4aC2Ssk8waxQJo9V3-UN7Ntjoz6feEAMcIrLFWw3YtsvxvU4w1Jyvf8Oo1NnpcIYSjc2f1HL2RyURvdukwCnZy5eDWV9aXhwgttY4zy8gW3PNfaUhRe4mrO1pUtctFz6jSbBE6IfM8XXEgf5lJfistVFbK8hzeEHlwQmNUzrkHelBBfmCxrhwL_2u8lwJDHaUe55Wtad_gzmzb9GDBzEnRSF3bhHuQTdnLVk7UqtNGRCnoYSnmFvNplBPJTXtODPqwyHCSPWtB3bjmrpteAED7O9NNPbqBdLn06a-Jr-f7lGIG58ER_-d0Ua6wNu-r3GT04ozMCgqTRtMTHtJHnDb3BNqFs34TYGjS6Rf-xu9gADvcPSWsnGJyJ3YV8UQryqSnmnQO-ibXu34lZr1nkhcIKeSJVFIAZmnX3DDf2FVPOq5_mMsQeg3B1ffnU-OlTqjjvaxlHWC_QLul3Jd8Y9TFrI0pY8ETn6XUsn0p_DbATyA64e2dEIKpaQt0EXBJdSXdS2hdTILodQf4hEXv7Y-Ey7ZmeNcf2j-eZzW3FzpmhOmAVoZUD_g9XsPkatuOOPnEbPqlcPQsIYAvP1PYsLCgtrBOvaxQuckUO6rWrvWoR5Km3iiDRoeBT1S30o5kg5pM8HkWbeXFXFCuNjHBWLS-jlj5bU9v343HXYg-yk6RkN9wnsbQOsBj_wECkRmOTRh5dZ-WM2xdIS7gORiyidZCcumE8unorb3HpKdDhPDQsPF4Oie4kK-PIa9Dnt-LIjkx2peAOOevcZ0YAz-e7zAm5mkX-UEGP9YRlodUP_0J2IdNk1WSL9K_r31AhoMOz4DySTWZGeYzPyKtYR-Nf4113miXzAsEffP0QFeJ5ssDlJqKpynGI69Y5yUpyvrm5CSnrQaBgrDFFUt5uXZgH3SHVyN-w_nGrDBRE_5DOwSN3yQhi-ebCiom3hphQcbMHm4P9BbNjC0KaSQv_2xdR_KIQz7L5BSnV8mN0AWi0rHBzI1goDLZN69EQY_WsXWvScghNgpqeo_rm3xvpchMtcEMDmnGNBuPDSJIMPvbdRxNiqNAUQxkcteiSc6PocmrpFlWOfIZINy0tFR_g068vgon7Gu4a8xPKP2X2bgh6oopNEkRtO7MSeYFdTigwB9zAvgbnMzbBARhkHCPx6fzxXWousfUOMycIT4B_YQN8XaiAA91H9EIRy7HcnN7zOmpJpNwH1DfY5Xq8OOf6bStpTMqZQPaLeQuD7qe0pTS0_pT1w7q94gOCSVaX1i_yWyNrzCJBNDP_LHtlfjUeaokkPAIyz1FN4w60WNPUkuKLqDPQTJw5OQXVjOB3tXEqazsyrT7w8nSL6WLqLlte91t-JZvzzo5ryRX05_yqbC4-8hiD0SiBMyEkHVdAtZxrCCTkKM7-gYcve7nnXwLlZUmOBVBfLPkvNuW4mrXqsaRCAlcD7z_RJgsgj4kyeKt7qXYQV3tP70kvZp1MRH2r31ZBLQKMdIVTOaGsYfrDbyEBRcd5ykhyY87uHVkV3QzQXLhGi8txCkvIJyXV8N8uTDz9NVi32LJMuBKJL2uhNDv7wa0s8zHJ-42qd5ppp9LHaSOuWSMVGLMLnBdAUfOzMKMMIL2sRJdRxff8YaoPViRSjIGDAUPGryHj1ljk1j7YqKy4zSSs3k_5g&cid=CAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=15279612539341615000&adk=2085914665&idt=182&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/148355_465/assets/css/ 60 KB
8 KB 36ms
36ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/148355_465/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.1/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-mtime: 1701167000
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: S5MEDX7TZGC9VME5
age: 7945
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1701167001
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: NTmwpgkQPapevHOJGj2/Ta3YzOzd6Q7r8C2GKMPckbwdIA8AKAqmQQA+Zgj5H2j67C04nxSglQI=
x-served-by: cache-cph2320052-CPH
last-modified: Tue, 28 Nov 2023 10:23:22 GMT
server: AmazonS3-br
x-timer: S1701175009.818446,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 387

GET
H2 200 cmTagSLIDER_INSTREAM.js Show response
vidstat.taboola.com/vpaid/units/148355_465/infra/ 475 KB
103 KB 42ms
42ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/148355_465/infra/cmTagSLIDER_INSTREAM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.1/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f9445c0d46ad77cd39f68da39973510f68712a5b9e0c966735177e6464372a85

Request headers

Referer: https://www.gaflaquiz.xyz/
Origin: https://www.gaflaquiz.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-mtime: 1701166962
date: Tue, 28 Nov 2023 12:36:48 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: YMZGGXB2T0BZ2M80
age: 7915
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1701166963
x-amz-meta-mode: 33188
content-length: 104607
x-amz-id-2: BW3l2SC2q+N89X2dLO1AQUTF9TaXu9wXcX/r2npoAt3nySRrW9YFEn2Ru0buWNhCHs83DzeQqg8=
x-served-by: cache-cph2320058-CPH
last-modified: Tue, 28 Nov 2023 10:22:44 GMT
server: AmazonS3-br
x-timer: S1701175009.824719,VS0,VE0
etag: "3582ca7f48dc446fc2d3ace9cec52f00"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 22

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 5F1C 23 KB
8 KB 21ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 261893
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 11:51:55 GMT
expires: Sun, 24 Nov 2024 11:51:55 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame B222
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1627455/73523873/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20492283353&bidurl=https://www.gaflaquiz.xy...
https://static.adsafeprotected.com/4.js?xsId=ABAjH0gk5pBoBN8BdV-qt7uF-Hux&ias_xappb=&adContainerId=brand_safety_4N5lZambHq_Hx_APgrKBmAM&cbFunctionName=goog_wrapCb_4N5lZambHq_Hx_APgrKBmAM&true_pb=

1 KB
1 KB

20ms
19ms

Script
application/javascript

2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?xsId=ABAjH0gk5pBoBN8BdV-qt7uF-Hux&ias_xappb=&adContainerId=brand_safety_4N5lZambHq_Hx_APgrKBmAM&cbFunctionName=goog_wrapCb_4N5lZambHq_Hx_APgrKBmAM&true_pb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:25:12 GMT
x-amz-version-id: c7hCKBSAcCMflhCpaP6Ul5S2_C_IzKH4
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 529898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Nov 2023 09:25:10 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: Fa_xJQBNx8HGxAAQAIB3XjTEgD6EvZaUlhaNS0k0mklkc4yvlu_zsA==

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?xsId=ABAjH0gk5pBoBN8BdV-qt7uF-Hux&ias_xappb=&adContainerId=brand_safety_4N5lZambHq_Hx_APgrKBmAM&cbFunctionName=goog_wrapCb_4N5lZambHq_Hx_APgrKBmAM&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 3D03 91 KB
23 KB 22ms
22ms Script
application/javascript 2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5920058
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: N9nRscZKSZ0My5qi0ZzGyL5BR4MJ3_BXpHaEfpOFYmSGVtu5nLdmQw==

GET
H3

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame DBBD
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DtzMldpy87XEPbzUA24Z8yRZv5YTqNhWUwioUz7b32auoPB6BcuBF...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DtzMldpy87XEPbzUA24Z8yRZv5YTqNhWUwioUz7b32auoPB6BcuBFjLKFJtde-dVslrvWxA6jV_ViBJ...

73 KB
25 KB

67ms
66ms

Script
text/javascript

66.102.1.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DtzMldpy87XEPbzUA24Z8yRZv5YTqNhWUwioUz7b32auoPB6BcuBFjLKFJtde-dVslrvWxA6jV_ViBJr780us6GiQHn7XoP8883QrvA3a0XEMPrISgXsOk1VkA5cyRKJFvR1pa3_FP-6m0-uuQUH1MA6d7CX2LklkgEFctRytje9PNqv0S-RQAoCZ_4IS4swLXd3Ux4SkRcqkBtST-Xjy1F8J7bUApgq5ks4ONKwv8pLMPR2VaCqqjxXFZbatN2RVsAxC8Y9GsILnh88c94ti1eIxAlSavyhiXJekuNgGTDwBlPMAZbOwAKFALORptuy0jKXcA0t-dlgRMo1LUPRGJs70n3uxIDDH0JiFcTiQPUslnyKaOPDsZSwxv-cE5Uw6nxqM8uU7AtJZyMAqyC2C6PtkH762eTr5CN9SbTuREXkWxl6W04VugfJeZ_Kh2bbels9KkDVgiEmw8Kz7CqWGcnoC-v-3WAkuqNMn7nQTKNj2jjXTavlLn6bEfNwnEXStxRIqHkUN9461Xab0smOwqpnNRT7ErwAlNRhjjNoF5jx3y320HyScFumiXX7wrhdaAfznsl2mA8DmzNlfkKwDpQ1L_d7A3q8N3o9jHbBxEvobQQK1k7qQVX3GCQY2Z0W0uRep5vITqeQW3X4g79pmZYZ1K5UhY8QgsKVDyFBUoyLTG_xrK4exwrL78Z2wNzyOw2upBjgFm8U-toq8D-uX3468hv9qNM98I14xaNVLIEkS5Z_8z98NW3xLYQo5B_ARAojnUnBoXQl_YtZCr2tCGD70owug49UH9pg_e4YsxyJuajPm_39WMb2H7tlVZ9y6-wmqrNqhcE19GRWC8RtBhCLy03UUzy1yOLV3NOf8K-I40Z_1VaAGQ70PuUVoefKIWQgtOlYMlkoAb3DTBJWd8lidXKrhLLABMGzqrNLKks2niNrR_wuh_0FbjGoNT3n_rwFt_15lx_gC_4TvdvDpru9iVUf11_9M4xPbIKbEqxb5PrMdmdQS9e8FEYHVobNLFOIfXzcoCu8K_gTJiXUeMK_jbiSZGQs8MyNeQeePFguBPryPVUXebZSmZZcF7JSzvkWdpHOiJ6b5IqDwpdBU9NtKaXZWtHjK7Os4rU3oa9UGIDFUGCj1IbpxT_e9uSXlgXF4Fr_FT56GSdmho10byjZiPgIZAPyL97OflF0fp5edvG0mkoArVSsyyPo8tGlTpwiFWM7zSEkboVTbvTz9d5tIwMlPQ3jjg8IfMzKqXOEeumlKQNezmjawD4FLptZidvRA34DOAfIZLrkcb8IskCG1MnxXcjKFdZ1P2PaYIf4FiPuB1hc1z2v8GA_WvaYwyJmyNJ7wOXab2T4Nk1QsBSgsiy1erbrb-0YvFl8wv4Ba9uZmB1-PCWB9kr-2nNqEU8BiLkjr9pHGerVdFfV3_T-yMIgNk8Vwx6sEj_yEVHsxA210Q8uksB2Gr1PPot4NLB2UqcWDVScU08-6nL5hnjlki8xoN5Q_kQzfI0w9HYSmmg9Iwk4w4-5UFtVQGTqwOPbzwMs4QZ7i3gfydRqRRLwd51tyLRc0nkATiDQFZHOJDN3xIRkIGFs5u3zJtCGjTTJyZ1fAKpn59j34tptj5DOdPmFZfRFKeqY7QDRm7AS9dsoe6do0c2Odr34ZeK1JgAxgTPagVfixq0F0iJZJLvlK_FgfjkYozu4jILjGo1v7CaGoTdPOgDyIJFWY7HW5Mn80gqeM8aJNSuuwUh5RyeaQ_f_J6EM1z9WV6U_gjvZw6tm4HKKgmW3s-OiLHUTg5p0LD_AcgOuL6itqPwzCJjwdVDhCKf6WDZ9MxVNeYQJh1mjO3h8K021qHJRD3rc0_dTcG8hvPjjjCFhtmv5c-ojVKGmlB2Fyv7tE-pEb6aKqIcOw2ppV67VW4wHPl4CBvG9xBluXUzBw2iVmkNX5mf1D6hs1v6LF2HdaVEzhfQuTgYeg6DwAD5R_uxcyYpYZfkHbbKaRdbtwKX5ZS0vy_x8CFD7iclaHLwTtgHp2vSvaJkBiFEpkej5E0VlJlg7u_8x48UVMeV0JY6-0PfFg_dNTzQhHkbDn7viKL2IdY7nW-5DOkRpPvf-Ka0lKMVnNzS_9-3x8bnAFLcEiTHUjWZC30AvXEzojbZwi1djCdG0FUUeUyWqMf5Dt-ffIcpbUR5SFXy_EKTfRtJvAqYrXK_5-anAHf6rMGksNrYNL5WJfav7ZBPW-8RmC-driP6HdnP834fTydmC89C4ZR5VEl5tvW2L-X7FtLMGASiVJsTnAMwJNOMHRmz33x7Ex7CGvlq8kfxRXwcEio_sUU4adyPsMs-3uuZjGQNSMPeDSDoX5nJ6U92NiEV5W-S8yua62ddlo4QAS2mGcqo0tJYeOQq2TJ3jYU7Drp4D6DKP5CTX9KM8T0UfpvCCbKfxKVZa4shkS_HRT3sZC1jSM_sbLLXhN95QZhoH7HvHv9gLsz5GVQHd6R4NLOqIBKcicT206AgzDqnnNv_wVjd9yjmzPmC05aNa9aqYPPCOrtjwFlkomqqsegs-zdLxBjCssP9rN3RLQshjuZ9DvQzZdjQf6HJmftGz7sRNXOeAyaUm1JP-iqZBr3aIOu6rwETW1Ck5dwcE8HXr3sgzX6W50kZN_pf0zTYOUBxtN-5QZyTlGVyj8O_fIVyMa-AF19tOaMqX3LSxj0U0QZ8LHW1tc9TBydowsjq04_tc3XGG72HYRAjl-ps5lYvu9alDcaxxvpgiaTWuTCF99QbXuO-Fsdp01sl_pbXMUUZV2UAAjIPKFSsoO-LVLzW0K9Z841Zolh538oNxFsdLXH1HUmHuJpcHlGsp1OrbA9zMAGU4TgyS3gV3qo6e0T6vkLhsMmZYq-YY-Y8wEcExDHtbyomYOzw9hXfvirrOBQZfPZrjWKdojEbK2yCaDocb0H36uxwaw7PJz4yeBidSSkC2GNQIJkUtg4CoYMiiMDH458Ryn9jO9UuWhic0jbSdgAg83Wnf4MKIdE0TL5h3O_m65PYYfTysxatFKrzjrgQL5mjxKYKnU1SyrYDDfp8E2pTfPHXoh_oDPR0iqx3aNvBAtlGKp9GH5-iWj_abwFE8kNcjoUs6sgAjE-K5Ooz2w_mzsiUWVyDJTH4QqaevyhaXQW9b6Xq_XRauBAaV3qdBOvUiVKqIp5Nujb3ZWifFCuR8i9JIjiOyYM30rthQlSXxm5KimTPQqF9WsJLoYhrTWBCqyQpS992BOLoQCtMkkQEEmcgIn64yl_nL5qhd_MTHeoHcm3y-nELAh6HWm2yLJl664MzxoAAFTrAsLVMki6UVHLw0WNSAvMHemHvg0epuFYNcQl_2aiH6W3ALLXqeFnAll4PcZCHjOpPy6WZPKrVjWh89Gnfe1HnviIgjN-mxtXT1ifoghK0ZKqSMOxRccaJol3eCRQXxOPdxfvnd5eLdS8kDh9lRh-e_RUV7OhCdnmO53U7VcguOLJSQkpRqhtF7PFuHUz3v7LScLI9OB8fmMbHMS9sUSTT1ryzu3OjYchye-J7ekD5BN-vFGSuDfd0-gkT3jQJBl2HMhtbGmLkZDtZhaGnrex0RWBLiYtgmoy6bk3utl0Kgq8lRPQtfBxiufbZBaFLk7RzHqH1nbTmaMytxixEu1s623RHlg21J_XBlZYIaTtS89CKJJEAK0lMPao8x5fn5k5isRmAeWxuDQqbJpLz2YrtwVJqLo7zXP8ohX3yB3BDfXKyZ1Hqk2POuvIz9OXmxpVCAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAWAB&bundleId=&ias_xappb=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

66.102.1.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f157.1e100.net

Software

cafe /

Resource Hash

5c62b517ffe1441829a1bd6ab8fa0e8738eb937ccdbd630808a381ee9a83a68d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25676
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DtzMldpy87XEPbzUA24Z8yRZv5YTqNhWUwioUz7b32auoPB6BcuBFjLKFJtde-dVslrvWxA6jV_ViBJr780us6GiQHn7XoP8883QrvA3a0XEMPrISgXsOk1VkA5cyRKJFvR1pa3_FP-6m0-uuQUH1MA6d7CX2LklkgEFctRytje9PNqv0S-RQAoCZ_4IS4swLXd3Ux4SkRcqkBtST-Xjy1F8J7bUApgq5ks4ONKwv8pLMPR2VaCqqjxXFZbatN2RVsAxC8Y9GsILnh88c94ti1eIxAlSavyhiXJekuNgGTDwBlPMAZbOwAKFALORptuy0jKXcA0t-dlgRMo1LUPRGJs70n3uxIDDH0JiFcTiQPUslnyKaOPDsZSwxv-cE5Uw6nxqM8uU7AtJZyMAqyC2C6PtkH762eTr5CN9SbTuREXkWxl6W04VugfJeZ_Kh2bbels9KkDVgiEmw8Kz7CqWGcnoC-v-3WAkuqNMn7nQTKNj2jjXTavlLn6bEfNwnEXStxRIqHkUN9461Xab0smOwqpnNRT7ErwAlNRhjjNoF5jx3y320HyScFumiXX7wrhdaAfznsl2mA8DmzNlfkKwDpQ1L_d7A3q8N3o9jHbBxEvobQQK1k7qQVX3GCQY2Z0W0uRep5vITqeQW3X4g79pmZYZ1K5UhY8QgsKVDyFBUoyLTG_xrK4exwrL78Z2wNzyOw2upBjgFm8U-toq8D-uX3468hv9qNM98I14xaNVLIEkS5Z_8z98NW3xLYQo5B_ARAojnUnBoXQl_YtZCr2tCGD70owug49UH9pg_e4YsxyJuajPm_39WMb2H7tlVZ9y6-wmqrNqhcE19GRWC8RtBhCLy03UUzy1yOLV3NOf8K-I40Z_1VaAGQ70PuUVoefKIWQgtOlYMlkoAb3DTBJWd8lidXKrhLLABMGzqrNLKks2niNrR_wuh_0FbjGoNT3n_rwFt_15lx_gC_4TvdvDpru9iVUf11_9M4xPbIKbEqxb5PrMdmdQS9e8FEYHVobNLFOIfXzcoCu8K_gTJiXUeMK_jbiSZGQs8MyNeQeePFguBPryPVUXebZSmZZcF7JSzvkWdpHOiJ6b5IqDwpdBU9NtKaXZWtHjK7Os4rU3oa9UGIDFUGCj1IbpxT_e9uSXlgXF4Fr_FT56GSdmho10byjZiPgIZAPyL97OflF0fp5edvG0mkoArVSsyyPo8tGlTpwiFWM7zSEkboVTbvTz9d5tIwMlPQ3jjg8IfMzKqXOEeumlKQNezmjawD4FLptZidvRA34DOAfIZLrkcb8IskCG1MnxXcjKFdZ1P2PaYIf4FiPuB1hc1z2v8GA_WvaYwyJmyNJ7wOXab2T4Nk1QsBSgsiy1erbrb-0YvFl8wv4Ba9uZmB1-PCWB9kr-2nNqEU8BiLkjr9pHGerVdFfV3_T-yMIgNk8Vwx6sEj_yEVHsxA210Q8uksB2Gr1PPot4NLB2UqcWDVScU08-6nL5hnjlki8xoN5Q_kQzfI0w9HYSmmg9Iwk4w4-5UFtVQGTqwOPbzwMs4QZ7i3gfydRqRRLwd51tyLRc0nkATiDQFZHOJDN3xIRkIGFs5u3zJtCGjTTJyZ1fAKpn59j34tptj5DOdPmFZfRFKeqY7QDRm7AS9dsoe6do0c2Odr34ZeK1JgAxgTPagVfixq0F0iJZJLvlK_FgfjkYozu4jILjGo1v7CaGoTdPOgDyIJFWY7HW5Mn80gqeM8aJNSuuwUh5RyeaQ_f_J6EM1z9WV6U_gjvZw6tm4HKKgmW3s-OiLHUTg5p0LD_AcgOuL6itqPwzCJjwdVDhCKf6WDZ9MxVNeYQJh1mjO3h8K021qHJRD3rc0_dTcG8hvPjjjCFhtmv5c-ojVKGmlB2Fyv7tE-pEb6aKqIcOw2ppV67VW4wHPl4CBvG9xBluXUzBw2iVmkNX5mf1D6hs1v6LF2HdaVEzhfQuTgYeg6DwAD5R_uxcyYpYZfkHbbKaRdbtwKX5ZS0vy_x8CFD7iclaHLwTtgHp2vSvaJkBiFEpkej5E0VlJlg7u_8x48UVMeV0JY6-0PfFg_dNTzQhHkbDn7viKL2IdY7nW-5DOkRpPvf-Ka0lKMVnNzS_9-3x8bnAFLcEiTHUjWZC30AvXEzojbZwi1djCdG0FUUeUyWqMf5Dt-ffIcpbUR5SFXy_EKTfRtJvAqYrXK_5-anAHf6rMGksNrYNL5WJfav7ZBPW-8RmC-driP6HdnP834fTydmC89C4ZR5VEl5tvW2L-X7FtLMGASiVJsTnAMwJNOMHRmz33x7Ex7CGvlq8kfxRXwcEio_sUU4adyPsMs-3uuZjGQNSMPeDSDoX5nJ6U92NiEV5W-S8yua62ddlo4QAS2mGcqo0tJYeOQq2TJ3jYU7Drp4D6DKP5CTX9KM8T0UfpvCCbKfxKVZa4shkS_HRT3sZC1jSM_sbLLXhN95QZhoH7HvHv9gLsz5GVQHd6R4NLOqIBKcicT206AgzDqnnNv_wVjd9yjmzPmC05aNa9aqYPPCOrtjwFlkomqqsegs-zdLxBjCssP9rN3RLQshjuZ9DvQzZdjQf6HJmftGz7sRNXOeAyaUm1JP-iqZBr3aIOu6rwETW1Ck5dwcE8HXr3sgzX6W50kZN_pf0zTYOUBxtN-5QZyTlGVyj8O_fIVyMa-AF19tOaMqX3LSxj0U0QZ8LHW1tc9TBydowsjq04_tc3XGG72HYRAjl-ps5lYvu9alDcaxxvpgiaTWuTCF99QbXuO-Fsdp01sl_pbXMUUZV2UAAjIPKFSsoO-LVLzW0K9Z841Zolh538oNxFsdLXH1HUmHuJpcHlGsp1OrbA9zMAGU4TgyS3gV3qo6e0T6vkLhsMmZYq-YY-Y8wEcExDHtbyomYOzw9hXfvirrOBQZfPZrjWKdojEbK2yCaDocb0H36uxwaw7PJz4yeBidSSkC2GNQIJkUtg4CoYMiiMDH458Ryn9jO9UuWhic0jbSdgAg83Wnf4MKIdE0TL5h3O_m65PYYfTysxatFKrzjrgQL5mjxKYKnU1SyrYDDfp8E2pTfPHXoh_oDPR0iqx3aNvBAtlGKp9GH5-iWj_abwFE8kNcjoUs6sgAjE-K5Ooz2w_mzsiUWVyDJTH4QqaevyhaXQW9b6Xq_XRauBAaV3qdBOvUiVKqIp5Nujb3ZWifFCuR8i9JIjiOyYM30rthQlSXxm5KimTPQqF9WsJLoYhrTWBCqyQpS992BOLoQCtMkkQEEmcgIn64yl_nL5qhd_MTHeoHcm3y-nELAh6HWm2yLJl664MzxoAAFTrAsLVMki6UVHLw0WNSAvMHemHvg0epuFYNcQl_2aiH6W3ALLXqeFnAll4PcZCHjOpPy6WZPKrVjWh89Gnfe1HnviIgjN-mxtXT1ifoghK0ZKqSMOxRccaJol3eCRQXxOPdxfvnd5eLdS8kDh9lRh-e_RUV7OhCdnmO53U7VcguOLJSQkpRqhtF7PFuHUz3v7LScLI9OB8fmMbHMS9sUSTT1ryzu3OjYchye-J7ekD5BN-vFGSuDfd0-gkT3jQJBl2HMhtbGmLkZDtZhaGnrex0RWBLiYtgmoy6bk3utl0Kgq8lRPQtfBxiufbZBaFLk7RzHqH1nbTmaMytxixEu1s623RHlg21J_XBlZYIaTtS89CKJJEAK0lMPao8x5fn5k5isRmAeWxuDQqbJpLz2YrtwVJqLo7zXP8ohX3yB3BDfXKyZ1Hqk2POuvIz9OXmxpVCAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAWAB&bundleId=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame A74B 91 KB
23 KB 22ms
22ms Script
application/javascript 2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5920058
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: RxB-rP9Zu4dvARhangWBaqpHxmZzP3QoyLK1BlBTPyyqmiu73hjyTQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B222 43 B
215 B 199ms
199ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b059bab8-94db-e99e-3f97-3aa1f35d68e0&tv=%7Bc:vgJBHY,pingTime:-3,time:68,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkY9M+11%7C121%7C1221%7C131%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181*.1627455-73523873%7C1811%7C1911%7C1a1%7C1b%7C1c1%7C1d%7C1e,idMap:181*,rmeas:1,rend:0,renddet:IMG.us,siq:15%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B222 43 B
215 B 198ms
198ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b059bab8-94db-e99e-3f97-3aa1f35d68e0&tv=%7Bc:vgJBHZ,pingTime:-6,time:69,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkY9M+11%7C121%7C1221%7C131%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181*.1627455-73523873%7C1811%7C1911%7C1a1%7C1b%7C1c1%7C1d%7C1e,idMap:181*,rmeas:1,rend:0,renddet:IMG.us,siq:15%7D&tpiLookup=ao:www.gaflaquiz.xyz*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DBBD 43 B
215 B 188ms
188ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=62812222-5cbf-a13c-ad81-c9484364997d&tv=%7Bc:vgJBIb,pingTime:-3,time:45,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:11%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:45,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkY9M+11%7C121%7C1221%7C131%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1911%7C1a*.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us,siq:11%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: dt25.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8C25 46 KB
13 KB 20ms
20ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7ac6c155aa063758c1222c3990d67266f05ada2514d4fe7485797a7d994706ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 12:36:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 06:50:38 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=65645
Connection: keep-alive
Content-Length: 13230
Expires: Wed, 29 Nov 2023 06:50:53 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DBBD 43 B
215 B 183ms
183ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=62812222-5cbf-a13c-ad81-c9484364997d&tv=%7Bc:vgJBIf,pingTime:-6,time:49,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:49,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkY9M+11%7C121%7C1221%7C131%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1911%7C1a*.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us,siq:11%7D&tpiLookup=ao:www.gaflaquiz.xyz*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7D21
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=gaflaquiz.xyz&sn=ChromeSyncframe&so=0&topUrl=www.gaflaquiz.xyz&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=AiSrrXxxdE1wQXcrL1FiMXF4dmtybWNJS3FKSERJbng4MjdUYmovd0JzQ0Nxb0t2dnRCNVhzZTJsajZNZnRJS05IU0RvNWFYWUpzcCt4bmQzU09Wbm56RnFtNDc3amt2ajM0RisvNngwa2JYeGF5Rnp0L3pZSVpNaHVqWE...

435 B
654 B

44ms
38ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AiSrrXxxdE1wQXcrL1FiMXF4dmtybWNJS3FKSERJbng4MjdUYmovd0JzQ0Nxb0t2dnRCNVhzZTJsajZNZnRJS05IU0RvNWFYWUpzcCt4bmQzU09Wbm56RnFtNDc3amt2ajM0RisvNngwa2JYeGF5Rnp0L3pZSVpNaHVqWE1sOWNuMjlqYnRodWJBaDNhYXJaYzIxdVRXMWtwd2hTNzBBbEdFSE5Sd0gxS2krdnVyTVVXdkE2SWV5VWZ5TGV5STRqZ3VGV0txTzVZT2JEdzl4ZjN6U2tkQUZTcWRzSStmdW1vK2k1bUUxZG13bjNsUmdFaHdoQjFSQ1p1VytIVHhJaXFYYU0rbTI5TjdsM0Fwd1dNRXR4NTdydHdpZz09fA&cppv=2

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

982dc96e90397a3544efc19af229d80621104098c016124a48415fdde5923da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1004712
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=AiSrrXxxdE1wQXcrL1FiMXF4dmtybWNJS3FKSERJbng4MjdUYmovd0JzQ0Nxb0t2dnRCNVhzZTJsajZNZnRJS05IU0RvNWFYWUpzcCt4bmQzU09Wbm56RnFtNDc3amt2ajM0RisvNngwa2JYeGF5Rnp0L3pZSVpNaHVqWE1sOWNuMjlqYnRodWJBaDNhYXJaYzIxdVRXMWtwd2hTNzBBbEdFSE5Sd0gxS2krdnVyTVVXdkE2SWV5VWZ5TGV5STRqZ3VGV0txTzVZT2JEdzl4ZjN6U2tkQUZTcWRzSStmdW1vK2k1bUUxZG13bjNsUmdFaHdoQjFSQ1p1VytIVHhJaXFYYU0rbTI5TjdsM0Fwd1dNRXR4NTdydHdpZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 329619
content-length: 0
expires: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1885 38 KB
13 KB 25ms
22ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 245917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17864851622750576224/ Frame 1AE1 6 KB
2 KB 20ms
20ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca212a6d45038b16f7e2ee85414d0f67362985095eac9dc26a34e96d1ea529b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 95766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1847
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 10:00:42 GMT
expires: Tue, 26 Nov 2024 10:00:42 GMT
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B222 0
0 137ms
68ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEAolxyroOmsNweiJNVIf5jbx9VKvtOGJl14DGH1pDeWJsqQk-QZ-VkOt0X-9t5S2SfarEL1k4tXn1E-JQrqOPG7O5u8kfjlrhOIfjrd-gcXllhfcKhwtwDPAZ6WVFstM66xqzJIMjv8k5AcYxt09DUD6tAq9nx6KgZOyljjdqG5ocRNjHbrRkjohYNmIMu9ED3ibJtx5OhFeKojaB6JHEz2COR01tpRVlgMqOEG6R2CKriOQs-_pZy7wg7HX1RAl_H_P3lwxdlJF-GDm52Wy6MRKkCSpAf0Xve3nBJXFvTT4aJDtS3NZ--xMoKELjhs49oNHNiRxKrhALDc7EibLT_UfgP4732yDD2lIqlDSTHB0GZ6m5jXkdQw4NmuV3Q_ttqUpUPBfCF4YrjxQD_tDH11v1JYiMuuZoT2X1T-249M4yAkF1P2eq4bxACsxnuchYJAhfVGSg_weX0XR6kXscmiYxxAZdIgGYgCQrcs6qYLL8UaqAKaljdXd0a3K45KQCM5NiLYjUwKYv6uuYXd6sCtxesTOoC2GI1EakgMBkzyzIpF0jPCC1MsHqqW_ZvgtICDJp3kEYyK6tKJk7AnEnZSv8n2URSjo2GRq_Vux1vTUyJ_cFlTniXzBiGzSNavXxoRM-2npqvBoYKj1CvUMpNXmkv-eHrrSFQSlfy2Wf9Uq6WMQwtWg1k4VWIQZoQXI8tSideuZiZ-qrzkraMmNcB1GojYaDqLJaBhJl5wcEJEjHnP_F3c-FAbB2IEDyYAVA0GnjV7FNVZ4JFjOTPUEB3PCdHio_Y-9S193cGdo7cnUMsWgKCYHQnu0n0Huz8sKb50GvL4nKpt5sGU3EevUE6mAk3YWvqjGcw400Hksif3KUro0gS018977ujC2wLOyZskDd40Q6pDNqwt_eHbK1noNXHFmVncpfnDukE7g40Xea6mWCOSY9-hGQbzNtwm7fYrTjCe2DeKirizb3A4SD7Fgl56pGBSAbaesZ_c5zhb2VT12gKdVPWxW65VLx9PJEH_G6pjuMFTxqECZ09Wf1hS8GHwxEQ48bgsEIokrTZzRiRfTVpJj-jgkrOejcGpwLnx-PnIqkh_L8uddLxBfCOPz6CqO7bKkag6AbItYuh_m0qA0FWosV0gg4MNAJTTwq4jpsI8Q2UDZprmpMtfvv_5Wu01w060AlvfCmBbdMAXVmEYDBtqjpJZF8hthEtd5jAeOS4cHmZoUPF3_zla_ifVRVfFxlNPVFu7tuSYsuKh_JldDpVQvX7kbwh2-Ep0kHXQRHCMcU3NsrZuFa3wpzWy-8&sai=AMfl-YSaSOeECOB0873BJmsgxKETyBLNKmy-M5VuxlE9DTvTiIGAxRDccszFClom-gYQEHWcLfFPzQKlZc0P60QWARGQo633pTAF2RLaiPhttw5Fcy-FdIrWfWx7n6SVkTzJwuW-fyN3w3VrzruTI13RMWcXC5f3Q2QifX1j3rcvtyYoFXdMe9kcuH2ZFx2jz-z5g0AQcqATgI_xLhbaoY4px-BxQWQCCCW2tHqSOqErqlJrehsFw2AtbqoO_V-5U4q3Uro_OeF5M8kCGQPFc7yy5JSobHqqTc9eeRwjYPUW6w&sig=Cg0ArKJSzGeA-SLwoUdPEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=250&cbvp=1&cstd=249&cisv=r20231109.60358&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame EC18
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1627455/73523873/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20496570232&bidurl=https://www.gaflaquiz.xy...
https://static.adsafeprotected.com/4.js?xsId=ABAjH0i5lF3hSAHl6oTepNMf9plw&ias_xappb=&adContainerId=brand_safety_4N5lZb7xIK_H1PIP65eBqA8&cbFunctionName=goog_wrapCb_4N5lZb7xIK_H1PIP65eBqA8&true_pb=

1 KB
1 KB

19ms
19ms

Script
application/javascript

2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?xsId=ABAjH0i5lF3hSAHl6oTepNMf9plw&ias_xappb=&adContainerId=brand_safety_4N5lZb7xIK_H1PIP65eBqA8&cbFunctionName=goog_wrapCb_4N5lZb7xIK_H1PIP65eBqA8&true_pb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:25:12 GMT
x-amz-version-id: c7hCKBSAcCMflhCpaP6Ul5S2_C_IzKH4
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 529898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Nov 2023 09:25:10 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 1p_iiPK4_vVUjOCNAJZ5U90ro-gnm-Iq07dbDdCkVvyfYGAMVf2aDg==

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:48 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?xsId=ABAjH0i5lF3hSAHl6oTepNMf9plw&ias_xappb=&adContainerId=brand_safety_4N5lZb7xIK_H1PIP65eBqA8&cbFunctionName=goog_wrapCb_4N5lZb7xIK_H1PIP65eBqA8&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame CD7F 91 KB
23 KB 23ms
22ms Script
application/javascript 2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5920058
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: kL-InokN2SnD9NavS5FaprkvpSnTvLH2CRimk0nikI6NL700ILfRLw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B222 43 B
215 B 180ms
179ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b059bab8-94db-e99e-3f97-3aa1f35d68e0&tv=%7Bc:vgJBJ0,pingTime:-2,time:132,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:547,beZ:547,mfA:549,cmA:550,inA:550,inZ:552,prA:552,prZ:557,si:561,poA:562,poZ:575,cmZ:575,mfZ:575,loA:615,loZ:617,ltA:678,ltZ:678%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B128~0%5D,as:%5B128~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181*.1627455-73523873%7C1811%7C1911%7C1a.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e,idMap:181*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:15,sinceFw:116,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 7883 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7883 71 KB
71 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dfe1f9ce8410e9cd1eb921153319aa98dd53d12a6e4fb0efca81ab345bda814

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BE29 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 245917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17864851622750576224/ Frame 1363 6 KB
2 KB 20ms
19ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca212a6d45038b16f7e2ee85414d0f67362985095eac9dc26a34e96d1ea529b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 95766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1847
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 10:00:42 GMT
expires: Tue, 26 Nov 2024 10:00:42 GMT
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC18 0
0 80ms
68ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrDp4MwVSyhWtblakdMVgaLAJpIDFHWg7M0lpgteZnfzqdopdfFYWXAJcxXSd9p6uMXW00lpRUfMzg-9smz0KXR3Q1yjwOHN4rEaQ4ivxH3QEQtZhbumv3WaUO7UjvKYQewzohLRwcULa-H4cNebRVRNzBCxYM8qDg_8shBoqAfUR0EmI9P4sChdVrqHBrB5XdhjCHpy2O5kMVHXVaMyWuRnPYmd0wjjdtaaOcp9x6zU984Z-OxRCnAgSOUePPhnH_Mn-o7BxTWneYT5kqxY7FHxLvstEQbh9R5NwJ8tyKga0D6qilccgIZFnFTQ_nrYpNUORrer3xGjh_1bSkes8K7gTsNoG_uGDheL8hAaygzx5Qa7ACdJhsVXUdaRYXVoIRmu_7GV0_-3eAWsaljhFrYukAWC1HCsMuCkWn7WNeB5BM0ZOmu-B14BEtmheKXZB2Kb4KxfufaYoKQtoymVfmqQdjRIZVNZZW0rkJYA_oJ6D-fH0FqOllY_bA65NWhFWxzX1ZZxvSgEP_aqYO8V-mC4rnb-XRlmzyTp83A34QbCQKBj6kpsNfq_hK-OcX1S5lAZi167FLwlh9mi2sUxPQZ73XFKqb4VsB1E-d-RjXcNU7ifO4Oss9NDbvR2peRfcNXr9KxrHHEXyZPmscnT-ibKZv9oY0bwMffnCmaaL-W_OOUv_cin9QpW58JC01QQ_3cj25PYZcA-2MJFZru8ECFR4iDO9kZtmpOaDSpqXDtave3SIMZx_Htsi6PilK31Q0KXan-8PN3yUATe-wkTbXqp_alysXX4ckC-GDQHFaf55pm1Dduppbz1zzYissMa-b-eGUTtRFeg3LMfu6cmOMirbq_1PtbBSoMTzzZa27LT4bbo2fkbJX-yoyaQ5HzLiBy8fN56l6CPyB058-PhxWSwme4nMr2VJhYn5AgHKXsHQk-PdAfeo4JzFIgLRaOpB-wXZD7SC3QLFoq6jFS_Xt7hiEKyfZxHRSMENDJdJHd6Ify_XVm1CiphRfuiO8VxXrrVnCHeuCzPyHEYsK2afIGN5x0oIcE0i06yL36Qmn8VQEwEd-FLku3_hUsz0iPYKPO7kHx2kw_qkXxIdYeXckbYt5zXCbaR549A8loIv5U5UuCGHXwhG1UffAyK2auhjdWTpuO4ScZMgoermKSC_7EFQNKYzlpGjv6aZmb4wfQpE8wNV6Ruq2L_C18yoZIjFGeIPAOxgWtpUKajWqYzRFVxXT6NQU0LduqfnCUwF6Lx8QJt70WdZkv1HRpC2IE7u4gGsX_o0VyMF_bhZ5aQ6XKx8V&sai=AMfl-YQX-ReMACxt0CHByaVBRyRVJce4YY5zow7EHRAuOy6ahJrCDZCjg6MlJ4WdtIhftaRQbByZz4vXb9TbXa31v7HTtVJ6B_1yhZloPPB_MVWY6GNpZa_83nKwJz5GP22n7a_juMNIIgqLu2K_tSTll-y0wUiS0kVDVdfDTwO1T5g-IrmAl7QlG64RB3dWM6Y1ZE1j00nW5jFkF8tjHq4Tvc0Fq0y7T9W4uY68Nn8OWIv1tJgzJCYxby5J81nwHxMTmx-i8u6lwze9AZYWz2N4LuE-JxlJtU6yCyNfO5j2kA&sig=Cg0ArKJSzD-KZIsjsnhfEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=250&cbvp=1&cstd=249&cisv=r20231109.23266&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8J9SC9WB3T

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

afe86dc7b6b877e78e6a28769d2a463343d220cf1922c3a733a8bedd976895f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 12:36:49 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 107ms
107ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:49 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

GET
H3 200 vdo.player_2209.8.0.js Show response
a.vdo.ai/core/assets/ 722 KB
208 KB 540ms
540ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player_2209.8.0.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45efde479722891703327df01410cd0cef2f03c3c7abdbd501e2e4887a5fd052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 26 Oct 2023 11:17:17 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HlnApuvXHrn8%2FJOn0rrQjXYJmHmi1TOLlV3e%2F9%2F3CKm88Un6mPKe0Cdds%2FnoXEOopowsDiINrUZKoljCf3o29%2F4CkkTg4UManDLD9TcnMyx1yXfXX6Q%2FCn0ZaXsVDc5bG3%2BCDmSQA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 82d2a89f4baaaf61-NRT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 rtb_v7.45.0.js Show response
a.vdo.ai/core/assets/ 523 KB
158 KB 281ms
281ms Script
application/javascript 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/rtb_v7.45.0.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c40f6594140fa5808113398ff89301fa113bdfed185aece5957b4bd738620968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Nov 2023 05:03:21 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wo%2Bbme1vHaWHf8KZtaw1W8K7a%2Fj33AJvHZjABiyx%2FfUhRsAGX2KGch%2B21QpQMJRrZPLYsBRuj7oSPQ%2B2bg378Pu9Lvz2rMmCVhr2DyDcjN%2BuF7uQYOFCWZaghrDuKCF8VC2lsPVpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 82d2a89f4babaf61-NRT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DBBD 43 B
215 B 178ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=62812222-5cbf-a13c-ad81-c9484364997d&tv=%7Bc:vgJBKD,pingTime:-2,time:197,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:629,beZ:629,mfA:631,cmA:632,inA:632,inZ:634,prA:634,prZ:637,si:640,poA:641,poZ:653,cmZ:653,mfZ:653,loA:678,loZ:679,ltA:825,ltZ:825%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:11%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:197,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B193~0%5D,as:%5B193~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1911%7C1a*.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:11,sinceFw:184,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 296A
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=97448700089785004444550012522008&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97448700089785004444550012522008&actionid=879111&produktid=ratenkredit&dt_url=

0
606 B

121ms
52ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97448700089785004444550012522008&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5fc4a1bda9&subid=&uid=b28443de6e5a6079&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6nBf395lZazHH8Cg998Ph5K-4AWm5b2gaYWVnKfJD_AuEAEgzf-HfGCVuqaCsAfIAQmpAgO3WWv6X7I-qAMByAObBKoE7AFP0ExO4ep_ejo3CNgmlxlt0jPFrozQw_9d8x3Jl7MmoIZneqS8_MpEu-bo4KgvmVidlbfabaf2jo6p77_sPD5xUOtAUpzrhvpsiB1djOGMgNy_Cz6H9gDaEb9njOUmdgMLMm2K41w6b822ORyT2_YJb84IWfnqxcktMQHljPgTcDTre8xF9L5LT3v9K9l3igydIr2n2wz5qyG54LNp1YaUs5nBBWPdXLL5l1L3jDo9utnT4Rbv3X7Dib-0t9A37rtaqdj1lVzniCRtJvvOx369EHJ4QJX1gpN1mWU4uiNmeZlEeb5eVH6awcF9KcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNStIA2lharQ3kwaZfXmKkpk4Y7YeMIp5Y0-M5fPvfWIALHEMY3rtWktJTRaE7M4Ie9KST_TrZRbx3Y5KS2kg9QiduTG0VObnnORgB%26sig%3DAOD64_24fUfVLbd7fF5gD1oHtqAYs_MNpA%26client%3Dca-pub-2462751652998210%26dbm_c%3DAKAmf-BxAiQs7zW-uW0agVvsgVJElD2gM07K3SLHODsjko4wycpOJoOSzAPiPaeh8u6JwgU4mgpl9gb4ibvrynHgCuwpPrYwo_vrcgvmsuzvR3kT0aDNkEzzc-LFe2wCsCUllEt1aVoikxIpvnx2if-Pd9Q4H2R4duHWdsWVvHYtb7_1qWxourY%26cry%3D1%26dbm_d%3DAKAmf-DGsPUCpKGZqG5b-GlsVXi4nudm4ibIJKXcg3KCptgQ5hcPHb12BlK-De3kqloylHqxIP3-8RtUECZk2V1rX05hVaCedo1xu0U3ex-DboypxtqTo4xYZD4BVRc6uULMfyFYf7fepDIZhkyHyf0JY3qQmUaWPKCUukjnUV0xLiJH1J1GR05GtIVbXn1Tc1VRpMLWTQ7xEhK61GeXXXacDNXoTUCLkY8C9ORxAsxzfMPJlE-W4Z6RE8FIZxxxwewswjh50lHyrBMmvClguV9lAMaN2dNiZ4rZN_lIOyCRjWfBPqXpm04ZC3Hlfvu4CxSWHJaQxfe0EGGo32fpWFDYBWq9lmFvP8LcW95Oh44SO9_uJkMjDWNLHDO48zuf0LyPCyG4klUQFcBmQerfiE1Vx-D21fFBX5ZtvO4QDkeZzvEDCzkP-SgXC3mfz7uJlIB2k2w3Q03k2pI03IKOKqkAFoBPgQis_KBRs3ZUAYHItzJgMTI_HBfBy7jVwpNh2HA-8IBTaQJn9U6MVtEk2w94tiafLYqqiSJMzzdQlNmaSM-YtRXD_WU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ancestorOrigins=https%3A%2F%2Fwww.gaflaquiz.xyz&random=8772794025753&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 12:36:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 28 Nov 2023 01:36:49 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript
date: Tue, 28 Nov 2023 12:36:49 GMT
host: pv.medialead.de
keep-alive: timeout=20
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97448700089785004444550012522008&actionid=879111&produktid=ratenkredit&dt_url=
proxy-host: pv.medialead.de
server: nginx/1.17.5
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: D972DA16:8DDC_91EFC182:01BB_6565DEE1_88AF855:1A42A

GET
H2 200 / Show response
adv.office-partner.de/ Frame 150E 930 B
923 B 96ms
28ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=5fc4a1bda9&subid=&uid=b28443de6e5a6079&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6nBf395lZazHH8Cg998Ph5K-4AWm5b2gaYWVnKfJD_AuEAEgzf-HfGCVuqaCsAfIAQmpAgO3WWv6X7I-qAMByAObBKoE7AFP0ExO4ep_ejo3CNgmlxlt0jPFrozQw_9d8x3Jl7MmoIZneqS8_MpEu-bo4KgvmVidlbfabaf2jo6p77_sPD5xUOtAUpzrhvpsiB1djOGMgNy_Cz6H9gDaEb9njOUmdgMLMm2K41w6b822ORyT2_YJb84IWfnqxcktMQHljPgTcDTre8xF9L5LT3v9K9l3igydIr2n2wz5qyG54LNp1YaUs5nBBWPdXLL5l1L3jDo9utnT4Rbv3X7Dib-0t9A37rtaqdj1lVzniCRtJvvOx369EHJ4QJX1gpN1mWU4uiNmeZlEeb5eVH6awcF9KcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNStIA2lharQ3kwaZfXmKkpk4Y7YeMIp5Y0-M5fPvfWIALHEMY3rtWktJTRaE7M4Ie9KST_TrZRbx3Y5KS2kg9QiduTG0VObnnORgB%26sig%3DAOD64_24fUfVLbd7fF5gD1oHtqAYs_MNpA%26client%3Dca-pub-2462751652998210%26dbm_c%3DAKAmf-BxAiQs7zW-uW0agVvsgVJElD2gM07K3SLHODsjko4wycpOJoOSzAPiPaeh8u6JwgU4mgpl9gb4ibvrynHgCuwpPrYwo_vrcgvmsuzvR3kT0aDNkEzzc-LFe2wCsCUllEt1aVoikxIpvnx2if-Pd9Q4H2R4duHWdsWVvHYtb7_1qWxourY%26cry%3D1%26dbm_d%3DAKAmf-DGsPUCpKGZqG5b-GlsVXi4nudm4ibIJKXcg3KCptgQ5hcPHb12BlK-De3kqloylHqxIP3-8RtUECZk2V1rX05hVaCedo1xu0U3ex-DboypxtqTo4xYZD4BVRc6uULMfyFYf7fepDIZhkyHyf0JY3qQmUaWPKCUukjnUV0xLiJH1J1GR05GtIVbXn1Tc1VRpMLWTQ7xEhK61GeXXXacDNXoTUCLkY8C9ORxAsxzfMPJlE-W4Z6RE8FIZxxxwewswjh50lHyrBMmvClguV9lAMaN2dNiZ4rZN_lIOyCRjWfBPqXpm04ZC3Hlfvu4CxSWHJaQxfe0EGGo32fpWFDYBWq9lmFvP8LcW95Oh44SO9_uJkMjDWNLHDO48zuf0LyPCyG4klUQFcBmQerfiE1Vx-D21fFBX5ZtvO4QDkeZzvEDCzkP-SgXC3mfz7uJlIB2k2w3Q03k2pI03IKOKqkAFoBPgQis_KBRs3ZUAYHItzJgMTI_HBfBy7jVwpNh2HA-8IBTaQJn9U6MVtEk2w94tiafLYqqiSJMzzdQlNmaSM-YtRXD_WU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ancestorOrigins=https%3A%2F%2Fwww.gaflaquiz.xyz&random=8772794025753&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 28 Nov 2023 12:36:49 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 05 Dec 2023 12:36:49 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 2796
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=97448700089785004444550012522008&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97448700089785004444550012522008&actionid=879111&produktid=ratenkredit&dt_url=

0
90 B

56ms
56ms

Script
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97448700089785004444550012522008&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:48 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 28 Nov 2023 01:36:49 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 28 Nov 2023 12:36:49 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 40027
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: D972DA16:8DF4_91EFC182:01BB_6565DEE1_8805F59:1E87A
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=97448700089785004444550012522008&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 2796 43 B
666 B 216ms
141ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=97448700089785004444550012522008&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: D972DA16:8DE4_91EFC182:01BB_6565DEE1_88B5FBB:1A429
x-iplb-instance: 40028
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2796 43 B
703 B 155ms
98ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=97448700089785004444550012522008&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 12:36:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 206 file.mp4
r5---sn-4g5e6nsy.c.2mdn.net/videoplayback/id/851adfda52cce245/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804748512/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame DFF1 1 MB
1 MB 46ms
21ms Media
video/mp4 2a00:1450:4001:64::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:64::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

11d8979e574565926525a6b71ef868c163eb760c566324365a11b3e72c8c2b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 28 Nov 2023 12:36:49 GMT
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1513495/1513496
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1513496
last-modified: Fri, 12 Aug 2022 10:34:35 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 53ms
53ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lpibodj5&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1135760%252F76105514%253Fmon%253D76105515%2526omidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xsid%253D%255BTIMESTAMP%255D%2526ias_dspID%253D3%2526ias_campId%253D1008772806%2526ias_pubId%253Dpub-2462751652998210%2526ias_chanId%253D1%2526ias_placementId%253D20509697656%2526bidurl%253Dhttps%253A%252F%252Fwww.gaflaquiz.xyz%252F%2526ias_dealId%253D%2526xsId%253DABAjH0jWo6TJ9ML8Xjw4XnJ6vbwc%2526ias_xappb%253D%2526adsafe_par%2526ias_impId%253Dv4~~ABAjH0jWo6TJ9ML8Xjw4XnJ6vbwc%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN7442.1972103DOUBLECLICKBIDMANAG%252FB30857687.379597277%25253Bsz%25253D0x0%25253BAUCTIONID%25253DABAjH0jWo6TJ9ML8Xjw4XnJ6vbwc%25253BEXCHANGEID%25253D1%25253BSELLERID%25253D916475631320%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Fwww.gaflaquiz.xyz%252F%25253Bnel%25253D0%25253Fves%25253DdGltZXN0YW1wOiAxNzAxMTc1MDA4MjQ5CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdWd6aHdrVFRMb2hJQV8yUUNQUWNPLTk0SVdGazZXc0lmYlJjSUVEZ0Q4UlhPOXhPOTJtWWVnQjVGSUNpTUNnZmxEaXQ1WmRBd2VQVVh4ZXppaU5oY0lqemgzNXFYTEppdTQ2Qm9jcy1lNVJ5SkY5cVNVZU4wNGw4dUZ0OTJzdEgtR2tSbFhta3lqU0dRSjktQy1MdTFDLWs0NHJIaVZMaDBXWnVRR0IySmdycmUzMWgwRGxwZ2dwcW8xNFlGVlRxWGJEdExJMzhkTVphNl80T3ExMDlmdF9VWlFvMW40eVgzNFpQRl8wa3FXUTEzQ2RGTHVKaG15RlhaNnlJa1Z6ZGVDZ1JybzRjZWV5bHRhVWFkd2NJWDhESUxjbS1BY0VZWWxpTzZFLXFqd0E4TnVYdW1XTWVscXhuUkhvWUY3d20yTG4wUUcwOFNjQmVHbERCR1NDM3oxTmVGZWdDQ0xNMXBPM2NKeGRfTEk1QjhlbkNSeEFvYkdxU3l0dDJLR1VBVDlpVjJxOWVBVUtxdlo0dWN4Vkl3emlPNUZVWUxyWWFDbi1DQW1VbUd0LW1WWENTZkhTRkxEajUwclpCa3gwOHdNLVRQdktZTG9KX1hwbzNYU040dHNad0EyRFJNcEx4R1pqUzZBeUtiUlVYU2xVRUg4Y2Z4Vmx1dmVYcU92U2YxbE5tR1dIVDhDb3B3YVZqVkR5ajRaZ1pzdFE2WTFFWG9CcEZaZ0gzVVZWbGRLWVNwSUdtbHlLdEl5aHBjUDJaSDdxREFEYUtHbm9rMTlzejlGaVFHeHRRYjNWOE5yYTVuNmJTQml1M1Y5R3otcWhmZXJmWUZWVHM3WVFGRjROdXJDTUg3WWF0OWJCTGdFSDdXMUNkMk5NMGhVcnhWS1A5MDBOYTlvdHdtczVTMUZfbjQzcTJpejh0VTVsNFJ5cThURFd3V1c5bTI3QUpRTXN3VXVTVXhtTzZiay1rM1NkSW9XZ0paUEZlTnpVM2pfS3pnWklhZVpGbFlhY0N3VmlsTV9rNWFuUHRvOW9JRkJXVlNxVjVYamhXZVlGbVAtZmNhR0J2cENKSjRfV05ETzBWWFcwdTZBaW1hV2VJWmxmUDhyS2hQRHJSVld2RF9rTjg1TVpWT2FaZVhPZGNfbzFfby1CR3JweEYtTENBY1dqbjJTMXNGT0JvQTEwc2RFVjBrQ3gya3VCZEZWMTBuUjY0bTRDNXo4TUE2a2lUX1QzdFdLQ1pfNDVPVXNaMmtMN2IycXdfR3ptRi1DZnVoaER1TXFXaGtTdEc0SFhrM1R6bVZBY3dibTdCXzRRQzhTcnZzOEkycE1WQ3R5OS1NUHJCR1EzZFRxM19hSlRvc3V0ZmxqUWNybGZxTUl0VzlMd19Vai1lcHBwekVleWJMWlNUVWxwRTN0alZJY1hyVkRwTGUwLUNyZktyQnI2MXZyMXBTajlWN0p6aHhZbW9FSUFJYVFSUG14eVRGMW5BWHpzWEg2MElldjNobzM0TjlvTXFZZ3ppa0tNUlZ4TFJ0aFZpQXI3bWRnQ1hLcHMzM21LWEtpWnlfc2Q5ajdGLTRRQ2lGaTFWYlNkbkNmSlFjdThYYUxBWkZHa2NmdjRFMDFZMWlORUFrd1Q2My1GbUJXZGpGY1A4SjY4UHJTcmJHZUR1aGFZZGFUSTd0MkV5UDN0REJZR1ZTclFoU0dZNUxHc2lwLThqQjNYcGlkVzZUWkJaQjE4Tm56MEhHcUpvN3piV0JYQXFDTjZSbnZkVnQ5Nmp2Y0xxSnQzek1nZW5fUThRamdPb05OX0FQa2lRS3dLVEkmc2FpPUFNZmwtWVNFS0VsUFBGLVhobzRMVXpOTGU5eGNPc09kUDNLX1NkeTZsbWF6Nnk4T0hpb3hITTdtaGZBc2UwQVFkajRmc2lIYWxBWTlRY3RZVHFzdzdDX0s5Q25FTi1la3c4YUx5MTk1Q0xSWC1JU1dDQ210a0Etemo5V2xhbzFhRnlXb1lJbHhFN3FqTGxkZEVHWkJ5S2hSWVJMT2xVeHBZM0ltSEloOE5lLUpFbmxseUptM1B4V2RtbVFhbjJoNzVYbTVzR09FRXc1U29rRGhtejhVTEJ5SDZJY1RNMlgxUVhRb252SXVDTjl1RlYxQVYtMWVZZ0UwNFRYSDA2VXVhWmhQVWxZVURHNFBMWGswZHVrWUpfb0xTZHN5NHZHT2VjTGhEUHNUSWcyV3ZSb0N0VkJmZTl2T1FhMnd4VGF3OFJuT2VjRjg5b3hOWHVwZlN5cTImc2lnPUNnMEFyS0pTekdDOUxKRlVrYkJhRUFFJmNyeT0xJmZic19hZWlkPSU1Qmd3X2Zic2FlaWQlNUQmdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cuY2lzY28uY29tL2MvZGVfZGUvcHJvZHVjdHMvc2VjdXJpdHkvZmlyZXdhbGxzL2dldC1zdGFydGVkLmh0bWwlM0ZDQ0lEJTNEY2MwMDMwNTMlMjZPSUQlM0R0cmxzYzAyNzA1NCUyNkRUSUQlM0RwZGlwcmcwMDAwMDElMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg%252526dc_cid%25253D203224912%252526dc_adid%25253D570667618&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC18 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1fb5320b-a63e-68e8-6d29-0dbe147062a4&tv=%7Bc:vgJBKV,pingTime:-3,time:155,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:155,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B151~0%5D,as:%5B151~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkYbk+11%7C121%7C1221%7C131%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C1811%7C1812%7C1813%7C1814%7C191*.1627455-73523873%7C1911%7C1a1%7C1a2%7C1b%7C1c1%7C1d%7C1e,idMap:191*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC18 43 B
215 B 184ms
184ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1fb5320b-a63e-68e8-6d29-0dbe147062a4&tv=%7Bc:vgJBKW,pingTime:-6,time:156,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:156,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B152~0%5D,as:%5B152~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkYbk+11%7C121%7C1221%7C131%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C1811%7C1812%7C1813%7C1814%7C191*.1627455-73523873%7C1911%7C1a1%7C1a2%7C1b%7C1c1%7C1d%7C1e,idMap:191*,rmeas:1,rend:0,renddet:IMG.us,siq:20%7D&tpiLookup=ao:www.gaflaquiz.xyz*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 style.css
s0.2mdn.net/sadbundle/17864851622750576224/css/ Frame 1AE1 5 KB
2 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d74871f1d66e7c0230449ab708d05f088e33d578275cfbc2e0d95529b689cfcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 1AE1 70 KB
25 KB 77ms
33ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1654957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLV8j749X4L5KhvSjnyPQKQQT5p6wTL3N4pZ%2FXPRZu5bgeAHiSVZ2T9ZmZ2rrOnuwYiRYaNcSNI6MtI6xdohm78t7JmkCLd1Oa4Zse4CNjQUDSQrwgVG%2FY%2FxVte3lgAbp%2BIWmpwdRsSblSlgkHiCuNAp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82d2a89efdf19b8f-FRA
expires: Sun, 17 Nov 2024 12:36:49 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 1AE1 7 KB
4 KB 71ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqSIY9GPw2%2BMB8v9uLlG8%2BrGMTU5eKonSiAjABxiw13lxlObDB3WF6obaqflkrrDmIW3ErF%2BpyllAxvywDyZ6OGpQ44IM4aNGfoVDgByyHnYZ363lgfmKUvDdgmdecE16SJr8njjU1Q8SPZetSPlQCkd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82d2a89efded9b8f-FRA
expires: Sun, 17 Nov 2024 12:36:49 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1AE1 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1AE1 2 KB
800 B 21ms
21ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 10:00:42 GMT

GET
H3 200 dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1AE1 13 KB
4 KB 21ms
21ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dyson-v15s-submarine-stack.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12ff2ec39651e02b34ee26ae91b66614f3b981e5b8db58feb16115c2b6b201f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3980
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 10:00:42 GMT

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1AE1 31 KB
31 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dee119ee49ab8771cf531190b1b186a092c709f799baf9ab566a3ca9778ea0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:00:42 GMT
x-content-type-options: nosniff
age: 95767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31326
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 10:00:42 GMT

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1AE1 21 KB
21 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d66ba6bc03128cc3ce96e393fc2b3f7c8bd2e73af8258ae6d6a5e6f2efb9848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:00:42 GMT
x-content-type-options: nosniff
age: 95767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21613
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 10:00:42 GMT

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1AE1 25 KB
25 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de63bf5ecaf8695bae42a604e9808a63c55b0d62bdb3b4462c1530950772fc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25605
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1AE1 30 KB
30 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

263403e6cea55abd488e73b1a3ed6fac18d6b3136572570953b3392504715123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30924
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1AE1 192 B
190 B 20ms
20ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/17864851622750576224/script/ Frame 1AE1 4 KB
973 B 22ms
22ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e24e46459c7d6e73401ab03d015d9819826b4d7e01d5dacb37c0264ebf8f069a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 944
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 10:00:42 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2DDD 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 245918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame FE2C 0
0 62ms
62ms Fetch
image/gif 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssvVs-l-PFGMw59PH3jGwuq9bmzBlRuzYMuGLqs1k0z-0N2cv-7tUESAqfDJCQMEPSP5anXFOBCWJP_4h8Sgyj64eOrABU7FvEItk9gGt3fL4AL4WRRIVRxrtnF8wP4v6eIjVQBTTBg8N5vAYN1dwOcEhhfFDEydxsHwMQcfOS48guK8V1YZpF5geRlP38TQIwxeeqstQebsyv7Lsvve1gZtELRrpxaIv4z&sai=AMfl-YT-CebvWtJogRB1T-wnXL1nfW4XVzAELGx9rRCNIJNmywTCKYF_UK_xi69YbQEjFrczV3JhNLtP7qP46UcCjC8mW5icEy2da1izEpe6-X33xGTvVHGDGgNwZvqCnHYd1QMMCevzorzefeKWQeNpUg5tk_A&sig=Cg0ArKJSzBqtiXlNYX71EAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=545&vt=11&dtpt=308&dett=3&cstd=236&cisv=r20231109.90224&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/17864851622750576224/css/ Frame 1363 5 KB
2 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d74871f1d66e7c0230449ab708d05f088e33d578275cfbc2e0d95529b689cfcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 1363 70 KB
25 KB 55ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1654957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBsV9JEtFxkjMhPFZXpvTZPKAI5v04tRoJ8EdVwyTLT1J8%2FY%2F4DFkXyjZ8Ks7czqz3UCamRigG5PmZzApgwigyrfKhX3GOe6PsP%2BNtCOHSwGiNfWvsJXItq%2B5634anOkBpSu2e8x3JUEpXGMx6aEAX7I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82d2a89efdf49b8f-FRA
expires: Sun, 17 Nov 2024 12:36:49 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 1363 7 KB
4 KB 56ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R09VjRBb%2BLdfc2rfz6RCU7NsSMlIpk4SE9CGjJFOvmsoQMGRgMFnjbCDtgAzRNS5y4Y8R9ah9vndF%2Bsbn3dDVhSWEfrZ2S1ghIIJ3batsttH%2FokqTantyxoYGF5zaR10ox3f0TB%2BOyf395GzaACZ%2B8P7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82d2a89efdf59b8f-FRA
expires: Sun, 17 Nov 2024 12:36:49 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1363 2 KB
1 KB 21ms
21ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1363 2 KB
800 B 22ms
22ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 10:00:42 GMT

GET
H3 200 dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1363 13 KB
4 KB 20ms
20ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dyson-v15s-submarine-stack.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12ff2ec39651e02b34ee26ae91b66614f3b981e5b8db58feb16115c2b6b201f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3980
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 10:00:42 GMT

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1363 31 KB
31 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dee119ee49ab8771cf531190b1b186a092c709f799baf9ab566a3ca9778ea0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:00:42 GMT
x-content-type-options: nosniff
age: 95767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31326
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 10:00:42 GMT

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1363 21 KB
21 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d66ba6bc03128cc3ce96e393fc2b3f7c8bd2e73af8258ae6d6a5e6f2efb9848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:00:42 GMT
x-content-type-options: nosniff
age: 95767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21613
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 10:00:42 GMT

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1363 25 KB
25 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de63bf5ecaf8695bae42a604e9808a63c55b0d62bdb3b4462c1530950772fc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25605
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1363 30 KB
30 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

263403e6cea55abd488e73b1a3ed6fac18d6b3136572570953b3392504715123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30924
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1363 192 B
190 B 22ms
21ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/17864851622750576224/script/ Frame 1363 4 KB
973 B 22ms
22ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e24e46459c7d6e73401ab03d015d9819826b4d7e01d5dacb37c0264ebf8f069a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 944
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 10:00:42 GMT

GET
BLOB 206
Partial Content de788dfb-bc36-463a-a97c-20752d12e613
https://www.gaflaquiz.xyz/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gaflaquiz.xyz/de788dfb-bc36-463a-a97c-20752d12e613
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 35ms
35ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/148355_465/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
via: 1.1 52185ea0de4fc3b9a693955c5e065bbe.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: CPH50-C2
age: 1379384
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-cph2320052-CPH
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1701175009.121605,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: CXF8SJp2F_zuvYhte6eFDCfAo7przwk475Djruyf4Eose4Vzvc2xjQ==
x-cache-hits: 128338

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.7/ 437 KB
82 KB 42ms
42ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.7/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/148355_465/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8f504076812628732919c2046c8a7c90759fa92c4a06b82c823219c6b42dab99

Request headers

Referer: https://www.gaflaquiz.xyz/
Origin: https://www.gaflaquiz.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-mtime: 1700992860
date: Tue, 28 Nov 2023 12:36:49 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: XH4Z3ZR113B9CZKM
age: 182097
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1700992873
x-amz-meta-mode: 33188
content-length: 83165
x-amz-id-2: 01/7Sk8O361hK3WwIRlAZbFR13bXo0yLRl9qjllhOu9E46LCyL7CssB/woc/FnD2PT41/uOBrIs=
x-served-by: cache-cph2320058-CPH
last-modified: Sun, 26 Nov 2023 10:01:14 GMT
server: AmazonS3-br
x-timer: S1701175009.136032,VS0,VE0
etag: "70689184fb612750758a3d367ad051b1"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 33999

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 9122 577 B
662 B 30ms
29ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/148355_465/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e64d5a72c7287c3d1112bcd246cf4f69c3be3f6eb5c6685b1cd63732e2acd38d

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 28 Nov 2023 12:36:49 GMT
machineid: 3402
server: nginx

GET
H2 200 loading2.png
vidstat.taboola.com/assets/ 24 KB
24 KB 42ms
41ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/loading2.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-mtime: 1498646328
date: Tue, 28 Nov 2023 12:36:49 GMT
via: 1.1 de5c91e6083c20494d32dc8ebe4b652c.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: CPH50-C2
age: 2032563
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-length: 24300
x-served-by: cache-cph2320052-CPH
last-modified: Sun, 02 Jul 2017 14:25:04 GMT
server: AmazonS3
x-timer: S1701175009.145363,VS0,VE0
etag: "ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: qy8zF6Js7uYXFX_x1ayI3rrnC9FBUQV25EHFnyEGuCumVSxXAm0gaA==
x-cache-hits: 62586

GET
H2 200 replay-button.svg
vidstat.taboola.com/assets/ 1 KB
1022 B 41ms
40ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button.svg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
via: 1.1 387d417a3f5a5743442b1fcff6eeff24.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: CPH50-C2
age: 2032562
x-cache: Hit from cloudfront, HIT
content-length: 701
x-served-by: cache-cph2320052-CPH
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1701175009.145356,VS0,VE0
etag: "e871e80b457ead7801d3bbe63b25c4fb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: n-_tEzK8LzY6703JQj0NaC6OhmGKk4KIkuV2UB5Wmx7VPBHxDCmYmg==
x-cache-hits: 58856

GET
H2 200 replay-button-hover.svg
vidstat.taboola.com/assets/ 1 KB
1 KB 42ms
41ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
via: 1.1 4b9325465b369de0e96cbaa528af33e0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: CPH50-C2
age: 2032562
x-cache: Hit from cloudfront, HIT
content-length: 709
x-served-by: cache-cph2320052-CPH
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1701175009.145343,VS0,VE0
etag: "ae0344bce724db935e4f7ba6573ee516"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: v8cjR5uLgK1h-GvDyJrDbyyn3i3fqohMByLMFMWAEQ48Em6MQ9WfCg==
x-cache-hits: 59061

GET
H2 200 learn-more-button.svg
vidstat.taboola.com/assets/ 2 KB
879 B 41ms
40ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
via: 1.1 8090b3305631d47aedbe1f9d2965b238.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: CPH50-C2
age: 2032582
x-cache: Hit from cloudfront, HIT
content-length: 634
x-served-by: cache-cph2320052-CPH
last-modified: Wed, 13 Feb 2019 09:30:12 GMT
server: AmazonS3
x-timer: S1701175009.145336,VS0,VE0
etag: "3132e8c3bdd274efa7ce1531ec89580d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 9cfbxYvvw3FsBEv3zZCHL8Z81RxB27Ila4DFXideL1Pc4UckzmI4Hg==
x-cache-hits: 58822

GET
H2 200 learn-more-button-hover.svg
vidstat.taboola.com/assets/ 2 KB
920 B 41ms
41ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
via: 1.1 8090b3305631d47aedbe1f9d2965b238.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: CPH50-C2
age: 2032584
x-cache: Hit from cloudfront, HIT
content-length: 660
x-served-by: cache-cph2320052-CPH
last-modified: Wed, 13 Feb 2019 09:30:11 GMT
server: AmazonS3
x-timer: S1701175009.145320,VS0,VE0
etag: "b14888c73642ebc29c1451727eb1eb8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: _g05DD5lj_Gd8HNWdp2rTaF8IxD27mpdsNnmK3g1voWGl9BGqnlKIg==
x-cache-hits: 58769

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 29ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&cmcv=&pix=31579697&cb=1701175009129&uv=148355465&tms=1701175009129&su=&abt=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!uftchrwf_vC!ul148355-465_vA!unf_vC&ft=0&unm=SLIDER_INSTREAM&
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 8C25 7 B
380 B 101ms
22ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC18 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1fb5320b-a63e-68e8-6d29-0dbe147062a4&tv=%7Bc:vgJBM7,pingTime:-2,time:229,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:632,beZ:633,mfA:635,cmA:635,inA:635,inZ:637,prA:637,prZ:648,si:652,poA:652,poZ:664,cmZ:664,mfZ:664,loA:788,loZ:790,ltA:861,ltZ:861%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:229,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B225~0%5D,as:%5B225~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191*.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1a2%7C1b%7C1c1%7C1d%7C1e,idMap:191*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:20,sinceFw:209,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 41ms
35ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Nov 2023 12:36:49 GMT
x-amz-request-id: YZCPSNTYZ5MEG6Q8
age: 86
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: pV29kaUOxwpk47v63jH6/LF7MQAmPI+KIB2yrOMhmHhnI8tpXB+kh5ig//KqOp4Xg6WaaXtObAs=
x-served-by: cache-cph2320052-CPH
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1701175009.155594,VS0,VE0
etag: "11d8569a7da0739259e3ac0b0d666e94"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 43
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 7

GET
H3 200 LogoLockup_Horz_RGB_white.png
s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/ Frame 7883 909 B
936 B 28ms
28ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/LogoLockup_Horz_RGB_white.png?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee87275e5e3f2a00a19c7849c5a6345b06315dee49212e9933ed4932ae4a281e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 07:43:27 GMT
x-content-type-options: nosniff
age: 104002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 909
x-xss-protection: 0
last-modified: Tue, 09 May 2023 05:43:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 07:43:27 GMT

GET
H3 200 TI-Networking-and-Security-Convergence-Overview.jpeg
s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/ Frame 7883 45 KB
45 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/TI-Networking-and-Security-Convergence-Overview.jpeg?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e360172b946b9dc3ddd890cea4e19f086f7b53e8b2a1f0ea3d8424c9e1b53998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 07:43:27 GMT
x-content-type-options: nosniff
age: 104002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46097
x-xss-protection: 0
last-modified: Tue, 09 May 2023 05:43:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 07:43:27 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F1C 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 10:13:51 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 36ms
35ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.gaflaquiz.xyz/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Tue, 28 Nov 2023 12:36:49 GMT
via: 1.1 8c1689d985cebe3591673210a2254e9e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: CPH50-C2
age: 2116617
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-cph2320052-CPH
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1701175009.181209,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: l9FWBpaPgO7-k87FStAUFfwM3XLG4r5Cww-LlFCzVuRErtS5gvG8XQ==
x-cache-hits: 283091

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 7D02 0
176 B 84ms
29ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 28 Nov 2023 12:36:49 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 container.html Show response
8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F95E 6 KB
3 KB 23ms
23ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:48 GMT
expires: Wed, 27 Nov 2024 12:36:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9122 70 B
148 B 45ms
44ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 9122 43 B
425 B 50ms
49ms Image
image/gif 2a05:d018:d29:3602:d09c:564c:cd27:b30c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:d09c:564c:cd27:b30c Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

POST
H2 204 bulk Show response
trc.taboola.com/secretmessage-gaflaquiz/log/3/ 0
368 B 53ms
53ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/secretmessage-gaflaquiz/log/3/bulk?tvi48=10143&tvi50=9864&route=AM%3AAM%3AV&lti=deflated&bulkSize=3
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231128-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 17
date: Tue, 28 Nov 2023 12:36:49 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 13901
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-cph2320052-CPH
pragma: no-cache
server: nginx
x-timer: S1701175009.238775,VS0,VE17
content-type: image/gif
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 LogoLockup_Horz_RGB_white.png
s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/ Frame 7883 909 B
936 B 21ms
20ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/LogoLockup_Horz_RGB_white.png?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee87275e5e3f2a00a19c7849c5a6345b06315dee49212e9933ed4932ae4a281e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 07:43:27 GMT
x-content-type-options: nosniff
age: 104002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 909
x-xss-protection: 0
last-modified: Tue, 09 May 2023 05:43:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 07:43:27 GMT

GET
H3 200 TI-Networking-and-Security-Convergence-Overview.jpeg
s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/ Frame 7883 45 KB
45 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e360172b946b9dc3ddd890cea4e19f086f7b53e8b2a1f0ea3d8424c9e1b53998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12423164755422187804/EMEA-DEU_XA-09_0_300x250_BAN-A_HTML5_TOFU-no-Networking%20and%20Security%20Convergence%20Overview_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 07:43:27 GMT
x-content-type-options: nosniff
age: 104002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46097
x-xss-protection: 0
last-modified: Tue, 09 May 2023 05:43:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 07:43:27 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 1885 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 10:13:51 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame DBBD 111 KB
39 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame DBBD 11 KB
4 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DtzMldpy87XEPbzUA24Z8yRZv5YTqNhWUwioUz7b32auoPB6BcuBFjLKFJtde-dVslrvWxA6jV_ViBJr780us6GiQHn7XoP8883QrvA3a0XEMPrISgXsOk1VkA5cyRKJFvR1pa3_FP-6m0-uuQUH1MA6d7CX2LklkgEFctRytje9PNqv0S-RQAoCZ_4IS4swLXd3Ux4SkRcqkBtST-Xjy1F8J7bUApgq5ks4ONKwv8pLMPR2VaCqqjxXFZbatN2RVsAxC8Y9GsILnh88c94ti1eIxAlSavyhiXJekuNgGTDwBlPMAZbOwAKFALORptuy0jKXcA0t-dlgRMo1LUPRGJs70n3uxIDDH0JiFcTiQPUslnyKaOPDsZSwxv-cE5Uw6nxqM8uU7AtJZyMAqyC2C6PtkH762eTr5CN9SbTuREXkWxl6W04VugfJeZ_Kh2bbels9KkDVgiEmw8Kz7CqWGcnoC-v-3WAkuqNMn7nQTKNj2jjXTavlLn6bEfNwnEXStxRIqHkUN9461Xab0smOwqpnNRT7ErwAlNRhjjNoF5jx3y320HyScFumiXX7wrhdaAfznsl2mA8DmzNlfkKwDpQ1L_d7A3q8N3o9jHbBxEvobQQK1k7qQVX3GCQY2Z0W0uRep5vITqeQW3X4g79pmZYZ1K5UhY8QgsKVDyFBUoyLTG_xrK4exwrL78Z2wNzyOw2upBjgFm8U-toq8D-uX3468hv9qNM98I14xaNVLIEkS5Z_8z98NW3xLYQo5B_ARAojnUnBoXQl_YtZCr2tCGD70owug49UH9pg_e4YsxyJuajPm_39WMb2H7tlVZ9y6-wmqrNqhcE19GRWC8RtBhCLy03UUzy1yOLV3NOf8K-I40Z_1VaAGQ70PuUVoefKIWQgtOlYMlkoAb3DTBJWd8lidXKrhLLABMGzqrNLKks2niNrR_wuh_0FbjGoNT3n_rwFt_15lx_gC_4TvdvDpru9iVUf11_9M4xPbIKbEqxb5PrMdmdQS9e8FEYHVobNLFOIfXzcoCu8K_gTJiXUeMK_jbiSZGQs8MyNeQeePFguBPryPVUXebZSmZZcF7JSzvkWdpHOiJ6b5IqDwpdBU9NtKaXZWtHjK7Os4rU3oa9UGIDFUGCj1IbpxT_e9uSXlgXF4Fr_FT56GSdmho10byjZiPgIZAPyL97OflF0fp5edvG0mkoArVSsyyPo8tGlTpwiFWM7zSEkboVTbvTz9d5tIwMlPQ3jjg8IfMzKqXOEeumlKQNezmjawD4FLptZidvRA34DOAfIZLrkcb8IskCG1MnxXcjKFdZ1P2PaYIf4FiPuB1hc1z2v8GA_WvaYwyJmyNJ7wOXab2T4Nk1QsBSgsiy1erbrb-0YvFl8wv4Ba9uZmB1-PCWB9kr-2nNqEU8BiLkjr9pHGerVdFfV3_T-yMIgNk8Vwx6sEj_yEVHsxA210Q8uksB2Gr1PPot4NLB2UqcWDVScU08-6nL5hnjlki8xoN5Q_kQzfI0w9HYSmmg9Iwk4w4-5UFtVQGTqwOPbzwMs4QZ7i3gfydRqRRLwd51tyLRc0nkATiDQFZHOJDN3xIRkIGFs5u3zJtCGjTTJyZ1fAKpn59j34tptj5DOdPmFZfRFKeqY7QDRm7AS9dsoe6do0c2Odr34ZeK1JgAxgTPagVfixq0F0iJZJLvlK_FgfjkYozu4jILjGo1v7CaGoTdPOgDyIJFWY7HW5Mn80gqeM8aJNSuuwUh5RyeaQ_f_J6EM1z9WV6U_gjvZw6tm4HKKgmW3s-OiLHUTg5p0LD_AcgOuL6itqPwzCJjwdVDhCKf6WDZ9MxVNeYQJh1mjO3h8K021qHJRD3rc0_dTcG8hvPjjjCFhtmv5c-ojVKGmlB2Fyv7tE-pEb6aKqIcOw2ppV67VW4wHPl4CBvG9xBluXUzBw2iVmkNX5mf1D6hs1v6LF2HdaVEzhfQuTgYeg6DwAD5R_uxcyYpYZfkHbbKaRdbtwKX5ZS0vy_x8CFD7iclaHLwTtgHp2vSvaJkBiFEpkej5E0VlJlg7u_8x48UVMeV0JY6-0PfFg_dNTzQhHkbDn7viKL2IdY7nW-5DOkRpPvf-Ka0lKMVnNzS_9-3x8bnAFLcEiTHUjWZC30AvXEzojbZwi1djCdG0FUUeUyWqMf5Dt-ffIcpbUR5SFXy_EKTfRtJvAqYrXK_5-anAHf6rMGksNrYNL5WJfav7ZBPW-8RmC-driP6HdnP834fTydmC89C4ZR5VEl5tvW2L-X7FtLMGASiVJsTnAMwJNOMHRmz33x7Ex7CGvlq8kfxRXwcEio_sUU4adyPsMs-3uuZjGQNSMPeDSDoX5nJ6U92NiEV5W-S8yua62ddlo4QAS2mGcqo0tJYeOQq2TJ3jYU7Drp4D6DKP5CTX9KM8T0UfpvCCbKfxKVZa4shkS_HRT3sZC1jSM_sbLLXhN95QZhoH7HvHv9gLsz5GVQHd6R4NLOqIBKcicT206AgzDqnnNv_wVjd9yjmzPmC05aNa9aqYPPCOrtjwFlkomqqsegs-zdLxBjCssP9rN3RLQshjuZ9DvQzZdjQf6HJmftGz7sRNXOeAyaUm1JP-iqZBr3aIOu6rwETW1Ck5dwcE8HXr3sgzX6W50kZN_pf0zTYOUBxtN-5QZyTlGVyj8O_fIVyMa-AF19tOaMqX3LSxj0U0QZ8LHW1tc9TBydowsjq04_tc3XGG72HYRAjl-ps5lYvu9alDcaxxvpgiaTWuTCF99QbXuO-Fsdp01sl_pbXMUUZV2UAAjIPKFSsoO-LVLzW0K9Z841Zolh538oNxFsdLXH1HUmHuJpcHlGsp1OrbA9zMAGU4TgyS3gV3qo6e0T6vkLhsMmZYq-YY-Y8wEcExDHtbyomYOzw9hXfvirrOBQZfPZrjWKdojEbK2yCaDocb0H36uxwaw7PJz4yeBidSSkC2GNQIJkUtg4CoYMiiMDH458Ryn9jO9UuWhic0jbSdgAg83Wnf4MKIdE0TL5h3O_m65PYYfTysxatFKrzjrgQL5mjxKYKnU1SyrYDDfp8E2pTfPHXoh_oDPR0iqx3aNvBAtlGKp9GH5-iWj_abwFE8kNcjoUs6sgAjE-K5Ooz2w_mzsiUWVyDJTH4QqaevyhaXQW9b6Xq_XRauBAaV3qdBOvUiVKqIp5Nujb3ZWifFCuR8i9JIjiOyYM30rthQlSXxm5KimTPQqF9WsJLoYhrTWBCqyQpS992BOLoQCtMkkQEEmcgIn64yl_nL5qhd_MTHeoHcm3y-nELAh6HWm2yLJl664MzxoAAFTrAsLVMki6UVHLw0WNSAvMHemHvg0epuFYNcQl_2aiH6W3ALLXqeFnAll4PcZCHjOpPy6WZPKrVjWh89Gnfe1HnviIgjN-mxtXT1ifoghK0ZKqSMOxRccaJol3eCRQXxOPdxfvnd5eLdS8kDh9lRh-e_RUV7OhCdnmO53U7VcguOLJSQkpRqhtF7PFuHUz3v7LScLI9OB8fmMbHMS9sUSTT1ryzu3OjYchye-J7ekD5BN-vFGSuDfd0-gkT3jQJBl2HMhtbGmLkZDtZhaGnrex0RWBLiYtgmoy6bk3utl0Kgq8lRPQtfBxiufbZBaFLk7RzHqH1nbTmaMytxixEu1s623RHlg21J_XBlZYIaTtS89CKJJEAK0lMPao8x5fn5k5isRmAeWxuDQqbJpLz2YrtwVJqLo7zXP8ohX3yB3BDfXKyZ1Hqk2POuvIz9OXmxpVCAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAWAB&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20118583893&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j4hKyIZQMFukRnnKf2yOPo&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-2462751652998210%26fa%3D1%26ifi%3D8%26uci%3Da!8%26btvi%3D3&adsafe_type=d&adsafe_jsinfo=,id:62812222-5cbf-a13c-ad81-c9484364997d,c:vgJBHD,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-twwz5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tWUkYam+11%7C121%7C1221%7C131%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C1811%7C1812%7C1911%7C1a*.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e,idMap:1a*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:11,oid:cc36c851-8dea-11ee-ac8a-2ef4c4763ddc,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:35:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame DBBD 31 KB
12 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1474271/76103297/xbbe/creative/adj?p=APEucNWeGIYUrziJdMiOe2DejPKfxOYFRkfknzdL8iWDZcUCCrzjlRk&d=CokBAKAmf-DtzMldpy87XEPbzUA24Z8yRZv5YTqNhWUwioUz7b32auoPB6BcuBFjLKFJtde-dVslrvWxA6jV_ViBJr780us6GiQHn7XoP8883QrvA3a0XEMPrISgXsOk1VkA5cyRKJFvR1pa3_FP-6m0-uuQUH1MA6d7CX2LklkgEFctRytje9PNqv0S-RQAoCZ_4IS4swLXd3Ux4SkRcqkBtST-Xjy1F8J7bUApgq5ks4ONKwv8pLMPR2VaCqqjxXFZbatN2RVsAxC8Y9GsILnh88c94ti1eIxAlSavyhiXJekuNgGTDwBlPMAZbOwAKFALORptuy0jKXcA0t-dlgRMo1LUPRGJs70n3uxIDDH0JiFcTiQPUslnyKaOPDsZSwxv-cE5Uw6nxqM8uU7AtJZyMAqyC2C6PtkH762eTr5CN9SbTuREXkWxl6W04VugfJeZ_Kh2bbels9KkDVgiEmw8Kz7CqWGcnoC-v-3WAkuqNMn7nQTKNj2jjXTavlLn6bEfNwnEXStxRIqHkUN9461Xab0smOwqpnNRT7ErwAlNRhjjNoF5jx3y320HyScFumiXX7wrhdaAfznsl2mA8DmzNlfkKwDpQ1L_d7A3q8N3o9jHbBxEvobQQK1k7qQVX3GCQY2Z0W0uRep5vITqeQW3X4g79pmZYZ1K5UhY8QgsKVDyFBUoyLTG_xrK4exwrL78Z2wNzyOw2upBjgFm8U-toq8D-uX3468hv9qNM98I14xaNVLIEkS5Z_8z98NW3xLYQo5B_ARAojnUnBoXQl_YtZCr2tCGD70owug49UH9pg_e4YsxyJuajPm_39WMb2H7tlVZ9y6-wmqrNqhcE19GRWC8RtBhCLy03UUzy1yOLV3NOf8K-I40Z_1VaAGQ70PuUVoefKIWQgtOlYMlkoAb3DTBJWd8lidXKrhLLABMGzqrNLKks2niNrR_wuh_0FbjGoNT3n_rwFt_15lx_gC_4TvdvDpru9iVUf11_9M4xPbIKbEqxb5PrMdmdQS9e8FEYHVobNLFOIfXzcoCu8K_gTJiXUeMK_jbiSZGQs8MyNeQeePFguBPryPVUXebZSmZZcF7JSzvkWdpHOiJ6b5IqDwpdBU9NtKaXZWtHjK7Os4rU3oa9UGIDFUGCj1IbpxT_e9uSXlgXF4Fr_FT56GSdmho10byjZiPgIZAPyL97OflF0fp5edvG0mkoArVSsyyPo8tGlTpwiFWM7zSEkboVTbvTz9d5tIwMlPQ3jjg8IfMzKqXOEeumlKQNezmjawD4FLptZidvRA34DOAfIZLrkcb8IskCG1MnxXcjKFdZ1P2PaYIf4FiPuB1hc1z2v8GA_WvaYwyJmyNJ7wOXab2T4Nk1QsBSgsiy1erbrb-0YvFl8wv4Ba9uZmB1-PCWB9kr-2nNqEU8BiLkjr9pHGerVdFfV3_T-yMIgNk8Vwx6sEj_yEVHsxA210Q8uksB2Gr1PPot4NLB2UqcWDVScU08-6nL5hnjlki8xoN5Q_kQzfI0w9HYSmmg9Iwk4w4-5UFtVQGTqwOPbzwMs4QZ7i3gfydRqRRLwd51tyLRc0nkATiDQFZHOJDN3xIRkIGFs5u3zJtCGjTTJyZ1fAKpn59j34tptj5DOdPmFZfRFKeqY7QDRm7AS9dsoe6do0c2Odr34ZeK1JgAxgTPagVfixq0F0iJZJLvlK_FgfjkYozu4jILjGo1v7CaGoTdPOgDyIJFWY7HW5Mn80gqeM8aJNSuuwUh5RyeaQ_f_J6EM1z9WV6U_gjvZw6tm4HKKgmW3s-OiLHUTg5p0LD_AcgOuL6itqPwzCJjwdVDhCKf6WDZ9MxVNeYQJh1mjO3h8K021qHJRD3rc0_dTcG8hvPjjjCFhtmv5c-ojVKGmlB2Fyv7tE-pEb6aKqIcOw2ppV67VW4wHPl4CBvG9xBluXUzBw2iVmkNX5mf1D6hs1v6LF2HdaVEzhfQuTgYeg6DwAD5R_uxcyYpYZfkHbbKaRdbtwKX5ZS0vy_x8CFD7iclaHLwTtgHp2vSvaJkBiFEpkej5E0VlJlg7u_8x48UVMeV0JY6-0PfFg_dNTzQhHkbDn7viKL2IdY7nW-5DOkRpPvf-Ka0lKMVnNzS_9-3x8bnAFLcEiTHUjWZC30AvXEzojbZwi1djCdG0FUUeUyWqMf5Dt-ffIcpbUR5SFXy_EKTfRtJvAqYrXK_5-anAHf6rMGksNrYNL5WJfav7ZBPW-8RmC-driP6HdnP834fTydmC89C4ZR5VEl5tvW2L-X7FtLMGASiVJsTnAMwJNOMHRmz33x7Ex7CGvlq8kfxRXwcEio_sUU4adyPsMs-3uuZjGQNSMPeDSDoX5nJ6U92NiEV5W-S8yua62ddlo4QAS2mGcqo0tJYeOQq2TJ3jYU7Drp4D6DKP5CTX9KM8T0UfpvCCbKfxKVZa4shkS_HRT3sZC1jSM_sbLLXhN95QZhoH7HvHv9gLsz5GVQHd6R4NLOqIBKcicT206AgzDqnnNv_wVjd9yjmzPmC05aNa9aqYPPCOrtjwFlkomqqsegs-zdLxBjCssP9rN3RLQshjuZ9DvQzZdjQf6HJmftGz7sRNXOeAyaUm1JP-iqZBr3aIOu6rwETW1Ck5dwcE8HXr3sgzX6W50kZN_pf0zTYOUBxtN-5QZyTlGVyj8O_fIVyMa-AF19tOaMqX3LSxj0U0QZ8LHW1tc9TBydowsjq04_tc3XGG72HYRAjl-ps5lYvu9alDcaxxvpgiaTWuTCF99QbXuO-Fsdp01sl_pbXMUUZV2UAAjIPKFSsoO-LVLzW0K9Z841Zolh538oNxFsdLXH1HUmHuJpcHlGsp1OrbA9zMAGU4TgyS3gV3qo6e0T6vkLhsMmZYq-YY-Y8wEcExDHtbyomYOzw9hXfvirrOBQZfPZrjWKdojEbK2yCaDocb0H36uxwaw7PJz4yeBidSSkC2GNQIJkUtg4CoYMiiMDH458Ryn9jO9UuWhic0jbSdgAg83Wnf4MKIdE0TL5h3O_m65PYYfTysxatFKrzjrgQL5mjxKYKnU1SyrYDDfp8E2pTfPHXoh_oDPR0iqx3aNvBAtlGKp9GH5-iWj_abwFE8kNcjoUs6sgAjE-K5Ooz2w_mzsiUWVyDJTH4QqaevyhaXQW9b6Xq_XRauBAaV3qdBOvUiVKqIp5Nujb3ZWifFCuR8i9JIjiOyYM30rthQlSXxm5KimTPQqF9WsJLoYhrTWBCqyQpS992BOLoQCtMkkQEEmcgIn64yl_nL5qhd_MTHeoHcm3y-nELAh6HWm2yLJl664MzxoAAFTrAsLVMki6UVHLw0WNSAvMHemHvg0epuFYNcQl_2aiH6W3ALLXqeFnAll4PcZCHjOpPy6WZPKrVjWh89Gnfe1HnviIgjN-mxtXT1ifoghK0ZKqSMOxRccaJol3eCRQXxOPdxfvnd5eLdS8kDh9lRh-e_RUV7OhCdnmO53U7VcguOLJSQkpRqhtF7PFuHUz3v7LScLI9OB8fmMbHMS9sUSTT1ryzu3OjYchye-J7ekD5BN-vFGSuDfd0-gkT3jQJBl2HMhtbGmLkZDtZhaGnrex0RWBLiYtgmoy6bk3utl0Kgq8lRPQtfBxiufbZBaFLk7RzHqH1nbTmaMytxixEu1s623RHlg21J_XBlZYIaTtS89CKJJEAK0lMPao8x5fn5k5isRmAeWxuDQqbJpLz2YrtwVJqLo7zXP8ohX3yB3BDfXKyZ1Hqk2POuvIz9OXmxpVCAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAWAB&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-2462751652998210&ias_chanId=1&ias_placementId=20118583893&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j4hKyIZQMFukRnnKf2yOPo&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-2462751652998210%26fa%3D1%26ifi%3D8%26uci%3Da!8%26btvi%3D3&adsafe_type=d&adsafe_jsinfo=,id:62812222-5cbf-a13c-ad81-c9484364997d,c:vgJBHD,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-twwz5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tWUkYam+11%7C121%7C1221%7C131%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C1811%7C1812%7C1911%7C1a*.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e,idMap:1a*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:11,oid:cc36c851-8dea-11ee-ac8a-2ef4c4763ddc,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 04:49:49 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 150E 174 KB
62 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b1db638b8137df4162c3a0ce29d0d786422797cdea6483ccf9c616b90791a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63920
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 12:36:49 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame BE29 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 10:13:51 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
718 B 35ms
35ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 28 Nov 2023 12:36:49 GMT
via: 1.1 varnish
x-amz-request-id: DDQ4N5PH847FSFFN
age: 15343
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: aqXZ5TfXP8iRdMdELepuMA5C/5ciFi+p6Ky8KbHabejFtNJHH4peFIuNVRC4MRKY5KotSYHDQrQ=
x-served-by: cache-cph2320052-CPH
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1701175009.256659,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 38
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1417

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2CB 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSd0Y4N5lZb3TBdS_juwPs9uv4A8AAAAAOAHgBAI&bg=!1tWl1ZrNAAZxrfrxUa07ADQBe5WfOKevxfsUfOFn_s1QiEvD7Y0RsDjAI9DfEscNm-7FtH6RH5ll_ERMmxLYCENuV8z8AgAAAlNSAAAAAmgBBwoAZW65-n6hJ0I4KEGkG8ooqGTsmcUwhRNjjXYwEl1alPHXBE7T9u28zz_QEXGWPDAEXq_WpObUJXACsNqZKDL8jnpZtSsUiZFABsNf-Rvpx_kVnCa8bXaKdWLamAZmRFjuIwdeP5U4mQL9oRamfKWa-rGgKt5L9TuymK4x9Oy1wnhQWOAmx_adHzf11sNBSHI1g5n2HtH6QYZ2XTmlG8TbFTb9JOst_hTZoKdl8kA03hU4msy2y4Q6MF0J7w1IDzhXEZ1zLareQofCqYmOKWvq-cf2gzZLcKkvIPPjdMjrZmoE-oG2PwPfbDt8BaL6RhjO9KUdzTd6lJ2Fl1-wzGx26dIqqGN2wlP-Ue1Q4At0UL4rtzqRZHnqZznerzhm6PRPRZzBARCRCfRNK_MKH2LoD8Le1MuvhYJuYyaeMHyB4VL1ugZ2rsZhom-UFb0kAjoT11qXSHVyowwuSdQXQ_sVSTYK8-jGBWquF_yFKjubEg38klvj5P_IiCOyq6zNRo3XadJxXaQYUhqFJ_scS5w5CGGonq-UX9O7ZmX2-I43be7ERIud8CGTRPgFJwZ0FdYuQJyGtCbmLdsAM9oqkQC3FjhFFmUOt3-8aV1T7YTSqun1j9BADcETafO1gN9Y0LrmwdQekOJFR_j97sg7_4OpTFUm7ryI1lVbRy4iryFj-aeTaAOtLeLba6-ehnxZuDK59xBincyDOUxytsHOl6Pwlnpwhl6NY-MXUWYosGlXzoLxdscMLnBCgjzBmvwXFXff9NO6NiBtnXGGBmEBl4uSGNFXttMMKEQktNEheYuxNy4D1weEb3d1gQNeJ9yUuTF0HwdzNs50fQpge8zaYs1WwNYveXi3ZhBFO7QVcNrbIHR66H6d6MQXVBygAZYvay20c6IDhIDAmHFTRo5zBZYQ8sIHXYV7c9pkXQPS1UoOORH9Xh3Ea6N-G4XAo0atnopiiXFfHUecgX5jfZ2-qy4eXm8GFuLI8eh2ERsJmre3O10czHIbHWdyQ8WPnj7WtzM0GS-rQJQJdzg3XHbactManzUPhYE0cs9WwhZx4u8zrcMiuaI0M1sU44czN2pM_GFyEIjknDlO_9cWdoOVk_72OBz9wEaxm8OrA6jmdxEClltvfpYLGz-hHusUL1xLXR1lYYv9wqlg

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F9B4 281 B
555 B 19ms
19ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 28 Nov 2023 12:36:49 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame DBBD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0641d0fd41a1f9f87e52defda482dc8913044ab77293839ad071255ff1e134d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D6E8 640 B
262 B 64ms
63ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNqU3_QBMAE&v=APEucNVzt-pyBTd9hG_WZ5fCDo52z4nelCm-uGBUpXzsoU5LMuv6w02MKmQkbA4e7_ZxASDVnxu3G5FNx6kdGzsrFoCCL5K1lFFTtiBI1ojRXuMjV7JQvzLFoyqZeKCULqCczmI3H2bzLnKFmJ_cvEUhJHm_sQIbzpCxjJiIn2JWCqUFUGFZehkSCPtGCzvZ7GgPGRfRt1BGYlTA1kXz-FhkTbCSNeUBMg

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F95E 89 KB
31 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F95E 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DM_IpyJwX8_ophtjeh2YMRKrQBp0nIX2qkp1F5dyR8lJD9wHtfem3UrPIQwvODvwvGHgMSZ9wHTWbwk3tMS5fw4Vkfum4XExaxtWJ8DLsTjN0CJiI

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F95E 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15125821121527538495&x=1&ct=76

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F95E 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 09:08:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F95E 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 16:17:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F95E 0
0 75ms
27ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9Rz1lv6OA28iUNjdx8W2AqdDP8jPrWvBHKZxWFJ_IUmLiCzEYpkMNhqfTDOoQeS6jKRkcxlLBi1VO3NC6sR5NV-wLYw
Requested by: Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F95E 202 KB
64 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:36:49 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F9B4 46 KB
13 KB 23ms
23ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7ac6c155aa063758c1222c3990d67266f05ada2514d4fe7485797a7d994706ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 12:36:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 06:50:38 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=65644
Connection: keep-alive
Content-Length: 13230
Expires: Wed, 29 Nov 2023 06:50:53 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DDD 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 10:13:51 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B222 0
0 61ms
61ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEAolxyroOmsNweiJNVIf5jbx9VKvtOGJl14DGH1pDeWJsqQk-QZ-VkOt0X-9t5S2SfarEL1k4tXn1E-JQrqOPG7O5u8kfjlrhOIfjrd-gcXllhfcKhwtwDPAZ6WVFstM66xqzJIMjv8k5AcYxt09DUD6tAq9nx6KgZOyljjdqG5ocRNjHbrRkjohYNmIMu9ED3ibJtx5OhFeKojaB6JHEz2COR01tpRVlgMqOEG6R2CKriOQs-_pZy7wg7HX1RAl_H_P3lwxdlJF-GDm52Wy6MRKkCSpAf0Xve3nBJXFvTT4aJDtS3NZ--xMoKELjhs49oNHNiRxKrhALDc7EibLT_UfgP4732yDD2lIqlDSTHB0GZ6m5jXkdQw4NmuV3Q_ttqUpUPBfCF4YrjxQD_tDH11v1JYiMuuZoT2X1T-249M4yAkF1P2eq4bxACsxnuchYJAhfVGSg_weX0XR6kXscmiYxxAZdIgGYgCQrcs6qYLL8UaqAKaljdXd0a3K45KQCM5NiLYjUwKYv6uuYXd6sCtxesTOoC2GI1EakgMBkzyzIpF0jPCC1MsHqqW_ZvgtICDJp3kEYyK6tKJk7AnEnZSv8n2URSjo2GRq_Vux1vTUyJ_cFlTniXzBiGzSNavXxoRM-2npqvBoYKj1CvUMpNXmkv-eHrrSFQSlfy2Wf9Uq6WMQwtWg1k4VWIQZoQXI8tSideuZiZ-qrzkraMmNcB1GojYaDqLJaBhJl5wcEJEjHnP_F3c-FAbB2IEDyYAVA0GnjV7FNVZ4JFjOTPUEB3PCdHio_Y-9S193cGdo7cnUMsWgKCYHQnu0n0Huz8sKb50GvL4nKpt5sGU3EevUE6mAk3YWvqjGcw400Hksif3KUro0gS018977ujC2wLOyZskDd40Q6pDNqwt_eHbK1noNXHFmVncpfnDukE7g40Xea6mWCOSY9-hGQbzNtwm7fYrTjCe2DeKirizb3A4SD7Fgl56pGBSAbaesZ_c5zhb2VT12gKdVPWxW65VLx9PJEH_G6pjuMFTxqECZ09Wf1hS8GHwxEQ48bgsEIokrTZzRiRfTVpJj-jgkrOejcGpwLnx-PnIqkh_L8uddLxBfCOPz6CqO7bKkag6AbItYuh_m0qA0FWosV0gg4MNAJTTwq4jpsI8Q2UDZprmpMtfvv_5Wu01w060AlvfCmBbdMAXVmEYDBtqjpJZF8hthEtd5jAeOS4cHmZoUPF3_zla_ifVRVfFxlNPVFu7tuSYsuKh_JldDpVQvX7kbwh2-Ep0kHXQRHCMcU3NsrZuFa3wpzWy-8&sai=AMfl-YSaSOeECOB0873BJmsgxKETyBLNKmy-M5VuxlE9DTvTiIGAxRDccszFClom-gYQEHWcLfFPzQKlZc0P60QWARGQo633pTAF2RLaiPhttw5Fcy-FdIrWfWx7n6SVkTzJwuW-fyN3w3VrzruTI13RMWcXC5f3Q2QifX1j3rcvtyYoFXdMe9kcuH2ZFx2jz-z5g0AQcqATgI_xLhbaoY4px-BxQWQCCCW2tHqSOqErqlJrehsFw2AtbqoO_V-5U4q3Uro_OeF5M8kCGQPFc7yy5JSobHqqTc9eeRwjYPUW6w&sig=Cg0ArKJSzGeA-SLwoUdPEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=705&vt=11&dtpt=455&dett=3&cstd=249&cisv=r20231109.60358&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B222 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adae88d827fbee7c03860b03951195d9b70b0e1660f245b713c789929e2b3da9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 51ms
50ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lpibodui&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&event_name=first_play&asset_bytes=190377&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61D9 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUocs4N5lZeq5CMTBgQeFjb2gAQAAAAA4AeAEAg&bg=!5Oel56jNAAZxrfrxUa07ADQBe5WfONLif5cZHldym9APZw6DmvJT2BqAHVIwQGDJCRN8KtHFyp21jogbowPAIxozo5YxAgAAAhhSAAAAA2gBBwoAhn8PsTJ60ZMcXL6Z7LgVu3wxEET3vzTegpeGs8GGRomlRLr7Dr8v-ojB5Yxdl8JBB6zaRO6tFTkfPuEESmt4aI18U_RGZ6u5QsmZ90lFNLf8DNuIkILuvVIAH7bmnYZclSpPYVgLbEuzNo5TFSPP72dhBkXl9lvYmnlg8OX0wR1Z9Z_dQUYwmQLbILWT9S6m3iOzQs4ONlGu6OI_bb4sPwzd0XjVrrUn33oNmZAVT8xXH-pL0kzuT1yOquzQA_KNJSseztYJngpf0eA9tmfEx3SkDy8stPqg0kI6GnwWVagQezp15acZiiPEGksW8Y7813T69tKzFst2PmmUya4GsDIrUlOGw7vUyMl68-B3itIpoy3y_iKbjfAB8Gvyg2aJUZ92O36vnM7QxZTo_nQ1yqYOCcjaTR4ZuI83JEkAmfpgXvgRrG7jqhNmY-PZvZfIpm_nZiuP0wG8egfYmyh-RDLaa3bvyyEVrKwRA4JDX06KJgFxzaS_ZOaN44B-zEG98kKYq3uY3wb5dzyx-ZsmncZ5wp57NjTls6iBlvYIphmHpmWtpBmaIFI7u8UWz1Cwafpbg0zSZz8VA4dKjw30ak-CjSRgR_RYQhYpUsej6S2ua_5itDXJAkkCJeAc3IhqKES0qdJclZgfjDu2vKAMFx5vboTdjLoy5PULc6bVcNzEs79XsjREZkL9KNjWD8Gt7DnH_nqesoRkvnsNCyS7yydmezt9Rf1nQAWmYwO7_mgSQ3IKbz_99MSzSCHQ1kudLCxAPTYR1-iQqHVT3KlbpdgTjmKSLsZY1u-eAYZoWA_10vF0HSg0vnCuax2dGmGYXuKQnFenIHlUYSbevBlcbeBwPEstIuXccleI9FQu4vq_oT9Ddflea1L26w9lKlKmnEFCg4TxV2N5-92TTpM_9BtQYrhzCsPfBhXqNNSJBWTEIsNnzIrs20gqW2tCxQsuO19EjlMQZgSo5VsDiWRZtqwsP_K6op7kv2SKT1nojsoe1M9mUxv61W6SqKRJAmBKKTORKkgBWNU7pt3Sybf3jbZAVlVOBh8C3DcVtf4MH8Et8tVv9a7jlCw3DYnPbNB9N7V3w1Lt-IsufAdNvf7pX5WmoyVYyHXoOV5ypjjezqS9pOrMpWyMez57NOQG3ZawrDQvOUk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dt
dt.adsafeprotected.com/ Frame DFF1
Redirect Chain

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ...
https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...

43 B
215 B

178ms
178ms

Image
image/gif

2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Redirect headers

Location: https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date: Tue, 28 Nov 2023 12:36:49 GMT
Connection: keep-alive
Content-Length: 0
Vary: Origin
Content-Type: image/png

GET
H2 200 dc_oe=ChMI5fvD4NrmggMVd0odCR14HARvEAAYACDQ7vNgQhMI9v6X4NrmggMV8si4CB0VXAEO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame DFF1 42 B
254 B 76ms
61ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DFF1 42 B
64 B 63ms
61ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CMxQK395lZbaTH_KR4_UPlbiFcPrs7PNztt-ivPERt7rthZc5EAEgzf-HfGCV-vCBjAegAd78oIMDyAEFqQIDt1lr-l-yPqgDAcgDmwSqBPQBT9AWPU24Cw3YNIK2jGDeJt5gaLCnBSmExRgPhyFUK2SvbiWxi6NIj1sjSk4sj85xR4omwsKWC1NnOVkKS-HOvOevah257RBJ5CsTqY-SYi_6iPcM1bcbrUCuT_iqIeE1C51NstI0VvsHHZe9hasfvThSDUbtZ5ke2lrkCMFYrztKH7uIRXYQno51t5NavuyhI9e_hR1usf1S-CiD4E6OZYPsk1yKbVe79HBHwZU7GlFBgzjI8zPLAovT3XAu7KBI9uX67xvwTkSe4ePRMkISVrU9gChMJdn0NvpDA2F6KwZlJ7kIKTR0pmEQf5eKnQbSgsmQ6MAE7fHf67ME4AQDiAX4zOSzTJAGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBO_3NIV0BMA2BMNiBQP2BQB0BUB-BYBgBcB&sigh=Wy5Orf5XS70&label=part2viewed&ad_mt=15&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1701175009378

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=9578285275&adk=3645834497&adf=3077256435&pi=t.ma~as.9578285275&w=750&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007199&bpp=1&bdt=332&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dot.gif
s0.2mdn.net/ Frame DFF1 43 B
66 B 22ms
20ms Image
image/gif 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:36:22 GMT
x-content-type-options: nosniff
age: 36027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 02:36:22 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame DFF1 35 B
174 B 94ms
46ms Image
image/gif 34.242.245.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0LyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiMi4wIiwiY3VzdG9tMyI6IjIuMCIsImN1c3RvbTciOiIxMTM1NzYwIiwiY3VzdG9tOCI6Ijc2MTA1NTE0IiwiZGF2M19kZXZpY2UiOiJERVZJQ0VUWVBFX1VOS05PV04iLCJkYXYzX291dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwiLCJkYXYzX3VhIjoiIiwibW9uaXRvcmluZyI6ImZhbHNlIiwicmVnaW9uIjoiaWUiLCJ4c2lkIjoiYTdjMzY0ODItYTM5ZC00YTc4LTgxNWItNGZlZGUyNzQyZWQ5In0sInRpbWVzdGFtcCI6IjAwMDEtMDEtMDFUMDA6MDA6MDBaIiwiaGVhZGVycyI6eyJoZWFkZXIxMCI6IjIwNTA5Njk3NjU2IiwiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY3JlYXRpdmVJZCI6IjIwMzIyNDkxMiIsImNiIjoiMTcwMTE3NTAwODUzNjk3NDY2OSIsImFkRHVyYXRpb24iOi0xLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1135760&pubEntityId=76105514&iris_id=[IRIS_ID]&ss_iris_id={{IRIS_ID}}&fw_iris_id=
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.245.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-245-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 12:36:49 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame DFF1
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1135760/76105515/skeleton.gif?xmtp=v&xmapp=0&xsId=a7c36482-a39d-4a78-815b-4fede2742ed9&bidurl=https://www.gaflaquiz.xyz/&ias_campId=1008772806&ias_pubId=pub...
https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=a7c36482-a39d-4a78-815b-4fede2742ed9&ias_=&ias_xappb=&mon=76105515

43 B
481 B

21ms
21ms

Image
image/gif

2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=a7c36482-a39d-4a78-815b-4fede2742ed9&ias_=&ias_xappb=&mon=76105515
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:45:23 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6461487
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 5T7jmTxv84pz5wWfH0tNNsQB8493reaQBXw4AjuLaJq8uW_a4kc5XA==

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?xmtp=v&xmapp=0&xsId=a7c36482-a39d-4a78-815b-4fede2742ed9&ias_=&ias_xappb=&mon=76105515
cache-control: no-cache
content-length: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DFF1 0
65 B 71ms
68ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjpyhYQ2dgl82g25wNEZsiii2EwtM137I4yB0L8R4mbLQeHljMFdaCcg3Y16O0gYx5zYBb1UB6hFzW5xK_UAXKvskri4uu-yiRAs9IKluqGJSnC68w1yaQsvDOtz7mSBVtbYpjZlnuJ5STxNuICY_ERrpHGVn3CYYoUGuoW4u_JtWsfaY1mMmOCnX4Wn_J1fHdkz9R2TFNRn-VVLqTMZiZX-S5deJpFPwVi8zpnSxsBv69y5ZJhJj73RST7ojqNDhuaulLuKrvlMwxhaSV6gieMhfDvlfMT7C4A5HXgQJfaV_Il9j6v6ayLFWMg7ef5P2rQ-lKCshqjHQe1wUCUBpMaAo9wEADThN5eAFH7A1UxhMGwTncoWvDZN3cWlvuGnkauvC8vYWmr01skbzYEvM9TG14S-_8CKTcgeLsybWAcbyTSq8V3nIEFp_0Rv08j6ZIca6mbnK7xMI5jFM_nIiikN7byxlRTG_77vE7W5qupB3F7u0CzYWt_Km3ZSI0AiednZedvGlZNjb8LsZJpB0NXkdvGuHbzTIxhBvfnccBicsBghL9TcfNBSWlU_FaDeiLd4P4h-6J0fb8izObgFMCAKC-AE9NGCuM7ZzpWO242Av42tauBPwgAXHN_JjY08vi19Ubmlm4K5XDCzBWoGQTQPa83K1FTS0lMvVGNhKXsSkIcu5ttbDYPo5J8KdsHd2LM19xSuSCJCGu0vYi7dd0PvYD2MOOEzMvV0u9EyQjLB7f1hXTZLPbAEZIxR_jee4Ax3ebn72FeAKTPNE4s3tTJFcDRM2Ty3yY4FA6bs0-gEpL5GqD-tFULsiZVFf_IJUrdM9hOda8ckmTeH-P4Cks11g1PDvvRnnGRkDrGW0cdc9_g6TnI9p03OCpa8jnES8t_uFRD1-UAKoc1kVHmi1ZjQgXS_9BJMQf88OxpwUmYVQQY4W5OEfgPRw7UGEUMSzM-lpFZZtpIE-Kw3_3WbSJTKH-HA5_3H12cNWRxIP1tD9-_G_SYlLe_D2l0qZnX556Z2HPIk7RUqAHf1DKExSMSi5XEk2oLU5pfLpOC2Rl3q6KpZyPj2UJ1Jri4D7n0FX9y7O9oqaKE0TWFIBGTSSLVTu6R-tHjMANvwdl38hLs5YBBdLWL8Xz9fS8z3ho-HsNQQwNXB4bQwIp0YLL45ipxXif9yhQ4KkDYYUdYWSUsPTCV-VyWxvzmR3nKoVUUS22vH0MzKfTHI46HqT0ZrzE0a-Gdr2KXzkoYIKBQDUUVHEOCSISeb80by6-89-6aCBdfy_u_IUVHIIBEBswMKTi&sai=AMfl-YSWZnTEMyZtBduFoqCOiwpLnG05VyEgXsRwnbEA5aqz316WsOZaZ9GG-pm2AWjzCzVFWHX5c5nsU3fJOzA2d1bj63LW5H27pWPaevXJKWLY_9fa2zSpxy_jq6_QOVwRFrHjIcL3xeL2-I34dR7H3T9PuAC4K27IlYh8PVa5W37g0b-TLD_aH9Hd66Kf8l9vaYXN8mCr5-pn0eSeJmZRTZSRGQ42wpNPW9_qiEYbR_b4tz6ybDIpgpb5NtiC8CHBakQpmy3W7qLhu0emUbBf6-6alqa-cIk81Q6lxdu566EK6tKvUhrYKhgUnUHUZOKvNJc&sig=Cg0ArKJSzOlhMGKfRKYmEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame DFF1 0
16 B 65ms
63ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjWgqn8ASABMAE&v=APEucNVtTNPFkO_vt317lneNZ-Debm4X_jXqAC_0yOe0kfI2rwN1FrkUeKMrUCV3R6wC1J3osfZi-Bhg475dB4HQXPVjFNoNHw

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=9578285275&adk=3645834497&adf=3077256435&pi=t.ma~as.9578285275&w=750&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007199&bpp=1&bdt=332&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFF1 0
20 B 55ms
53ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DFF1 42 B
64 B 61ms
58ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWJOUXNWYRlsYS8SmdO_e08DR0YuUGWoQo8fTdlxxi1tgZLC6bP5rtm61rX9Up36SkJcMCTdQTEvijAQ_pdP7mwMk3XzzrfWuWDnHwPT6X8miaYn1G4XhmawQlkrJd5bmpAQK34H1Bj-XJ&sai=AMfl-YRbg9apUZE2Usm0FV3UkBKhVXKUGNsXgLbMtCJ2-sl53eg2GKbk_Tqxx_iQK-0KKsAHUah8dwB3pgX-V3YNMeRdShKvVXaEss_g28W4DhM-tLi_2Yol6EzzE3Gbo0mUiRscTOMv9oHoYkLCTS7V9g&sig=Cg0ArKJSzC3L2txQUFCiEAE&cid=CAQSTwDICaaNDuaLwpJwTXdSky7GB9Rm2iHqyb7sSZT-vWYTMgcpxgHLLlG0KCjQj-S5C6X1mnp1QSeoEYq3SQSIbByE37R844SEOvKr39PCXw0YAQ&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D15%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1701175009378&avm=1

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DFF1 42 B
64 B 63ms
61ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CMxQK395lZbaTH_KR4_UPlbiFcPrs7PNztt-ivPERt7rthZc5EAEgzf-HfGCV-vCBjAegAd78oIMDyAEFqQIDt1lr-l-yPqgDAcgDmwSqBPQBT9AWPU24Cw3YNIK2jGDeJt5gaLCnBSmExRgPhyFUK2SvbiWxi6NIj1sjSk4sj85xR4omwsKWC1NnOVkKS-HOvOevah257RBJ5CsTqY-SYi_6iPcM1bcbrUCuT_iqIeE1C51NstI0VvsHHZe9hasfvThSDUbtZ5ke2lrkCMFYrztKH7uIRXYQno51t5NavuyhI9e_hR1usf1S-CiD4E6OZYPsk1yKbVe79HBHwZU7GlFBgzjI8zPLAovT3XAu7KBI9uX67xvwTkSe4ePRMkISVrU9gChMJdn0NvpDA2F6KwZlJ7kIKTR0pmEQf5eKnQbSgsmQ6MAE7fHf67ME4AQDiAX4zOSzTJAGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBO_3NIV0BMA2BMNiBQP2BQB0BUB-BYBgBcB&sigh=Wy5Orf5XS70&label=vast_creativeview&ad_mt=15&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D15%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1701175009378

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=9578285275&adk=3645834497&adf=3077256435&pi=t.ma~as.9578285275&w=750&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007199&bpp=1&bdt=332&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 52ms
50ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=8~lpiboe3b&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&dm=6000&met.4=vfl.1ir~vil.1j1~ff.1j8~videopreviewstarted.1j9
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/ Frame 6116 253 KB
163 KB 21ms
20ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d76d4eb560f3f07393988e9f8f8425791f26d0438483c222ff53c73b9900be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 487929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 166451
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 21:04:40 GMT
expires: Thu, 21 Nov 2024 21:04:40 GMT
last-modified: Fri, 05 May 2023 12:38:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame DBBD 0
0 60ms
60ms Fetch
image/gif 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsszJnJrdNhWGgj9ch--kZTykukMo226nYbdwtsUStjdPgxZowL05TW0OVuQIbMOrkj1N23cETVM5ms2HcML3rB-gssMZZSMxjk_u85AI4aZnRqzNuKSpZzzpYyRtxlfyTPighge7adPk6AwzLS4TIqsfO38f5Rq20Wx9E5fwPpDzr0O55nnQRmA3jxWow238gQV3a2god98i48LCyyZOxFBZuDhqTMS5Vpc&sai=AMfl-YS5tFjGgswJZF8qXI4IGMakbjtWnmC6mmA9Po5PA2m_qTGDteHFoD6V6VwtPcy1_zHIXbZmWNQKv4utBaAfRL0DwfA9Vbvgx_OUwGyTzDB43ybXYZo7UqnNEOmtiCt5hAz78PQLDR6LGBuZmoKxtq-TLtY&sig=Cg0ArKJSzFOZroUn3lgwEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=184&cbvp=1&cstd=183&cisv=r20231109.25112&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame F9B4 7 B
380 B 24ms
24ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D6E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIevrrrTHQmnT_2hxqZ4bWQ&google_cver=1

43 B
114 B

30ms
29ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIevrrrTHQmnT_2hxqZ4bWQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNqU3_QBMAE&v=APEucNVzt-pyBTd9hG_WZ5fCDo52z4nelCm-uGBUpXzsoU5LMuv6w02MKmQkbA4e7_ZxASDVnxu3G5FNx6kdGzsrFoCCL5K1lFFTtiBI1ojRXuMjV7JQvzLFoyqZeKCULqCczmI3H2bzLnKFmJ_cvEUhJHm_sQIbzpCxjJiIn2JWCqUFUGFZehkSCPtGCzvZ7GgPGRfRt1BGYlTA1kXz-FhkTbCSNeUBMg
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIevrrrTHQmnT_2hxqZ4bWQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame D6E8 43 B
219 B 37ms
30ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNqU3_QBMAE&v=APEucNVzt-pyBTd9hG_WZ5fCDo52z4nelCm-uGBUpXzsoU5LMuv6w02MKmQkbA4e7_ZxASDVnxu3G5FNx6kdGzsrFoCCL5K1lFFTtiBI1ojRXuMjV7JQvzLFoyqZeKCULqCczmI3H2bzLnKFmJ_cvEUhJHm_sQIbzpCxjJiIn2JWCqUFUGFZehkSCPtGCzvZ7GgPGRfRt1BGYlTA1kXz-FhkTbCSNeUBMg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame D6E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEC_itMQSOCiKsueC86Bkuik&google_cver=1

23 B
163 B

203ms
45ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEC_itMQSOCiKsueC86Bkuik&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNqU3_QBMAE&v=APEucNVzt-pyBTd9hG_WZ5fCDo52z4nelCm-uGBUpXzsoU5LMuv6w02MKmQkbA4e7_ZxASDVnxu3G5FNx6kdGzsrFoCCL5K1lFFTtiBI1ojRXuMjV7JQvzLFoyqZeKCULqCczmI3H2bzLnKFmJ_cvEUhJHm_sQIbzpCxjJiIn2JWCqUFUGFZehkSCPtGCzvZ7GgPGRfRt1BGYlTA1kXz-FhkTbCSNeUBMg
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Tue, 28 Nov 2023 12:36:49 GMT
pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEC_itMQSOCiKsueC86Bkuik&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame D6E8 23 B
163 B 221ms
46ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNqU3_QBMAE&v=APEucNVzt-pyBTd9hG_WZ5fCDo52z4nelCm-uGBUpXzsoU5LMuv6w02MKmQkbA4e7_ZxASDVnxu3G5FNx6kdGzsrFoCCL5K1lFFTtiBI1ojRXuMjV7JQvzLFoyqZeKCULqCczmI3H2bzLnKFmJ_cvEUhJHm_sQIbzpCxjJiIn2JWCqUFUGFZehkSCPtGCzvZ7GgPGRfRt1BGYlTA1kXz-FhkTbCSNeUBMg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Tue, 28 Nov 2023 12:36:49 GMT
pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC18 0
0 62ms
60ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstrDp4MwVSyhWtblakdMVgaLAJpIDFHWg7M0lpgteZnfzqdopdfFYWXAJcxXSd9p6uMXW00lpRUfMzg-9smz0KXR3Q1yjwOHN4rEaQ4ivxH3QEQtZhbumv3WaUO7UjvKYQewzohLRwcULa-H4cNebRVRNzBCxYM8qDg_8shBoqAfUR0EmI9P4sChdVrqHBrB5XdhjCHpy2O5kMVHXVaMyWuRnPYmd0wjjdtaaOcp9x6zU984Z-OxRCnAgSOUePPhnH_Mn-o7BxTWneYT5kqxY7FHxLvstEQbh9R5NwJ8tyKga0D6qilccgIZFnFTQ_nrYpNUORrer3xGjh_1bSkes8K7gTsNoG_uGDheL8hAaygzx5Qa7ACdJhsVXUdaRYXVoIRmu_7GV0_-3eAWsaljhFrYukAWC1HCsMuCkWn7WNeB5BM0ZOmu-B14BEtmheKXZB2Kb4KxfufaYoKQtoymVfmqQdjRIZVNZZW0rkJYA_oJ6D-fH0FqOllY_bA65NWhFWxzX1ZZxvSgEP_aqYO8V-mC4rnb-XRlmzyTp83A34QbCQKBj6kpsNfq_hK-OcX1S5lAZi167FLwlh9mi2sUxPQZ73XFKqb4VsB1E-d-RjXcNU7ifO4Oss9NDbvR2peRfcNXr9KxrHHEXyZPmscnT-ibKZv9oY0bwMffnCmaaL-W_OOUv_cin9QpW58JC01QQ_3cj25PYZcA-2MJFZru8ECFR4iDO9kZtmpOaDSpqXDtave3SIMZx_Htsi6PilK31Q0KXan-8PN3yUATe-wkTbXqp_alysXX4ckC-GDQHFaf55pm1Dduppbz1zzYissMa-b-eGUTtRFeg3LMfu6cmOMirbq_1PtbBSoMTzzZa27LT4bbo2fkbJX-yoyaQ5HzLiBy8fN56l6CPyB058-PhxWSwme4nMr2VJhYn5AgHKXsHQk-PdAfeo4JzFIgLRaOpB-wXZD7SC3QLFoq6jFS_Xt7hiEKyfZxHRSMENDJdJHd6Ify_XVm1CiphRfuiO8VxXrrVnCHeuCzPyHEYsK2afIGN5x0oIcE0i06yL36Qmn8VQEwEd-FLku3_hUsz0iPYKPO7kHx2kw_qkXxIdYeXckbYt5zXCbaR549A8loIv5U5UuCGHXwhG1UffAyK2auhjdWTpuO4ScZMgoermKSC_7EFQNKYzlpGjv6aZmb4wfQpE8wNV6Ruq2L_C18yoZIjFGeIPAOxgWtpUKajWqYzRFVxXT6NQU0LduqfnCUwF6Lx8QJt70WdZkv1HRpC2IE7u4gGsX_o0VyMF_bhZ5aQ6XKx8V&sai=AMfl-YQX-ReMACxt0CHByaVBRyRVJce4YY5zow7EHRAuOy6ahJrCDZCjg6MlJ4WdtIhftaRQbByZz4vXb9TbXa31v7HTtVJ6B_1yhZloPPB_MVWY6GNpZa_83nKwJz5GP22n7a_juMNIIgqLu2K_tSTll-y0wUiS0kVDVdfDTwO1T5g-IrmAl7QlG64RB3dWM6Y1ZE1j00nW5jFkF8tjHq4Tvc0Fq0y7T9W4uY68Nn8OWIv1tJgzJCYxby5J81nwHxMTmx-i8u6lwze9AZYWz2N4LuE-JxlJtU6yCyNfO5j2kA&sig=Cg0ArKJSzD-KZIsjsnhfEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=730&vt=11&dtpt=480&dett=3&cstd=249&cisv=r20231109.23266&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1AE1 8 KB
8 KB 23ms
20ms Font
font/woff 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
DATA 200
OK truncated
/ Frame EC18 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f097183aa55de8e731d7f219fe8739a0409a355db3918bc3a548764e534d8db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 1363 8 KB
8 KB 22ms
21ms Font
font/woff 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:11 GMT
x-content-type-options: nosniff
age: 45158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:11 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 150E 273 KB
91 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c691572e19ed2e972be60459bb3c16e00eba1bd85ae4856804555f53973c0d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92920
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 12:36:49 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F95E 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5377556344915&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F95E 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5377556344915&version=m202309260101&ct=76&x=1&cor=15125821121527538000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F95E 109 KB
41 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BEWocGohoEWK9Kc9oQ1KXTCIkZvkA3rX0M3jb4SuOh1cy8k7g5A7YwILYqB_4uC-87hAkNCG8nI8_p7rlW6gDBSrkJmDz-WnIANO4WFegOM8aKCl-t0qNZMX_Aiq5hN8qy18WYEEeYlxbmW6xITArarza7NI5W2ddbxAnS1tB52WD3h78&dbm_d=AKAmf-BZTVbvtORsEe2lVqomi4-wlLAhxWcGcUz2lsfQCDkfl5kXxILz7jU0cEf7ceLWnP6xzg47_vmX-kcdWuILnsW-qjQdyJGPjRdYVDlFu3zZOq-wRkMgKnW9HZVtyS4TuBSskeoNy4hSW2YUnuC3FWKhDNT-lRJM0Wko1Oa3Akk_XeinR7XQx8MdIhLgWW_SN6iFx6_cECt5wd_cnJINnd5rlqHaZznvk2H2EprpnT9-yQTsdTqQnKUqZBHXFPB8N8PWtM88OyuduThtOEwhkuiz5GHw2HIOOol6JhQj71xWDwTvXipSOQMnE7KHdjMqKKYk8YSRddKIYOZu06JBwLBNEs89s2sum0Drx-_Gt2KLG_GpQuwKOaL9pofOWijfp458Wn0zC3wnJQMG4mD-J4lXDVRgvkRTuwgy30tUelP4T5T6wXweY_YMqdy68MMG38XecZMEef0QD7qqAB1yQ30p5Yb6Nq9pGDipIr_ooIvesMZNCahQTYT1XozoOSY6nmO4HQ2CWoHflwZC1pSZ627Zb82pgk85wiGJA1X-OFCdhHxyjsyeAyTv9Xec7rcklNb3X4MpLphsgMFrWzEMYVo1_xCETevCwoT4Rdfsv3d0m_2VFcgw28PZpRB5RnYfv7S0pit7dzOVwTv9rhlJLmd16ZGi-CNpWsmCqvd-c8UQa0uuGv8cmmR3PL1KTma4O3Se1mH5FszBxOKx-TxPCFfzQN9jgptaL9rfTR3p6GChS1xe5F_3eWdBEHtFjgyV5xQN0Co2w6fb5vJYn4214ee3SEs13B8agNcsNKVFUXF0VTLsk3ZCjzzSXEEF3v3FHvZYKh8ghmTtlrDedydrxTw5ki9lh1dlu3P5UAoM-Xkuoa-cezF7J07EDWrwwH8R2LEASBOREgOvCNMmaiYK3W1Tr1difX7vUDwmpfIjFBEmZX5ibg2ZSzjxCYIZhfJb2QULZrQRLdLeyMW7lpwS18F94k3W38T8G1bimlYqnE4VIpml0R7kPAvmyzmdU8JO9sqpTkThyiyMBxstjlrMerql_4v5z4gSMRuKxBueERIM2IkCL0eu_M4v9O8ktd2G2YAbGRtIh01e6e6uaL9jVnyCHQ5hPuA3yYnIv-h-C9iIQRtMAT2DDP3ufdyj6FGa5oOGYQBFQY-pnGI4DVd49yT54xHZl2Ktza2Zh30zLL6jyJADmCUpHQ04exfGKXP-Vo4B2AkuJrBxWsCYWUPY8KDZ6We3zN6zQIbKJ4VlqUSDwFQtSMpMP7OCDzH4F-7bctLKZjewuIimD3eAHMjmslK8QdSKLgibi1K93LsJpSPYGaWX7ekEm__1-JxQVDUUTPtlfT1gPv-ZAW5iHHmeEmPpObeRTy7OfZNCAGYPCcEZxHrx_Mylo3XQneCcTQbgQBh-n-5gsIJFHaFRGViGKOhTUjdK2_d1e-KNq7BXwSSvgqSTSw-tMOFJN1R_IVwnk57tzzU9GXbItj_ubtMnYtTnnqNJH1rhqpUGW1pOzGCsqo4cgKN74yQv-ztdwfflarEoADWg9SuF6Q-knLHa0Q-2vssqiYpS0vN2waSFYNre4d3KuIiqN0V09aBqkeQCTxzf9KLb7zYBBTTDyOaTYpRxsJKibKfwHqSlChu6zduSY63SRdsDEK3hpZN0RgZRRqksel0xVQ4As35deVNbz0V-TGXymUW8xXn1Wt40rBuLyMuOxSpB-6NPVDlWlRVs-VzY6-0ErPtB8ldHvGOu7fbo86ulXrjRN8M_f8IuSC_99joAXEMspq2AUK-Qdj8Jz1KGg3iI4AFX_YE0af7KN-ktuf8RCFnzx1JHQpbqadBgFi7gS2fxmc4LJOldHe_5XSUWt35zNw10lr3SrL3utgNYjUmLlCkdcFKV-FIidX8w59_dYv-uO9kim4HYGbqZlvkstEYf0zO3osWWmKVMNTf8P4d_wReOGah0-Z9DVMQK7QmHc6J3klohF-vFiDIr3YKrY_-gyykVBvD7YL-1IIrv8G5rLDryfPuivMk-v4Oxg3A_kX9Zmg1LwfZUXDYaie6fm--vlaz-v0u9KktoadKAwNrHeorjf45pyHgM3lji_GeVgs2q3QASXhG-nrIq5a95js0CyRKxF61-DO6l5MU7lR5SuBaIuibE6WqXIhVNTRF91AalKwOsjntqgQA8fi5FQOSvfVNImRVITNCaemKa_zXoArUG-htnPX32-x_S7-Koiv0R1d5U_0imIafzmwabyAUEHQ_yOvTyksaxeg4n7ZVrygmb5s0QHFE2holTXEua3X7vmZWGY0EJ-UMm54kdajKawaV_ReQft1B4wq3bFVdbDyP2Q811bwzFQgMI4giqT_GefP8VZHAeDCFt21oNJ9sFU_DVYkqXL1g64hZ0raaj4YTfasVZu6NGbQOexFXzRb_Kcr2Ln3Ccq-Oq2QrLRGjjfH9FHWs5vHY-9Tksh6qn3OEmFxe7b4NbMPEg6jy9pOqVCw_Db-nCi4XEmgU8t5iAnRTo2MQFlTM1Lf-vsks54gfjOGE_i6EgbS8pTV4GrQNAuJ5ozLa5XwhBxj9-ZdAJ2d8Z6T4nz22f2-GKFeBCMObISr16uGm0XSP0R_1ESnZu3RXHPNlJql4P7XvWihVIhA6y-6KO-kx9Ik7nKaLqm8fMbacK04bXjOL88ip9rqdsjq0UOSb8CC1uLxokaeMZ6IoFcZg6C7Bg6dfWnl8yCEXhOAmZlWFw9rut4rHwpp4BWgzDy9LWAnOJ51qlx8bWaFJ110N93aX3ARVV5JYLdMfL47uVErM7bpycfqTPz5d_zJG3yO1hucOhG2CjkQMtckySVXJ2LW1dOOgF1B911wgwg_wEYzftUVc6z4rkDatQjV75SWrv4RE7UB86cMbGRjzrO1mBIGP5fj_6Qh3hCtLHFybyA0vlKQllWcyHbSQsdBai4kOnNLzGmHwxqEfYy7QZFIoPrq8Ie3Q44J9zZNzHa_mMkk5YfgoxEDmgRSfawhyZBmw2-TIyefWNfRhv-VpSMKYAaYv0XJg3rDHgNS_x9qpRi_Peyr_moHSuCfgmYtGpU-V5ct3YYZ9TKERAwGCek107fHVB0TN8kMryM59YaJJZC1rXll_w7LesDe153HhFOL1S06IJdhMLb7l55-kgKbTCX6ShteHQqzHB-oVbhdp-puIzh9fNHEQ8cmvIOTlwvd1k9xQ95t_3IcYEvxHOLDLo1JTxJ9ViEenRo1cNuvZbhxMWNoxBo_kv6hft2uwscGWx3HmeY1LCE2L1Ex0aOWNeLeMm_TFrB5tV6R1lIuZlOutBRNd5vbLKxpK61H1ZMh3MIfqrs-rOcyQwNgzmD3FI0RF2OfX-GnagUCdCFTJAkmmiciazzrNfNjUCp1dfU30gbIXCffvqX9yatvQwVsFWWn6jN_NHGVcTIdiYKVbVIabr0uzOhBiAI4HUclQwCBDcjGcKhXaAUp9-C_RKGjU4_IdcEF-GavkHkMCTFsMUWAEIcKE1v1FVqRc5FghNl28fHIdQES69awSXBg-MOOprA-8WQbbtR1j6RUdjQZpr5wUfrsgP-614C1cIm7n8kvbm-6JjU1b2zjNWbLejsIJ2MaE_jjN3WOkQAFKVnT71_xtje6rtRjUT-33_n-GcDRAk3F6WEWQF6pmNLvUo25aL3DMvDde3OStvaw&cid=CAQSPADICaaN-qJNU0j3VV3Hk8sEHfZ6EJLEhDtbLPLM4HbwNp4BL4-hGr_V1q6TU2IbT2UaqlPLC0nbiEw26hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=15125821121527538000&adk=792902355&idt=94&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4388cf4cf8abdc95f660f65d4faa298f644c7617663085396e6e7c4cd9deecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6116 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6116 71 KB
71 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dfe1f9ce8410e9cd1eb921153319aa98dd53d12a6e4fb0efca81ab345bda814

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2796 2 KB
2 KB 214ms
90ms Script
text/html 13.42.155.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=97448700089785004444550012522008&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=90&slotname=7951882379&adk=4164559049&adf=1839787983&pi=t.ma~as.7951882379&w=728&lmt=1701175007&format=728x90&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007196&bpp=3&bdt=328&idt=184&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=8115316249199&frm=20&pv=2&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.155.83 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-155-83.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 128ee7dfb1288ef301192c216de02a16d74281eded353d17d6104af1db6ed2e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
last-modified: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 28 Nov 2023 12:37:49 GMT

GET
H2

200

activityi;dc_pre=CO73nOHa5oIDFepSkQUdlLQJqw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4025007127999.656 Show response
5994599.fls.doubleclick.net/ Frame 77B2
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4025007127999.656?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CO73nOHa5oIDFepSkQUdlLQJqw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4025007127999.656?

391 B
326 B

66ms
65ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CO73nOHa5oIDFepSkQUdlLQJqw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4025007127999.656?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

32a152da069782f7b75acb50f508ec2d99f697d2a65376fdbe846dacacf915eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:49 GMT
expires: Tue, 28 Nov 2023 12:36:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO73nOHa5oIDFepSkQUdlLQJqw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4025007127999.656?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame 4503 7 KB
2 KB 82ms
29ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=97448700089785004444550012522008&a=e5139f04
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=90&slotname=7951882379&adk=4164559049&adf=1839787983&pi=t.ma~as.7951882379&w=728&lmt=1701175007&format=728x90&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007196&bpp=3&bdt=328&idt=184&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=8115316249199&frm=20&pv=2&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ec75971119338393914c15037706a684f44ce97105e89a57f521f47d33570b0c

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2082
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Nov 2023 12:36:49 GMT
Expires: Tue, 28 Nov 2023 12:36:49 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame DBBD 0
0 61ms
60ms Fetch
image/gif 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsszJnJrdNhWGgj9ch--kZTykukMo226nYbdwtsUStjdPgxZowL05TW0OVuQIbMOrkj1N23cETVM5ms2HcML3rB-gssMZZSMxjk_u85AI4aZnRqzNuKSpZzzpYyRtxlfyTPighge7adPk6AwzLS4TIqsfO38f5Rq20Wx9E5fwPpDzr0O55nnQRmA3jxWow238gQV3a2god98i48LCyyZOxFBZuDhqTMS5Vpc&sai=AMfl-YS5tFjGgswJZF8qXI4IGMakbjtWnmC6mmA9Po5PA2m_qTGDteHFoD6V6VwtPcy1_zHIXbZmWNQKv4utBaAfRL0DwfA9Vbvgx_OUwGyTzDB43ybXYZo7UqnNEOmtiCt5hAz78PQLDR6LGBuZmoKxtq-TLtY&sig=Cg0ArKJSzFOZroUn3lgwEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=325&vt=11&dtpt=141&dett=3&cstd=183&cisv=r20231109.25112&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 LogoLockup_Vert_RGB_white.png
s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/ Frame 6116 1 KB
1 KB 22ms
22ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/LogoLockup_Vert_RGB_white.png?

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320c83a2ecf5473795e1137deb93090208180cdb0cf8e7f6dad1a1f1aef35770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:24:06 GMT
x-content-type-options: nosniff
age: 76363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1502
x-xss-protection: 0
last-modified: Fri, 05 May 2023 12:38:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 15:24:06 GMT

GET
H3 200 iStock-1086808322.jpg
s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/ Frame 6116 24 KB
24 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/iStock-1086808322.jpg?

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f92f0adaf2370f83fcdb0a2001f2d1fd3192982ddade3c9e7853735c78accd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:33:04 GMT
x-content-type-options: nosniff
age: 601425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24431
x-xss-protection: 0
last-modified: Fri, 05 May 2023 12:38:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Nov 2024 13:33:04 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FE2C 43 B
215 B 176ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c8985277-ad2d-bbc1-e794-f48fee1f98d1&tv=%7Bc:vgJBTr,time:1275,type:e,im:%7Bpci:%7Btdr:753%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1275,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1270~0%5D,as:%5B1270~360.280%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:357,fm:tWUkY1M+11%7C121%7C13%7C14*.1474271-76103297%7C141%7C15%7C16%7C17%7C181.1627455-73523873%7C1811%7C191.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:15,sis:220%7D&br=c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FE2C 42 B
64 B 100ms
57ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqsjhfRU6QUgzisseoO1Snc9ywsZpnfN_ls8lCB48abXzmz0156s8zuTPxVdFBcgN7DqevZwd8IOZQkeNuNy2tt-_gLl1BZsYgPLE1ulI40NAxaYZy_JDLburjUI9nH8PeXESm42RfJV6d&sai=AMfl-YTn-qZmfWebp_xzFpIXvpho7Q9sSJljQ72YmodUqxUnZ0XeYV3xACQU2hDWHA7CNH3b5mog_Nds7FUDg9jR3yLAn-6d_FC8PT4i04zpKLXaWh0JQghSFmBbBq4G3eV9D0pcqGMnJQAUmazxzBn1kA&sig=Cg0ArKJSzFIr8-4Ldfu5EAE&cid=CAQSTwDICaaNq-Izz6zxkWywYtVA51b1HjEs_K7e2vpm0pJOxmG4Jp9xwsLuz9tMybWUBX8VnUGOlN1EPP9_MC7xj2IOQvCTZWjQAfPf-Rc0MOkYAQ&id=lidar2&mcvt=1039&p=0,0,280,360&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3458766646&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701175007401&rpt=1167&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 LogoLockup_Vert_RGB_white.png
s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/ Frame 6116 1 KB
1 KB 20ms
19ms Image
image/png 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/LogoLockup_Vert_RGB_white.png?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320c83a2ecf5473795e1137deb93090208180cdb0cf8e7f6dad1a1f1aef35770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 15:24:06 GMT
x-content-type-options: nosniff
age: 76363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1502
x-xss-protection: 0
last-modified: Fri, 05 May 2023 12:38:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 15:24:06 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/iStock-1086808322.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f92f0adaf2370f83fcdb0a2001f2d1fd3192982ddade3c9e7853735c78accd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 13:33:04 GMT
x-content-type-options: nosniff
age: 601425
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24431
x-xss-protection: 0
last-modified: Fri, 05 May 2023 12:38:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Nov 2024 13:33:04 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1627455/73523884/ Frame F95E 255 KB
77 KB 48ms
48ms Script
application/javascript 52.210.22.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1627455/73523884/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-7094677798399606&ias_chanId=1&ias_placementId=20492285957&bidurl=https://www.gaflaquiz.xyz/&ias_dealId=&xsId=ABAjH0hHs3OXEdx9maOdVtznyVlT&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hHs3OXEdx9maOdVtznyVlT
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.22.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-22-122.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e1c2ba085e19c1ac1ee71a5cab21e4c909676c822097bd7d7d02bed446e0273a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F95E 111 KB
39 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
Origin: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame F95E 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BEWocGohoEWK9Kc9oQ1KXTCIkZvkA3rX0M3jb4SuOh1cy8k7g5A7YwILYqB_4uC-87hAkNCG8nI8_p7rlW6gDBSrkJmDz-WnIANO4WFegOM8aKCl-t0qNZMX_Aiq5hN8qy18WYEEeYlxbmW6xITArarza7NI5W2ddbxAnS1tB52WD3h78&dbm_d=AKAmf-BZTVbvtORsEe2lVqomi4-wlLAhxWcGcUz2lsfQCDkfl5kXxILz7jU0cEf7ceLWnP6xzg47_vmX-kcdWuILnsW-qjQdyJGPjRdYVDlFu3zZOq-wRkMgKnW9HZVtyS4TuBSskeoNy4hSW2YUnuC3FWKhDNT-lRJM0Wko1Oa3Akk_XeinR7XQx8MdIhLgWW_SN6iFx6_cECt5wd_cnJINnd5rlqHaZznvk2H2EprpnT9-yQTsdTqQnKUqZBHXFPB8N8PWtM88OyuduThtOEwhkuiz5GHw2HIOOol6JhQj71xWDwTvXipSOQMnE7KHdjMqKKYk8YSRddKIYOZu06JBwLBNEs89s2sum0Drx-_Gt2KLG_GpQuwKOaL9pofOWijfp458Wn0zC3wnJQMG4mD-J4lXDVRgvkRTuwgy30tUelP4T5T6wXweY_YMqdy68MMG38XecZMEef0QD7qqAB1yQ30p5Yb6Nq9pGDipIr_ooIvesMZNCahQTYT1XozoOSY6nmO4HQ2CWoHflwZC1pSZ627Zb82pgk85wiGJA1X-OFCdhHxyjsyeAyTv9Xec7rcklNb3X4MpLphsgMFrWzEMYVo1_xCETevCwoT4Rdfsv3d0m_2VFcgw28PZpRB5RnYfv7S0pit7dzOVwTv9rhlJLmd16ZGi-CNpWsmCqvd-c8UQa0uuGv8cmmR3PL1KTma4O3Se1mH5FszBxOKx-TxPCFfzQN9jgptaL9rfTR3p6GChS1xe5F_3eWdBEHtFjgyV5xQN0Co2w6fb5vJYn4214ee3SEs13B8agNcsNKVFUXF0VTLsk3ZCjzzSXEEF3v3FHvZYKh8ghmTtlrDedydrxTw5ki9lh1dlu3P5UAoM-Xkuoa-cezF7J07EDWrwwH8R2LEASBOREgOvCNMmaiYK3W1Tr1difX7vUDwmpfIjFBEmZX5ibg2ZSzjxCYIZhfJb2QULZrQRLdLeyMW7lpwS18F94k3W38T8G1bimlYqnE4VIpml0R7kPAvmyzmdU8JO9sqpTkThyiyMBxstjlrMerql_4v5z4gSMRuKxBueERIM2IkCL0eu_M4v9O8ktd2G2YAbGRtIh01e6e6uaL9jVnyCHQ5hPuA3yYnIv-h-C9iIQRtMAT2DDP3ufdyj6FGa5oOGYQBFQY-pnGI4DVd49yT54xHZl2Ktza2Zh30zLL6jyJADmCUpHQ04exfGKXP-Vo4B2AkuJrBxWsCYWUPY8KDZ6We3zN6zQIbKJ4VlqUSDwFQtSMpMP7OCDzH4F-7bctLKZjewuIimD3eAHMjmslK8QdSKLgibi1K93LsJpSPYGaWX7ekEm__1-JxQVDUUTPtlfT1gPv-ZAW5iHHmeEmPpObeRTy7OfZNCAGYPCcEZxHrx_Mylo3XQneCcTQbgQBh-n-5gsIJFHaFRGViGKOhTUjdK2_d1e-KNq7BXwSSvgqSTSw-tMOFJN1R_IVwnk57tzzU9GXbItj_ubtMnYtTnnqNJH1rhqpUGW1pOzGCsqo4cgKN74yQv-ztdwfflarEoADWg9SuF6Q-knLHa0Q-2vssqiYpS0vN2waSFYNre4d3KuIiqN0V09aBqkeQCTxzf9KLb7zYBBTTDyOaTYpRxsJKibKfwHqSlChu6zduSY63SRdsDEK3hpZN0RgZRRqksel0xVQ4As35deVNbz0V-TGXymUW8xXn1Wt40rBuLyMuOxSpB-6NPVDlWlRVs-VzY6-0ErPtB8ldHvGOu7fbo86ulXrjRN8M_f8IuSC_99joAXEMspq2AUK-Qdj8Jz1KGg3iI4AFX_YE0af7KN-ktuf8RCFnzx1JHQpbqadBgFi7gS2fxmc4LJOldHe_5XSUWt35zNw10lr3SrL3utgNYjUmLlCkdcFKV-FIidX8w59_dYv-uO9kim4HYGbqZlvkstEYf0zO3osWWmKVMNTf8P4d_wReOGah0-Z9DVMQK7QmHc6J3klohF-vFiDIr3YKrY_-gyykVBvD7YL-1IIrv8G5rLDryfPuivMk-v4Oxg3A_kX9Zmg1LwfZUXDYaie6fm--vlaz-v0u9KktoadKAwNrHeorjf45pyHgM3lji_GeVgs2q3QASXhG-nrIq5a95js0CyRKxF61-DO6l5MU7lR5SuBaIuibE6WqXIhVNTRF91AalKwOsjntqgQA8fi5FQOSvfVNImRVITNCaemKa_zXoArUG-htnPX32-x_S7-Koiv0R1d5U_0imIafzmwabyAUEHQ_yOvTyksaxeg4n7ZVrygmb5s0QHFE2holTXEua3X7vmZWGY0EJ-UMm54kdajKawaV_ReQft1B4wq3bFVdbDyP2Q811bwzFQgMI4giqT_GefP8VZHAeDCFt21oNJ9sFU_DVYkqXL1g64hZ0raaj4YTfasVZu6NGbQOexFXzRb_Kcr2Ln3Ccq-Oq2QrLRGjjfH9FHWs5vHY-9Tksh6qn3OEmFxe7b4NbMPEg6jy9pOqVCw_Db-nCi4XEmgU8t5iAnRTo2MQFlTM1Lf-vsks54gfjOGE_i6EgbS8pTV4GrQNAuJ5ozLa5XwhBxj9-ZdAJ2d8Z6T4nz22f2-GKFeBCMObISr16uGm0XSP0R_1ESnZu3RXHPNlJql4P7XvWihVIhA6y-6KO-kx9Ik7nKaLqm8fMbacK04bXjOL88ip9rqdsjq0UOSb8CC1uLxokaeMZ6IoFcZg6C7Bg6dfWnl8yCEXhOAmZlWFw9rut4rHwpp4BWgzDy9LWAnOJ51qlx8bWaFJ110N93aX3ARVV5JYLdMfL47uVErM7bpycfqTPz5d_zJG3yO1hucOhG2CjkQMtckySVXJ2LW1dOOgF1B911wgwg_wEYzftUVc6z4rkDatQjV75SWrv4RE7UB86cMbGRjzrO1mBIGP5fj_6Qh3hCtLHFybyA0vlKQllWcyHbSQsdBai4kOnNLzGmHwxqEfYy7QZFIoPrq8Ie3Q44J9zZNzHa_mMkk5YfgoxEDmgRSfawhyZBmw2-TIyefWNfRhv-VpSMKYAaYv0XJg3rDHgNS_x9qpRi_Peyr_moHSuCfgmYtGpU-V5ct3YYZ9TKERAwGCek107fHVB0TN8kMryM59YaJJZC1rXll_w7LesDe153HhFOL1S06IJdhMLb7l55-kgKbTCX6ShteHQqzHB-oVbhdp-puIzh9fNHEQ8cmvIOTlwvd1k9xQ95t_3IcYEvxHOLDLo1JTxJ9ViEenRo1cNuvZbhxMWNoxBo_kv6hft2uwscGWx3HmeY1LCE2L1Ex0aOWNeLeMm_TFrB5tV6R1lIuZlOutBRNd5vbLKxpK61H1ZMh3MIfqrs-rOcyQwNgzmD3FI0RF2OfX-GnagUCdCFTJAkmmiciazzrNfNjUCp1dfU30gbIXCffvqX9yatvQwVsFWWn6jN_NHGVcTIdiYKVbVIabr0uzOhBiAI4HUclQwCBDcjGcKhXaAUp9-C_RKGjU4_IdcEF-GavkHkMCTFsMUWAEIcKE1v1FVqRc5FghNl28fHIdQES69awSXBg-MOOprA-8WQbbtR1j6RUdjQZpr5wUfrsgP-614C1cIm7n8kvbm-6JjU1b2zjNWbLejsIJ2MaE_jjN3WOkQAFKVnT71_xtje6rtRjUT-33_n-GcDRAk3F6WEWQF6pmNLvUo25aL3DMvDde3OStvaw&cid=CAQSPADICaaN-qJNU0j3VV3Hk8sEHfZ6EJLEhDtbLPLM4HbwNp4BL4-hGr_V1q6TU2IbT2UaqlPLC0nbiEw26hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ds=l&xdt=1&iif=1&cor=15125821121527538000&adk=792902355&idt=94&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:35:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F95E 31 KB
12 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 04:49:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F95E 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

OPTIONS
H/1.1 204
No Content updateOriginalUrl
sdk.truepush.com/api/v1/ Frame 0
0 186ms
186ms Preflight 103.231.212.226
CTRLS-AS-IN CtrlS

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.truepush.com/api/v1/updateOriginalUrl
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.212.226 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),
Reverse DNS: static-103-231-212-226.ctrls.in
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gaflaquiz.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.gaflaquiz.xyz
Content-Length: 0
Date: Tue, 28 Nov 2023 12:36:49 GMT
Vary: Origin, Access-Control-Request-Headers
X-Powered-By: Express

POST updateOriginalUrl
sdk.truepush.com/api/v1/ 0
0

GET
H3 200 css
fonts.googleapis.com/ 6 KB
680 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

466798fae129eb3899a28dc6cd8aaab04bfbad6e4a9f51d598a225041ea64165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:25:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 12:36:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4503 2 KB
434 B 31ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=97448700089785004444550012522008&a=e5139f04

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:17:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 12:36:49 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4503 10 KB
10 KB 72ms
25ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=97448700089785004444550012522008&a=e5139f04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 933c66152fd3dfd879a49b9da75a5157b9a37afde1ee7e8474e6b81632d8f092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 12:36:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9891
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4503 9 KB
9 KB 76ms
26ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=97448700089785004444550012522008&a=e5139f04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 6b0592c17dae6f17acb82625d235a0bc54165fa10269d0521d964882f5fabb04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 12:36:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9249
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4503 7 KB
7 KB 78ms
26ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native4.png
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=97448700089785004444550012522008&a=e5139f04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 57dd6a980d3c8b433cb6c3539aac3498448de60beba2511fdf243ff4fe4e50c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 12:36:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7116
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 88D5 1 KB
645 B 23ms
21ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 09:25:15 GMT
etag: 48472445140208031
expires: Wed, 29 Nov 2023 09:25:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F95E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c06a0e413fe6a60629d8259dcc0cef98cfa1a472d87f699e9149c75aea8ed98e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F1C 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BPE3x4N5lZeWLDveU9fgP-LiQ-AYAAAAAOAHgBAI&bg=!CgmlCUbNAAZxrfrxUa07ADQBe5WfOJvEQSE9htKJXZJ3ZNzn9A9fxAqIL9uQ0DN_WDjYCYjtC2w2Y7YEn66iXYdFE9VKAgAAAS1SAAAAAWgBBwoAIVVFYMAXeeXgOjkwH8LvZrdvLiyhlOYUjIegltVIx2kGLpkC10itqqU5Qpae-d5AAu7y1ANd2VdjdPRpD5It9yvzvo9OzCwxBDLgxio950-QIzCKOHTCrx-XkdmAqPVstCFNxfxr5pSgVZy5Eawsw6vl6OTd2ymcCrB-GI7TX4754nZHmttU4YZftFn6KWAzxXHNrlWs12d42t6AVCDBrseIvEaX6L4SiebxcIpfrJ3PXXFWMkcluMovuZk2-iVbGNGeO5hcCnkYEwqo5BkYKr3G-FpTm_3fNHy_URa3_XwKedGDvGD9HCx6ehSaiaSCJy7vIgAtYNZYTzmsneFJJ_u6VACJkdBfztJrQSyi8QgloELNmCEB-ihpQxZCkPk7p8oSDvKAxsgw-TIEwIYH04cKxdhUKrR7SA7wK487dOiElLH_zxvtcDzHXR4XK2kSvZGi4cHqczfa0_flv5P5ZlmGJDRxZEFyJjqmsUl4xSlvF_vs6r9_V9DxF9gEGnApg-MBLf5qcILYYGMoetcZ6JN251D9wGaBQSeBhM6pY9u-8ZlnBbD3f4Z3W7bdex1W23W1MrsDlDeG4iWejx9zkBbOaVyamepQx4fcsbtEndxOSUmJJ7WB7Pl8MnqtA8uvcbf838qJX5GCLzURraqadT2JLP1zfBi56bR3vvm0RCfPGu6YSulNZ40Wskr9i6uXSOnnRiF3dhHG1WeyER-kcXT7QN62cbfkBZAFCtUE23gCyRIjqikuU5BUHhR6Ryp4J5fu4_LVgrfx19Yxgqx86BAqYNsCqw2lKFBOomDnSseseHCKkaJnMLA13txWdiC0xiBSM3ypp1V-jpggvJ5QFzTK_4boLcDndqksWvuv95faJWLj6nga0maiDiDZJxpcdrLOHkDIvwFhUsHC-auLNlLqXYkrIkISWy_z7tm6fYuZO3cYVBO7X411uA15HglPQTtfxZeTAcqZcrTFov-vjOGXDoZahN2TZ-ez9FskF4Oow6orTNR6LMmlH68

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B222 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b059bab8-94db-e99e-3f97-3aa1f35d68e0&tv=%7Bc:vgJBWs,time:966,type:e,im:%7Bpci:%7Btdr:542%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:278,o:688,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B684~0%5D,as:%5B684~0.0%5D%7D%7D,%7Bsl:i,t:688,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B278~100%5D,as:%5B278~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:225,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181*.1627455-73523873%7C1811%7C191.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:421%7D&br=c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK viewability Show response
hal90008.redintelligence.net/ Frame 4503 0
150 B 82ms
28ms Script
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/viewability?s=97448700089785004444550012522008&a=00abef82&vb=m
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=97448700089785004444550012522008&a=e5139f04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90008.redintelligence.net/request_content.php?s=97448700089785004444550012522008&a=e5139f04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Tue, 28 Nov 2023 12:36:49 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame F95E
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1627455/73523884/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-7094677798399606&ias_chanId=1&ias_placementId=20492285957&bidurl=https://www.gaflaquiz.xy...
https://static.adsafeprotected.com/4.js?xsId=ABAjH0hHs3OXEdx9maOdVtznyVlT&ias_xappb=&adContainerId=brand_safety_4d5lZYTkIPX9x_APoMOE4Ac&cbFunctionName=goog_wrapCb_4d5lZYTkIPX9x_APoMOE4Ac&true_pb=

1 KB
1 KB

20ms
19ms

Script
application/javascript

2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?xsId=ABAjH0hHs3OXEdx9maOdVtznyVlT&ias_xappb=&adContainerId=brand_safety_4d5lZYTkIPX9x_APoMOE4Ac&cbFunctionName=goog_wrapCb_4d5lZYTkIPX9x_APoMOE4Ac&true_pb=
Requested by: Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:25:12 GMT
x-amz-version-id: c7hCKBSAcCMflhCpaP6Ul5S2_C_IzKH4
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 529898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Nov 2023 09:25:10 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: JeCfzAjUkroYRhJga_O2WSSzzi4wh5rHfgqamxD7rg5hQ2DsH0heFQ==

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?xsId=ABAjH0hHs3OXEdx9maOdVtznyVlT&ias_xappb=&adContainerId=brand_safety_4d5lZYTkIPX9x_APoMOE4Ac&cbFunctionName=goog_wrapCb_4d5lZYTkIPX9x_APoMOE4Ac&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 6DFE 91 KB
23 KB 22ms
22ms Script
application/javascript 2600:9000:223f:5e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5920059
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: b_EZxz9Rr1Bbf3QT-OeaaOKyFXevr0ECEArl8PfvYIY51ya7XFSS6Q==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1885 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBNVK4N5lZambHq_Hx_APgrKBmAMAAAAAOAHgBAI&bg=!oKOlo-zNAAZxrfrxUa07ADQBe5WfONn_qGz5wIObioZiobBQ8h5JhUKcUjcu6CnWRPh4O3KOeh2TixgXjVOTQpgJnCi8AgAAAVJSAAAAAmgBBwoAden9Lc-IJpqlaVlcHUeahxyJpjL76NadiJouKF7BLuvogPS5yDruHa1B6UO7csqq-3vmfuZ0yaEqUt4HCO9tfFIOq8cgdyoFGxRZEcqkseAzfTPL8qU6GoXaBUSpN_duIMdmeRDQgIh_Cpe9--tOVGGxbfVZuJkDBk_mmDiBNwShJGWQYnHKPLC3DDz9LO4Ypt1AxMZK0DZiwDvToRCtGWRClmOU4Q9xDH137LUXB2NptCfPv8TQw2A0W3OH0ERMpLcgaKRPOII9FRaA-a6fnalhwKbHhozCaqIJKfgCvu8WCZ9UtT97gmoN9P-1dL1SUdinAxRRn7vgsilckSBfdYm4kOybUsA1NrFaueaRvkt5g_pAhpdmJ7m67uLC_PvCAzCoGoyxXK3hguJjE8y5ljlPkpL2K5BtE92T3-zdJOMMTozwVQyYUAkVdtlOs92o_PAApUeB2iV1_KGfjdUHvNTUnrphYJ9Ut4ltXBaUGo1R0x6lMFQnx-JkFExWN4JbL2A4H7y8rZz8BmAqyHKZDB1dzq--aQxzheaI92L2ajKF5_9jF-WrsNP8mrd8T_AfAKWJTi49Xg_7xL_YjMXAB8dLSXWLIbZCvBLDMJKzMEjwzWg4jX9AMHY36W0Z9PuaoldrjmBBxRqaXlDb8AtBtuPLhQiLF-13TNJHTwkSO5WCXAurhiHtI2VPhaBqXsgo7_lxv4flx9Lhzhizp_aqKawNYfHMPHJnVLvhGwhiwHD12IdiTKRJKYLqC5mgEqLWAHB3macPbtrbD5h7cupBGRTigr1slnAU-9U89Igr9sC9WyqQBzd9nZgaaDUd2AzIQcUvdM45wcmOz6UonnlVvwIwfds4vyNGaYXE4pLaHeU6ePkSZLdR6QqttF3NzyjekP5TvYZHZHNVaYsiwjT2yal_Ae12hWugIFxXCQ3QNTn6fshiSjS3Ute0LnXMez3VQH2OaMqOwZefqqylEF-KMSeh5YkbTLs3sv-qYDu0EVTO6N_s1xT96zxSqPNkqcRfVlpYdh-61QQkpLTEhjWY1IXekT27Nkc-bEnaOUYrINQMcDEKcZrPilhSf0Hz-RacKaKXZ1arIoBR6GM4nwzkrCNCjMoIjXhj5Vl517OXu15m2-gx2jpwelyf4CFI0x0OOoUx3z9rjuZcaIMHBztcRFzjPKxBUkYoBlhTaYD4og

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88D5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENYwUdPcUujkMc_M-lEC1SU&google_cver=1&google_push=AXcoOmRdfm4lb9WU8cDxluAWF7afvWjKk-NDwLrnKHH5R1_K_kAKSNe3yWzV7itpfhjtDcfAKaMFuxSXB33G8gBUyEkLAALqzwE8Cg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9B951BEDDAE3400D9A575B01B93BC75B&google_push=AXcoOmRdfm4lb9WU8cDxluAWF7afvWjKk-NDwLrnKHH5R1_K_kAKSNe3yWzV7itpfhjtDcfAKaMFuxSXB33G8gB...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9B951BEDDAE3400D9A575B01B93BC75B&google_push=AXcoOmRdfm4lb9WU8cDxluAWF7afvWjKk-NDwLrnKHH5R1_K_kAKSNe3yWzV7itpfhjtDcfAKaMFuxSXB33G8gBUyEkLAALqzwE8Cg

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 28 Nov 2023 12:36:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9B951BEDDAE3400D9A575B01B93BC75B&google_push=AXcoOmRdfm4lb9WU8cDxluAWF7afvWjKk-NDwLrnKHH5R1_K_kAKSNe3yWzV7itpfhjtDcfAKaMFuxSXB33G8gBUyEkLAALqzwE8Cg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 27 Nov 2023 12:36:49 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 88D5 43 B
146 B 70ms
22ms Image
image/gif 52.28.119.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJMyo7Yh8rsblmmJtovZCGo&google_cver=1&google_push=AXcoOmQaYO5PLXGnQxYDlW51sy1wl6a5Kc5hIiyxxQBzPKcr81G2NgiAs0gIQdcmRumUMK6jtbJOUWuYkPY-FurGtn5NaCQKXb3QrQ
Requested by: Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.119.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-119-39.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88D5
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEPcBsCtrRWYT4PruNkvpzJM&google_cver=1&google_push=AXcoOmTsEDLHhxrGy3DS8VTaOJuq8OI1zyhMWbXSyhHSfzPw0rpecODr6rNCJJJO4zLusAvm9qsacLtxpSvi5...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEPcBsCtrRWYT4PruNkvpzJM&google_push=AXcoOmTsEDLHhxrGy3DS8VTaOJuq8OI1zyhMWbXSyhHSfzPw0rpecODr6rNCJJJO4zLusAvm9qsacLtxpSvi5...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTsEDLHhxrGy3DS8VTaOJuq8OI1zyhMWbXSyhHSfzPw0rpecODr6rNCJJJO4zLusAvm9qsacLtxpSvi5vxu31q2RPzRNXgPtg&google_hm=ZkVDdms1VmFFMW5PdX...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTsEDLHhxrGy3DS8VTaOJuq8OI1zyhMWbXSyhHSfzPw0rpecODr6rNCJJJO4zLusAvm9qsacLtxpSvi5vxu31q2RPzRNXgPtg&google_hm=ZkVDdms1VmFFMW5PdXJ5eTIxOEc=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 12:36:50 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTsEDLHhxrGy3DS8VTaOJuq8OI1zyhMWbXSyhHSfzPw0rpecODr6rNCJJJO4zLusAvm9qsacLtxpSvi5vxu31q2RPzRNXgPtg&google_hm=ZkVDdms1VmFFMW5PdXJ5eTIxOEc=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88D5
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEK9XDooz_Ik3u3LmhYYv-74&google_cver=1&google_push=AXcoOmQ16xG3iPBUf9uUNGPnpvdMD_5jj3nBSOnva_p4dPEhOe_FE4owN_XuCfxZno2MvBi8dM2J6Bj_uOZ5Qvp...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jPVAtuxBXqdgv7R-IW1litly2hY&google_push=AXcoOmQ16xG3iPBUf9uUNGPnpvdMD_5jj3nBSOnva_p4dPEhOe_FE4owN_XuCfxZno2MvBi8dM2J6Bj_uOZ5Qv...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jPVAtuxBXqdgv7R-IW1litly2hY&google_push=AXcoOmQ16xG3iPBUf9uUNGPnpvdMD_5jj3nBSOnva_p4dPEhOe_FE4owN_XuCfxZno2MvBi8dM2J6Bj_uOZ5QvpPY_uvPQHk_6C4EQ

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=jPVAtuxBXqdgv7R-IW1litly2hY&google_push=AXcoOmQ16xG3iPBUf9uUNGPnpvdMD_5jj3nBSOnva_p4dPEhOe_FE4owN_XuCfxZno2MvBi8dM2J6Bj_uOZ5QvpPY_uvPQHk_6C4EQ
Date: Tue, 28 Nov 2023 12:36:50 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88D5
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL65RX6CleMzhSfiqCKXjlE&google_cver=1&google_push=AXcoOmTqqm_BLnV0JPuD975f7uaGG0b2rLUiaHtYp77vIVxXs7K86qSmjiB22t-4aL0Zq-ZlLQl-ircGZ0PIeZPiB...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEL65RX6CleMzhSfiqCKXjlE&google_cver=1&google_push=AXcoOmTqqm_BLnV0JPuD975f7uaGG0b2rLUiaHtYp77vIVxXs7K86qSmjiB22t-4aL0Zq-ZlLQl-ircGZ0PIeZPiB...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTqqm_BLnV0JPuD975f7uaGG0b2rLUiaHtYp77vIVxXs7K86qSmjiB22t-4aL0Zq-ZlLQl-ircGZ0PIeZPiBFdqFRLgxZgE2Q&google_hm=Hu1UpGZHoURS1rMuTYa-...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTqqm_BLnV0JPuD975f7uaGG0b2rLUiaHtYp77vIVxXs7K86qSmjiB22t-4aL0Zq-ZlLQl-ircGZ0PIeZPiBFdqFRLgxZgE2Q&google_hm=Hu1UpGZHoURS1rMuTYa-cNOn

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 28 Nov 2023 12:36:49 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTqqm_BLnV0JPuD975f7uaGG0b2rLUiaHtYp77vIVxXs7K86qSmjiB22t-4aL0Zq-ZlLQl-ircGZ0PIeZPiBFdqFRLgxZgE2Q&google_hm=Hu1UpGZHoURS1rMuTYa-cNOn
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 88D5
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJ1MMN8sI2JrfS3km6yy500&google_cver=1&google_push=AXcoOmRT-BvXph1ymJoGfkmVr2aJ7VsioDQ76F3qHRclAg3Cd2gvQxo_muYf-mvmwmfwRmXA3XsofGzSvKB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRT-BvXph1ymJoGfkmVr2aJ7VsioDQ76F3qHRclAg3Cd2gvQxo_muYf-mvmwmfwRmXA3XsofGzSvKBuobD_mkHkZrwAGTmooyk
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

20ms
20ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dot.gif
s0.2mdn.net/ Frame 88D5
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEM7-6BAPKNoPrDTEP9rE2ZY&google_cver=1&google_push=AXcoOmSc7W1vON3BRsfA-lnY-Wo-of7cMh3eQRCLVe5qAP4ClqMqpNQgw22TNkh3kLBV_zWeo7DwSm8zaDprTG01qEUq...
https://sync.gonet-ads.com/match/google?google_gid=CAESEM7-6BAPKNoPrDTEP9rE2ZY&google_cver=1&google_push=AXcoOmSc7W1vON3BRsfA-lnY-Wo-of7cMh3eQRCLVe5qAP4ClqMqpNQgw22TNkh3kLBV_zWeo7DwSm8zaDprTG01qEUq...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDk5OGU1NDlhYjc1Yjc2Zg&google_push=AXcoOmSc7W1vON3BRsfA-lnY-Wo-of7cMh3eQRCLVe5qAP4ClqMqpNQgw22TNkh3kLBV_zWeo7DwSm8zaDprTG01qEUq3gX...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NDk5OGU1NDlhYjc1Yjc2Zg&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
72 B

20ms
20ms

Image
image/gif

2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:42:26 GMT
x-content-type-options: nosniff
age: 53664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Nov 2023 21:42:26 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 88D5 0
12 B 30ms
29ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYps9N9x1XGJitHwiZ4_X7VLEvJ0QjgKMv9tXuhK-52_9HxFxMYV2Vg5ODQnR4yup5Of6mb4w

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE29 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_udp4N5lZb7xIK_H1PIP65eBqA8AAAAAOAHgBAI&bg=!bm2lbSLNAAZxrfrxUa07ADQBe5WfOBils-Wi14uUkgTXn9vSFVvhR5sn9N0Dq5wgMph1hq04kgbVDLar_AHYG2o_zVDrAgAAAUZSAAAAAWgBBwoANYSY090Kw4sPM2EPTnOPu78gFO6CbOvtaUSNEv58P3Cyq2GMhcvrv-Ebo3RQx0svUQ_CtVxzmQMW7jv-yZcB3N_3exT9msdE-ufFI6YXkdEKpKgtDUQdUW6HbFya1JLpm_PRRdsY-KXD61EmjIbjvh5wFBy2fYtftS0zicdwYfThXfvrWDBe2ABKx20t8Dgn9GUttAnPYAlBVB8Mm9QAQktqssF8NRD8ZtZw1Oa72a62ph_MsVh97r_nj5q9BfyJKA72qQEbjTer0lFmlEfymdAxIjQn8AKJPMM92V41eejaKBc6VmL9ojJS1CrquWLLo5avuc-Ysd62NrE6yVG--1AQzYYAHzIdnjc8eLDg8sqjTCFt8SQIK-AnR0XJCHbHNnMQeIhLjpjlEOIISi4HnItjOQOFVJUIdvro6dtOFiTkWpKE1zxC28R-sPGvOJiwCcVY2ieak0mo8g70KlC0vEeZXMyOr0yjmWkzkicHrWIUuOJy0MGO0DKKTHsErzQBUw5dKpbhT-Fu2y8YDAOOFZupvVcFwBjrEPbUKruprGS3Qxw-dzOUqJwIkLBPo7_Zc8JNid0TfBGmse13r_6bzqVa72ZYlfPAkQQtVB7EQfusGaWvKTtHK4A5_mv0gEnsKh-NAJoTNUjP4cuE4yk6ytQze0qhFYQob422T1VneVbn9C29vdNZ3E8N-o8efD0TiJ-weIJC68EXyEigQoPt8XqSrIU6fI_fF-IrZittwtL4qnR5tIyQs4FxGtfvAdotrLjO2cJNmbYXypu4nVIqn8j7ozQCEFq0YeYqXPuS5U8-vtQWZxvup2ghYvIY9aRZq5BAHGmR59zlChyvh8lVGNMf9QIPFHzyfVKhWVLKFmBaahGi1SfQaSZ0AmM52Auy8mMRyOto2IJ5zvuPNtJdaqOTv9Y0_l0-mxv_5YBZqjy6dq1dRcN3joCdIhhOYeSKpNUUKytHF41pLi7-z_NweGxsKoQ-5Q6GdEocL_pgl-zrBpWKQhjfcDCCbperCPRpO6wSS5LsTse1GNMeovKXo219xd2-6TCYWUXojHosBciTa4IAOPswVz6YjPwfB_56Ho4IpHIM0ynb2r7scYU0xi0zZ9myHUgaCEhN90dp9Q

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 564F 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 245918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CO73nOHa5oIDFepSkQUdlLQJqw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4025007127999.656
adservice.google.com/ddm/fls/z/ Frame 77B2 42 B
401 B 125ms
58ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO73nOHa5oIDFepSkQUdlLQJqw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4025007127999.656

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CO73nOHa5oIDFepSkQUdlLQJqw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4025007127999.656?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F95E 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=4170a794-5d97-738a-46ff-5050ad2ee7e9&tv=%7Bc:vgJBXk,pingTime:-3,time:53,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkYpn+11%7C121%7C122%7C123%7C124%7C125%7C126%7C131%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C1711%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C1913%7C1914%7C1a1%7C1a2%7C1a3%7C1a4%7C1b%7C1c1%7C1d%7C1e%7C1f1%7C1g%7C1h*.1627455-73523884%7C1h1%7C1h2,idMap:1h*,rmeas:1,rend:0,renddet:svg.us,siq:21%7D&br=c
Requested by: Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F95E 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=4170a794-5d97-738a-46ff-5050ad2ee7e9&tv=%7Bc:vgJBXk,pingTime:-6,time:53,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkYpn+11%7C121%7C122%7C123%7C124%7C125%7C126%7C131%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C1711%7C1811%7C1812%7C1813%7C1814%7C1911%7C1912%7C1913%7C1914%7C1a1%7C1a2%7C1a3%7C1a4%7C1b%7C1c1%7C1d%7C1e%7C1f1%7C1g%7C1h*.1627455-73523884%7C1h1%7C1h2,idMap:1h*,rmeas:1,rend:0,renddet:svg.us,siq:21%7D&tpiLookup=ao:www.gaflaquiz.xyz*&br=c
Requested by: Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8873050794531264236/ Frame 67EA 6 KB
2 KB 21ms
21ms Document
text/html 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccfe2dacabb31d8c37f0ea1e035b217fe04d7d1c79367b674e7009dd0361863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 45150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1868
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 00:04:19 GMT
expires: Wed, 27 Nov 2024 00:04:19 GMT
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F95E 0
0 71ms
71ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssElFyt4pxkUH_bM6LT-MU1hYDQgyVLsXaMo01zNObVqrwaHQdXVnWZLpoR7h7Mtttl1m6iYRGEBsSOkMtLGzhpJvYkNveO48sZUEkzAIYjbMo7SJLBm0omrDSWLwUrlpng7GC9beJPs68MTY33vX4ayw6ndX7pxfbY6xEL8pRuIFWKPK3YHjs-R8EbxPInG4pQHVvPqv6nVUcI-FwKSersZ5vYwIR5tMb8MWL49dVfjt3KUlbOJueEK4rVaKdOFatpc2U8ez9scw8bRw6C27t6K2AQngsBTvIYZ5jYoOS-g-J74wZKSv5Mop-ueksrKG9aACjUFwvV9s7Ym5TLeEwmVgzCwwWNolukYSlmLstxTD0Ymcc6n3Es38_TFG6TrtjOyWNlCanZYua41DAX9nmTYF2iPLENk3YV_g3mQ8tg3gCK7rnVBnQAzM59eu4DaF3omR3Ekd-HBaeLfFJLjEtgbZL4vf49JAHCa08agcDSVRV1Wht-knmVMBf5OB2WzxPNes7GRThpxhWpuNXcjMMAb0ldinRHIEYbvLWpZNqFCZwNErT1PLiCENUEPu8UYEuQBiP4wcirLgepHKM-HL_Jb-ifNv-qXRUm40vDQvCLFNLCLLgn1xWp65JXg9VAvnv7a6lmm3xslDKbaVoO9ql2E4DJ-NzI4V4WkphOzBf6bDhPalNXx6huPLZiWB7q_sHv6copsGEs16hpC07Q0IfcFCIJSPajliQUuPLZwypVhpKYccPu8iDXuEEqA-E_M8dOfBDrViAHUB4e74mdnRJ7f_ntbut2CjF0h2d7Q7qAh7Vk0c-8K_xOr2JI2cJaVSC3Jg0_PYO72S0KhbboX7baVlGE2MlupfA4CIQZChi3ncAlOYifn4xbhfINJb2F_NkidCUscO_3NPaTcVhUEGTQ8Q6Lgbq1N9mbbx3NvTqiREjc43wOMv2DgIEOMtojxQwTDRz4zOpF_rof2DZCBec55nZLlKkC1D5BRtuRul8jHdxHhKWfC6R1pcsoOXhUYFd5MyI3x6jB7NoSaCBJNo-E2RQNBfl4j0JW7YU8okB7LKY51tn3B_D_dgyn0n_uxFggVjZD0GW7pBkwV-fqinPx2IGxQiMH17t8n654DXJ_2BOvrB-CV5y7rMYY1Z-kOiD78QlSWpjrlylTPkSEhgZO5MhyJZXtgzK2CVYDteHG_Ix268Awm10zUX4dfuZwv1TGi9huiOFf7-4WQKZuFJkKV6wmdS-Yd2JeoOOXMZoKPuZaaSVNx99uSY_xiSwGZEsNBlgdtszWOyUJ-mBlJamDMJpL-HsoEYUO5dlzfsR3HqLl3y1clSpW33gV8CL2DoreMKY&sai=AMfl-YSk9XhNVUI9q0VwHqisCZsLx6vZpfH4BCTfXAnkpaDCIHu18yOCqw2SeBaHyEhxFbQWt8J1zRBMaq6DukBNtCQK6R5D6bUGCflGQ3D8fAVrH64WKUmEaRww7G-AZth-F1KDYAw9ySX4N7WOhNTSHEolC59nK3_AzNqz3u-W9va9Jobb2JXozMTLEyppvf00Ajrw3Zvu89fRn6w4l_BJgGcgw_Z50VXBkSHikHFYZMmdqUpNXY2KKBJ7ldcCPt5A3mJ4dE4&sig=Cg0ArKJSzHQb92tbL_07EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=178&cisv=r20231109.21289&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DDD 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlZTF4N5lZa7xH52ejuwPvPu32AsAAAAAOAHgBAI&bg=!39yl3JPNAAZxrfrxUa07ADQBe5WfOKoJb89r6TD8q6rPwd6qIEr9Lmp03g9eA_5ENbRk3a_cyutC_p0r4aX3kGtosXvoAgAAAR1SAAAAAmgBB5kC5csOTBNIR88hdur4-VdsLygHDzs-CzZf747D2Bm9pI-67D0RSGKhONFdaGD3FBYdjkIjSvR80aQ647eEr1v5ov14pnuVo-hxGPAxtHh8uKgeo_CphbOxYZipnggubVv5D14HjpkYMbtl8tO-E_HoBsJRyGj74yjsOatt6MXro-UPLNazaD-9xUvnfAOz7y_nUBEtiSwszOZZsbTLCPoKPlqItcZiBlKn1A6EoNf-0WdOmuTPmhkQMvFlflhUdVNcBrfdHi-ufW709RupLxAPwikJHSCVwUwY4fLDXdkqGrJ_72V9ozhU1QriETX5DjrlWIEQuYTIbl57VIvipJzQt-74HMu5Bh4bIHd2Vbjvl-PbD3I_7vballQiliycMgwG9no489oGpNor9E9YrjQ6_hwAv8eajn3bnhtuXZcoW6iTBhuHFPtWeXaRyPCqEkLpkw4vvdKhMRoHhUH5azg260KnQ-GMEI4EB-Ipvix__kPKbl2T0omv0wrNMjGbP_BwIqORywiaoLazuaxn2lrtT21MMmlIRGGSqYeWmkkS_yX7hafK7vQJRU2O966b0Z-KcJ_ifGb9PpuX929fB6wTaqJmg9G1OxCSqx75_ohf0cMZNsBIvGGvolDEy3Dh7PkghGwJb76fa_UjNiDEYIO0JgIf3guWYjpbMfsG_nrCd9A91wtkD_PBcJUO08pP8stR7EB2oUDgDLzdV1OioyrBzSP2zIImVE9fKN7zNAY6cc6O3TmFmqVUgFX-WXptIclODlzAa5-39YgQ0qMalb6U3VN68xPRWLypkGnAEshuJThZgNt5IoLq3R03MvtkiEmABIfDmDLXsee4gpQdJqtsSrnkQKpdlzIyOMY3IF7ws5KFMrUIFTYHVVCgi5Ayjsi6Uqg5BiTGAjb3X3mLvynpgIFh4xWzUdS2tjLKVMCLaU89xEIE2RiN_YkDwZpJHRWZ3ID7o30bI7jO2dJm-xLqdLkNiqNjVw

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2796 53 KB
19 KB 108ms
22ms Script
application/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=97448700089785004444550012522008&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 16:26:49 GMT
content-encoding: gzip
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 72601
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 2t2vEMJ9Gc-cl-TU8h3GXV3y3e_gTR4sG8hqLL10ipBU9-F4x2E6OQ==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 2796 85 B
436 B 83ms
23ms Image
image/gif 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1701175309&Signature=BOwZ9CjrfTN3Dm1n0Y3zSeT0iHqF-y-pKHdd-mDYUMn1GKKhks7RvLyczoNCMh73gIgoCZTIUi5KErRy-rV-9~AXnDacawTAn9dzGNGAS59~AgPy92yJT-cyD4T~hB1Uu3CH7BJYvGdz~ya5K5JcV5aEdfVE2OEo~JKiTJfTElHCv3WA~Y53LK7nf~M7Ic9EYxJi1JgUL0tRpuJ8vD6lhOVg72H~O1~Qu31dlAza5mMiD7f1YEYlMkN5MGk46S-00WxqxpjisryayndtMGA72H4MUTN2MAJIsOV4TdWjqe1rbvsPoE0E0WYSH4Lv6mYqsBOv0Hwy6q92siRBX0WqBw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=90&slotname=7951882379&adk=4164559049&adf=1839787983&pi=t.ma~as.7951882379&w=728&lmt=1701175007&format=728x90&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007196&bpp=3&bdt=328&idt=184&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=8115316249199&frm=20&pv=2&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CenEr%7C&abl=CS&pfx=0&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 27 Nov 2023 14:20:40 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 80170
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: nRKj2JGokcqEM4bK26XZY624MRuJpl6fC4BbhDK9Z9w9WhA4VphSlw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F95E 43 B
215 B 178ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=4170a794-5d97-738a-46ff-5050ad2ee7e9&tv=%7Bc:vgJBXx,pingTime:-2,time:66,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:596,beZ:599,mfA:601,cmA:602,inA:602,inZ:604,prA:605,prZ:613,si:617,poA:617,poZ:632,cmZ:632,mfZ:632,loA:650,loZ:651,ltA:662,ltZ:662%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:66,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWUkY1M+11%7C121%7C122%7C123%7C124%7C125%7C126%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C143%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191.1627455-73523873%7C1911%7C1912%7C1913%7C1914%7C1a.1474271-76103297%7C1a1%7C1a2%7C1a3%7C1a4%7C1b%7C1c1%7C1d%7C1e%7C1f1%7C1g%7C1h*.1627455-73523884%7C1h1%7C1h2,idMap:1h*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:21,sinceFw:44,readyFired:true%7D&br=c
Requested by: Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC18 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1fb5320b-a63e-68e8-6d29-0dbe147062a4&tv=%7Bc:vgJBXz,time:939,type:e,im:%7Bpci:%7Btdr:550%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:314,o:625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B621~0%5D,as:%5B621~0.0%5D%7D%7D,%7Bsl:i,t:625,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B314~100%5D,as:%5B314~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:225,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191*.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1a2%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:373%7D&br=c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:49 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 564F 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 10:13:51 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8873050794531264236/css/ Frame 67EA 6 KB
2 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddfef1883718681942a3416dafc4bcf4f0e306d3b41e779b3912b6ddeaab4e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1941
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:19 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 67EA 70 KB
25 KB 31ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1654957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ii4sbKsS%2FOOlm0mJD1%2BfCNlvVfIHFkF5bRsnz%2Bvrf4XhaXIsVEfQ4kxNow7u5B9%2BfAZeBwuvZe4idcp4X2kvJeBdcriTAxRReP9ocgscjNIZvXCY2H3SNikcj3eclBZeZQEpkMXZCAmOhFtJ2BJO8uyx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82d2a8a3ab5b9b8f-FRA
expires: Sun, 17 Nov 2024 12:36:49 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 67EA 7 KB
4 KB 29ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bd7ViRkM4GbYbNb%2BatIhCoTRipkJ%2FH3wFXO75L%2BhCoRSi2z7ESZSOEf2e7Bg5X%2FDdLtfbY2QVeaXi%2FsVHHmDXGMzsNmVnCJr99YgAznivMDYGjFJZEQgJA4k0wtPdT3W8Fmg4Y%2B0PdUuPmTh8VQY2Gfl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82d2a8a3ab5d9b8f-FRA
expires: Sun, 17 Nov 2024 12:36:49 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame 67EA 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 17:03:57 GMT

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame 67EA 2 KB
806 B 23ms
23ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 17:38:43 GMT

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame 67EA 429 B
355 B 23ms
21ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 17:38:43 GMT

GET
H3 200 dyson-v15s-submarine.svg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame 67EA 25 KB
8 KB 20ms
20ms Image
image/svg+xml 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/dyson-v15s-submarine.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:38:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8356
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 17:38:43 GMT

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame 67EA 36 KB
36 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1ae783e570bbddc7985c4fd7a6a9d3dd698a5989b6b2ca8aa0c7eb1b37e411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:38:43 GMT
x-content-type-options: nosniff
age: 327486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37259
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 17:38:43 GMT

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame 67EA 38 KB
38 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f67a2f74d6947813ce0fb33b888e74591079ab75d95a7dd1b581f3b863e8465d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:03:57 GMT
x-content-type-options: nosniff
age: 329572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39020
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 17:03:57 GMT

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame 67EA 9 KB
9 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cb379880cd9aa9e2d4c2499037469450ac8cefc07de4907dd928782ad1051cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 19:45:11 GMT
x-content-type-options: nosniff
age: 60698
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9596
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 19:45:11 GMT

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame 67EA 21 KB
21 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6edf2641b7ceef04b0d11554630bf01346d52bf9841f43b981601083d0f587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:38:43 GMT
x-content-type-options: nosniff
age: 327486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21952
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 17:38:43 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/8873050794531264236/script/ Frame 67EA 4 KB
989 B 24ms
24ms Script
application/x-javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f0f703fbc39f74414c414357cd77d8f1e7c208a8d5380f1cf98d5768429b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45149
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 952
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Nov 2024 00:04:20 GMT

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame 67EA 8 KB
8 KB 23ms
21ms Font
font/woff 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:02:40 GMT
x-content-type-options: nosniff
age: 441249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Nov 2024 10:02:40 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DBBD 43 B
215 B 178ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=62812222-5cbf-a13c-ad81-c9484364997d&tv=%7Bc:vgJBYR,time:1079,type:e,im:%7Bpci:%7Btdr:1003%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1079,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1075~0%5D,as:%5B1075~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:236,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C191.1627455-73523873%7C1911%7C1a*.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:11,sis:390%7D&br=c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F95E 0
0 60ms
60ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssElFyt4pxkUH_bM6LT-MU1hYDQgyVLsXaMo01zNObVqrwaHQdXVnWZLpoR7h7Mtttl1m6iYRGEBsSOkMtLGzhpJvYkNveO48sZUEkzAIYjbMo7SJLBm0omrDSWLwUrlpng7GC9beJPs68MTY33vX4ayw6ndX7pxfbY6xEL8pRuIFWKPK3YHjs-R8EbxPInG4pQHVvPqv6nVUcI-FwKSersZ5vYwIR5tMb8MWL49dVfjt3KUlbOJueEK4rVaKdOFatpc2U8ez9scw8bRw6C27t6K2AQngsBTvIYZ5jYoOS-g-J74wZKSv5Mop-ueksrKG9aACjUFwvV9s7Ym5TLeEwmVgzCwwWNolukYSlmLstxTD0Ymcc6n3Es38_TFG6TrtjOyWNlCanZYua41DAX9nmTYF2iPLENk3YV_g3mQ8tg3gCK7rnVBnQAzM59eu4DaF3omR3Ekd-HBaeLfFJLjEtgbZL4vf49JAHCa08agcDSVRV1Wht-knmVMBf5OB2WzxPNes7GRThpxhWpuNXcjMMAb0ldinRHIEYbvLWpZNqFCZwNErT1PLiCENUEPu8UYEuQBiP4wcirLgepHKM-HL_Jb-ifNv-qXRUm40vDQvCLFNLCLLgn1xWp65JXg9VAvnv7a6lmm3xslDKbaVoO9ql2E4DJ-NzI4V4WkphOzBf6bDhPalNXx6huPLZiWB7q_sHv6copsGEs16hpC07Q0IfcFCIJSPajliQUuPLZwypVhpKYccPu8iDXuEEqA-E_M8dOfBDrViAHUB4e74mdnRJ7f_ntbut2CjF0h2d7Q7qAh7Vk0c-8K_xOr2JI2cJaVSC3Jg0_PYO72S0KhbboX7baVlGE2MlupfA4CIQZChi3ncAlOYifn4xbhfINJb2F_NkidCUscO_3NPaTcVhUEGTQ8Q6Lgbq1N9mbbx3NvTqiREjc43wOMv2DgIEOMtojxQwTDRz4zOpF_rof2DZCBec55nZLlKkC1D5BRtuRul8jHdxHhKWfC6R1pcsoOXhUYFd5MyI3x6jB7NoSaCBJNo-E2RQNBfl4j0JW7YU8okB7LKY51tn3B_D_dgyn0n_uxFggVjZD0GW7pBkwV-fqinPx2IGxQiMH17t8n654DXJ_2BOvrB-CV5y7rMYY1Z-kOiD78QlSWpjrlylTPkSEhgZO5MhyJZXtgzK2CVYDteHG_Ix268Awm10zUX4dfuZwv1TGi9huiOFf7-4WQKZuFJkKV6wmdS-Yd2JeoOOXMZoKPuZaaSVNx99uSY_xiSwGZEsNBlgdtszWOyUJ-mBlJamDMJpL-HsoEYUO5dlzfsR3HqLl3y1clSpW33gV8CL2DoreMKY&sai=AMfl-YSk9XhNVUI9q0VwHqisCZsLx6vZpfH4BCTfXAnkpaDCIHu18yOCqw2SeBaHyEhxFbQWt8J1zRBMaq6DukBNtCQK6R5D6bUGCflGQ3D8fAVrH64WKUmEaRww7G-AZth-F1KDYAw9ySX4N7WOhNTSHEolC59nK3_AzNqz3u-W9va9Jobb2JXozMTLEyppvf00Ajrw3Zvu89fRn6w4l_BJgGcgw_Z50VXBkSHikHFYZMmdqUpNXY2KKBJ7ldcCPt5A3mJ4dE4&sig=Cg0ArKJSzHQb92tbL_07EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=283&vt=11&dtpt=104&dett=3&cstd=178&cisv=r20231109.21289&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 564F 0
24 B 56ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIKSi4d5lZYTkIPX9x_APoMOE4AcAAAAAOAHgBAI&bg=!z8ylzIPNAAZxrfrxUa07ADQBe5WfOFlwpw2Gje3N6-LaJcmjJYc7cMnrCDlG0WZL0LWmFmQB0Z7-z9K5JYq-6_pBfPilAgAAAE5SAAAAAmgBB5kDAmzh5GcVtMtVBg1uvrgdTlwITLPN7wrligMNc5e86oBGY-wUi0xnDnitf0UBKOUMwauxodzM5yYJEm-3aEqJ59Cw7qgGojbG9AZr_LVHDnG94piSOQAoKNYFDAlki6oUQxf_WjIN7U5rtkR8w46HhuP0ZBSJc7x1ldA9TVVcSp3p2N3NtdpnYApNQnvBsr_v51PTJzLEcMSkZp6tkdZoRAl0H5avRldG-V08MxY4VrnE49vjRO2m39nda65jT1Ae9XimDaHm7Rumeeq1Ph55NOlRWk7AU4rLPAkZ-jVJnoxfU2ngi_xMzIX53UPuNtnJ_O7SZCt3C8inMCZJFChl-bU-QlIdGbGJ2QNlsiiEypj_lKOtZal2l3szNeQQ1J631zEQgXPTqmKGVEZA_5K2qrSg1KDYwlr-Q4pRO3huUZBteEMzgQowfPiVKbgpgD8BFo5InVK6EWshYZf1V0Zt4gDGwNPQWHPlQgG4iEm5Mt0oyjESGCmRKqOwrwUk7UIERgBwQ3u2Z7OZWupzTqlTVPj75crdafx5ogMxBYdc5W2_FMghQlgOEIzxb9JMoXF7jXS0cDpDKh4sefxdCkZfrOGTguZPJqv5-ckwhiOUk3LdSrM2wi9pXc6c4bfKIbczVtOPpCfWQhVGQm95WfMQ6NKMldCayLPzdg43kRENcOowbnTK4GPJgdsfFOY1yernmK2jimQHDbB2V2LZEnarFlSZg13akUipecl6-axKF4vCIkCK1wJc3ZxTDCqwutOhcPVLzK4I59ejf8TOYbnl8QQ532uPnNUkLyEY4wGY4aaH1ES9mSYyHXpUmC9119aF7s5Vkw4kwETWAv4xakGnm7nbvPpnMbH1tOEdmvMy-tbr2L3A8RpwVJraSrCXYNa-4RbejHXF-2bfXPtE2DDG-L7M51LsCvFj3d58EbeBHQYrSBTDLI-wGXK8Crh2F_2VpBT5ETFgOZHuaeiWR_ekJzVz1rPV9MjuyQvIsaLb5Abba9vGgb23Ii4v-FQ8S_HTw3Kh

Requested by

Host: 8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
URL: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 35ms
35ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231128-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Nov 2023 12:36:50 GMT
x-amz-request-id: W0R5QX74Q2PBN68B
age: 1164
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: lRET2IwXjaFSp1i3BB9GjPtIDVCIcc4VElrKEqBeVbmOXvFNBRdOilZaej53L9vIVa/7JXMdEcU=
x-served-by: cache-cph2320052-CPH
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1701175010.153123,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 20
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1107

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FE2C 0
24 B 54ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1051385107240&version=m202309260101&ct=76&x=1&cor=12378267314779064000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
125 B 48ms
41ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by: cache-cph2320058-CPH
date: Tue, 28 Nov 2023 12:36:50 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC18 43 B
215 B 176ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1fb5320b-a63e-68e8-6d29-0dbe147062a4&tv=%7Bc:vgJC3n,pingTime:-10,time:1299,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701175008792%7C%7C99f527afb30df84d52783fd956c7cdab%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C64ff74422267b566642ea8eb9ee0a82c%7C%7C8466b5d49b0b1d1b2f7b39c7988b8e54%7C%7C36865364e5ce9ac14aba006361163a24%7C%7Cf6a51161699e146d14202eaa7ac8bbce%7C%7Cef13dbfa7930f5054f5b4ea11622f03c%7C%7C1663701684,sca:%7Bspg:c8985277-ad2d-bbc1-e794-f48fee1f98d1%7D%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx
x-server-name: dt25.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 355ms
113ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Nov 2023 12:36:50 GMT
cache-control: no-store
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DBBD 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumpeZgHmm3b06og_5cWUCaDnc5op4niknqe5MldIZ1t4kwVzWOhc3r-OVnl3r9Cqq02B5dwdj9O4dIsrOGC4gB7n-V8L-7g0HPu6J1ynjgQYtoD4LFKmM0q2_c42x2LvHBu3yxnkSxTsx0&sai=AMfl-YSMdjljD_avXFh7T9Ay7gJQzTAICXPLYhXIBprmOiHBNlAjdvsQhKvJZXejBeSCySySBoZkR2s4G2Zki4rKrRiZwQFdHrpQzj4NbLlTeFEg55vjmBeZbMSusOqKyq1tdxRzud73kT_lIXQDwNVOfQ&sig=Cg0ArKJSzILPUAteHccmEAE&cid=CAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701175008221&rpt=1080&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F95E 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=4170a794-5d97-738a-46ff-5050ad2ee7e9&tv=%7Bc:vgJC5k,time:549,type:e,im:%7Bpci:%7Btdr:503%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:549,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B542~0%5D,as:%5B69~0.0,473~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:180,fm:tWUkY1M+11%7C121%7C122%7C123%7C124%7C125%7C126%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C143%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191.1627455-73523873%7C1911%7C1912%7C1913%7C1914%7C1a.1474271-76103297%7C1a1%7C1a2%7C1a3%7C1a4%7C1b%7C1c1%7C1d%7C1e%7C1f1%7C1g%7C1h*.1627455-73523884%7C1h1%7C1h2,idMap:1h*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:130%7D&br=c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 94ms
42ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player_2209.8.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0de2a176ad08f62d4eb01561e51936094f156760b03746e2f17e69345824f7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 28 Nov 2023 12:36:50 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B222 0
24 B 53ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3644458542965&version=m202309260101&ct=76&x=1&cor=5481335514928095000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B222 43 B
215 B 185ms
184ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b059bab8-94db-e99e-3f97-3aa1f35d68e0&tv=%7Bc:vgJC6J,pingTime:-10,time:1603,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701175008792%7C%7C99f527afb30df84d52783fd956c7cdab%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C64ff74422267b566642ea8eb9ee0a82c%7C%7C8466b5d49b0b1d1b2f7b39c7988b8e54%7C%7C36865364e5ce9ac14aba006361163a24%7C%7Cf6a51161699e146d14202eaa7ac8bbce%7C%7Cef13dbfa7930f5054f5b4ea11622f03c%7C%7C1663701684,sca:%7Bspg:c8985277-ad2d-bbc1-e794-f48fee1f98d1%7D%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC18 0
24 B 53ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5811723281551&version=m202309260101&ct=76&x=1&cor=8484764451639637000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/63e90c30/www-widgetapi.vflset/ 215 KB
67 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/63e90c30/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af82cd92cb1df231870f60b847a411fcc4adfffef67f01fff41885828edee2e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 11:55:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68238
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 02:45:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 27 Nov 2024 11:55:18 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B222 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKCn6FMNcSJnMBjduHn5Gs8v6H-CzpkiGerWDUqIhgmfOwxg46U7zuUPcUK-8bseaTSZPPxmwwe-NF6aZwnn8r7rFqhgOpTjxMOH2auaVsUcOTCdC2a_a_4sl-nlDjuuawkbbk9fjQqYwq&sai=AMfl-YTgPVrrcPBvax8HxvsJVKE05C_RMHOdU5qwnc1w67lBfak2fnyh1PSuNlJiue8gx8jATt-EOP88L-QYeLZgZBIWmaa4xblqhV29HzJQofoczZn9Lo33HAMKtEd6s9fCBHyEvzVDLWG3LwdrypEHpQ&sig=Cg0ArKJSzNgIY08dllkEEAE&cid=CAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAQ&id=lidar2&mcvt=1061&p=0,0,600,160&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701175008268&rpt=404&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B222 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b059bab8-94db-e99e-3f97-3aa1f35d68e0&tv=%7Bc:vgJC96,pingTime:1,time:1750,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:15%7D,%7Bpiv:100,vs:i,r:,w:160,h:600,t:688%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1062,o:688,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B684~0%5D,as:%5B684~0.0%5D%7D%7D,%7Bsl:i,t:688,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1062~100%5D,as:%5B1062~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:187,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181*.1627455-73523873%7C1811%7C191.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:421%7D&br=c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B222 43 B
215 B 178ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b059bab8-94db-e99e-3f97-3aa1f35d68e0&tv=%7Bc:vgJC96,pingTime:1,time:1750,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:15%7D,%7Bpiv:100,vs:i,r:,w:160,h:600,t:688%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1062,o:688,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B684~0%5D,as:%5B684~0.0%5D%7D%7D,%7Bsl:i,t:688,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1062~100%5D,as:%5B1062~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:187,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181*.1627455-73523873%7C1811%7C191.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:421%7D&br=c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EC18 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssk9x1FcHGwNVqAXwjoMTmJvagVtOG8q2zDv1-bc5EquO1wC9DuGM6E2ZHKfJPYGml21d_j5OJ4PxAVB6Lmm4Gec9A9yAP76LMYBWIXd48MCrW8pCsmYrempuj227t0GgUqbeOlKs10R1aC&sai=AMfl-YQVsnAeCvOMcpOgrU9MxTfdiyOnyDpo3LeMHgzIJgB4y1WTcdgt-ORHgR6a0tQVqSJpahejWcbisyjn8Ask9V1orFtnPKoSzFaZjkJY2LicKAqi0hslwPoeqX-tRqMbZs-ZhLsWiLueZVvPpLXoTQ&sig=Cg0ArKJSzOuAWpoZzYb7EAE&cid=CAQSTwDICaaN0Lk8ba4rQ5nRuTpIGAHjy05L0WMPKR-lLRQNBhVr7jtT0oGjAbAuzag-Cp4iSIzjYpUC7seVIMAUGNXFQTtxtwNnHQ1OyE0mI3gYAQ&id=lidar2&mcvt=1035&p=0,0,600,160&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701175008278&rpt=448&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC18 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1fb5320b-a63e-68e8-6d29-0dbe147062a4&tv=%7Bc:vgJC9d,pingTime:1,time:1661,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D,%7Bpiv:100,vs:i,r:,w:160,h:600,t:625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1036,o:625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B621~0%5D,as:%5B621~0.0%5D%7D%7D,%7Bsl:i,t:625,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1036~100%5D,as:%5B1036~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:191,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191*.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1a2%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:373%7D&br=c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx
x-server-name: dt25.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC18 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1fb5320b-a63e-68e8-6d29-0dbe147062a4&tv=%7Bc:vgJC9d,pingTime:1,time:1661,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D,%7Bpiv:100,vs:i,r:,w:160,h:600,t:625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1036,o:625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B621~0%5D,as:%5B621~0.0%5D%7D%7D,%7Bsl:i,t:625,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1036~100%5D,as:%5B1036~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:191,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191*.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1a2%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:373%7D&br=c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBBD 0
24 B 53ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7472349828017&version=m202309260101&ct=76&x=1&cor=15279612539341615000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2796 16 B
209 B 78ms
77ms Fetch
application/json 18.134.20.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.134.20.61 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-134-20-61.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Nov 2023 12:36:50 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 121ms
34ms Preflight 18.134.20.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.20.61 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-20-61.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx

GET
H2 200 168491495489646dc30ad2e0d.png
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/thumbnails/ 96 KB
97 KB 338ms
107ms Image
image/png 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/thumbnails/168491495489646dc30ad2e0d.png
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: ae7ba12f368e82e80bfc013f9c7b4b6c64a6a7ec1619d48befbe5320c33ae478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:50 GMT
last-modified: Wed, 24 May 2023 07:56:00 GMT
server: openresty/1.21.4.1
etag: "646dc310-181f7"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 98807
expires: Wed, 27 Nov 2024 12:36:50 GMT

OPTIONS
H2 204 168491495489646dc30ad2e0d.m3u8
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ Frame 0
0 318ms
105ms Preflight
text/plain 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.m3u8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://www.gaflaquiz.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=31536000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 28 Nov 2023 12:36:50 GMT
expires: Wed, 27 Nov 2024 12:36:50 GMT
server: openresty/1.21.4.1

GET
H2 200 168491495489646dc30ad2e0d.m3u8 Show response
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ 48 KB
8 KB 106ms
106ms XHR
application/vnd.apple.mpegurl 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player_2209.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: 14364bf98604fb074fa18a57fd2bfe2c7623ef16f3bbb575a80c80de76f8f54a

Request headers

Referer: https://www.gaflaquiz.xyz/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:51 GMT
content-encoding: gzip
last-modified: Wed, 24 May 2023 07:59:42 GMT
server: openresty/1.21.4.1
etag: W/"646dc3ee-be75"
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Wed, 27 Nov 2024 12:36:51 GMT

GET
BLOB 200
OK 53734de0-9fcb-4a2a-9dbd-27523ab16b13
https://www.gaflaquiz.xyz/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gaflaquiz.xyz/53734de0-9fcb-4a2a-9dbd-27523ab16b13
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38404e9bc23d0d853a8e26a1d578490460850b68bdc3701ce06ed20467bbfc92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 4972
Content-Type: application/javascript

GET
BLOB 200
OK 8372e046-b36e-4e62-82c3-4751dec4cad4
https://www.gaflaquiz.xyz/ 83 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gaflaquiz.xyz/8372e046-b36e-4e62-82c3-4751dec4cad4
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b394c28b11e5ba1d0e8071b5cbc27cb04bff215fc9e3c01b5301116712d47890

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 85313
Content-Type: application/javascript

GET
BLOB 200
OK f565184e-3952-4c4d-91b1-99df3ae3988c
https://www.gaflaquiz.xyz/ 83 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gaflaquiz.xyz/f565184e-3952-4c4d-91b1-99df3ae3988c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b394c28b11e5ba1d0e8071b5cbc27cb04bff215fc9e3c01b5301116712d47890

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 85313
Content-Type: application/javascript

GET
H3 200 bridge3.605.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6E12 752 KB
241 KB 21ms
21ms Document
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 253413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246766
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 14:13:17 GMT
expires: Sun, 24 Nov 2024 14:13:17 GMT
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Nov 2023 12:36:50 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 107ms
107ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:50 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6E8C 40 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 28 Nov 2023 13:24:53 GMT

GET
H3 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
1 KB 271ms
271ms Image
image/svg+xml 2606:4700:3038::6815:ea93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6seF143lk7w7o3UVnQPTSlG%2Ftd5ru8HoLZ7YVE5lHa0hj6FJuu0rQH7pgZSO%2BzENRTuthsNeeem1ajjG6a4zJ48hj3C10qXxOUdoUAZO0nKDY4dWtBnM6weq802Rk1Pe2rfNg%2FVLuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 82d2a8a99a2daf61-NRT
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DBBD 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=62812222-5cbf-a13c-ad81-c9484364997d&tv=%7Bc:vgJCbc,pingTime:-10,time:1844,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701175008792%7C%7C99f527afb30df84d52783fd956c7cdab%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C64ff74422267b566642ea8eb9ee0a82c%7C%7C8466b5d49b0b1d1b2f7b39c7988b8e54%7C%7C36865364e5ce9ac14aba006361163a24%7C%7Cf6a51161699e146d14202eaa7ac8bbce%7C%7Cef13dbfa7930f5054f5b4ea11622f03c%7C%7C1663701684,sca:%7Bspg:c8985277-ad2d-bbc1-e794-f48fee1f98d1%7D%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 198ms
106ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:50 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 303ms
106ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:50 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 320ms
108ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:50 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin: https://www.gaflaquiz.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 322ms
110ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:50 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F95E 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdPTISisCWGOUIgUA4mpesne6k-udVYnV-IPDnipG82GBzjyVj_i4y0_PP7hKD8FZ8jOTyoqCeNeeDchzKTC-WMc5I5_pUhMOGjksd9IMUx4XwfjSrgPVjZWdBv13yrFEvcUkHcSqkQ2WT&sai=AMfl-YSDrKVcWG3_pN6Ge-G_rH3jVjIZKepqBnTy8HeNHfJNjskYaID-dPip8aMSPQm04JEvG3jY7h7HL0YlsCMLWz6GRnfhK3sv9avg4fTbx0ZVuXFQJSLV2h215i0p&sig=Cg0ArKJSzNiB8KeNUYHFEAE&cid=CAQSPADICaaN-qJNU0j3VV3Hk8sEHfZ6EJLEhDtbLPLM4HbwNp4BL4-hGr_V1q6TU2IbT2UaqlPLC0nbiEw26hgB&id=lidar2&mcvt=1001&p=730,1040,780,1340&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4280173973&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701175009185&rpt=537&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FE2C 43 B
215 B 176ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c8985277-ad2d-bbc1-e794-f48fee1f98d1&tv=%7Bc:vgJCdL,pingTime:1,time:2535,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:360,h:280,t:14%7D,%7Bpiv:100,vs:i,r:,t:1535%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1534,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1530~0,0~100%5D,as:%5B1530~360.280%5D%7D%7D,%7Bsl:i,t:1534,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~360.280%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:228,fm:tWUkY1M+11%7C121%7C13%7C14*.1474271-76103297%7C141%7C15%7C16%7C17%7C181.1627455-73523873%7C1811%7C191.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1h.1627455-73523884,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:15,sis:220%7D&br=c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx
x-server-name: dt25.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FE2C 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c8985277-ad2d-bbc1-e794-f48fee1f98d1&tv=%7Bc:vgJCdL,pingTime:1,time:2535,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:360,h:280,t:14%7D,%7Bpiv:100,vs:i,r:,t:1535%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1534,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1530~0,0~100%5D,as:%5B1530~360.280%5D%7D%7D,%7Bsl:i,t:1534,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~360.280%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:228,fm:tWUkY1M+11%7C121%7C13%7C14*.1474271-76103297%7C141%7C15%7C16%7C17%7C181.1627455-73523873%7C1811%7C191.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1h.1627455-73523884,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:15,sis:220%7D&br=c
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

dt
dt.adsafeprotected.com/ Frame DFF1
Redirect Chain

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY...
https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...

43 B
215 B

178ms
178ms

Image
image/gif

2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:51 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Redirect headers

Location: https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date: Tue, 28 Nov 2023 12:36:50 GMT
Connection: keep-alive
Content-Length: 0
Vary: Origin
Content-Type: image/png

GET
H3 200 dc_oe=ChMI5fvD4NrmggMVd0odCR14HARvEAAYACDQ7vNgQhMI9v6X4NrmggMV8si4CB0VXAEO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D1353,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame DFF1 42 B
63 B 62ms
62ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5fvD4NrmggMVd0odCR14HARvEAAYACDQ7vNgQhMI9v6X4NrmggMV8si4CB0VXAEO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D1353,0,0,0,0%26mtos%3D1353,1353,1353,1353,1353%26amtos%3D0,0,0,0,0%26mcvt%3D1353%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1572%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D21%26pst%3D238%26dur%3D6016%26vmtime%3D1589%26dvs%3D1353%26dfvs%3D1353%26dvpt%3D1572%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1353,1353,1353,1353,1353%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1353;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1701175009378;ecn1=1;etm1=0;eid1=960584;

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DFF1 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CMxQK395lZbaTH_KR4_UPlbiFcPrs7PNztt-ivPERt7rthZc5EAEgzf-HfGCV-vCBjAegAd78oIMDyAEFqQIDt1lr-l-yPqgDAcgDmwSqBPQBT9AWPU24Cw3YNIK2jGDeJt5gaLCnBSmExRgPhyFUK2SvbiWxi6NIj1sjSk4sj85xR4omwsKWC1NnOVkKS-HOvOevah257RBJ5CsTqY-SYi_6iPcM1bcbrUCuT_iqIeE1C51NstI0VvsHHZe9hasfvThSDUbtZ5ke2lrkCMFYrztKH7uIRXYQno51t5NavuyhI9e_hR1usf1S-CiD4E6OZYPsk1yKbVe79HBHwZU7GlFBgzjI8zPLAovT3XAu7KBI9uX67xvwTkSe4ePRMkISVrU9gChMJdn0NvpDA2F6KwZlJ7kIKTR0pmEQf5eKnQbSgsmQ6MAE7fHf67ME4AQDiAX4zOSzTJAGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBO_3NIV0BMA2BMNiBQP2BQB0BUB-BYBgBcB&sigh=Wy5Orf5XS70&label=videoplaytime25&ad_mt=1589&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D1353,0,0,0,0%26mtos%3D1353,1353,1353,1353,1353%26amtos%3D0,0,0,0,0%26mcvt%3D1353%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1572%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D21%26pst%3D238%26dur%3D6016%26vmtime%3D1589%26dvs%3D1353%26dfvs%3D1353%26dvpt%3D1572%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1353,1353,1353,1353,1353%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1353&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1701175009378

Requested by

Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=9578285275&adk=3645834497&adf=3077256435&pi=t.ma~as.9578285275&w=750&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007199&bpp=1&bdt=332&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2796 0
24 B 53ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8213720441912&version=m202309260101&ct=77&x=1&cor=5974193147930523000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F95E 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=4170a794-5d97-738a-46ff-5050ad2ee7e9&tv=%7Bc:vgJCgl,pingTime:-10,time:1232,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701175008792%7C%7C99f527afb30df84d52783fd956c7cdab%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7C64ff74422267b566642ea8eb9ee0a82c%7C%7C8466b5d49b0b1d1b2f7b39c7988b8e54%7C%7C36865364e5ce9ac14aba006361163a24%7C%7Cf6a51161699e146d14202eaa7ac8bbce%7C%7Cef13dbfa7930f5054f5b4ea11622f03c%7C%7C1663701684,sca:%7Bspg:c8985277-ad2d-bbc1-e794-f48fee1f98d1%7D%7D
Requested by: Host: www.gaflaquiz.xyz
URL: https://www.gaflaquiz.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:51 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F95E 0
28 B 54ms
53ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5377556344915&version=m202309260101&ct=76&x=1&cor=15125821121527538000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 168491495489646dc30ad2e0d.ts Show response
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ 763 KB
764 KB 106ms
106ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player_2209.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: e19ca0a7e27c2900aa7a2ce10c961d98599e542a44a82d8f90e93c5d8ebe4a79

Request headers

Referer: https://www.gaflaquiz.xyz/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-781139

Response headers

date: Tue, 28 Nov 2023 12:36:51 GMT
last-modified: Wed, 24 May 2023 07:59:42 GMT
server: openresty/1.21.4.1
etag: "646dc3ee-13ebe904"
content-type: video/mp2t
access-control-allow-origin: *
Content-Range: bytes 0-781139/334227716
cache-control: max-age=31536000
Content-Length: 781140
expires: Wed, 27 Nov 2024 12:36:51 GMT

OPTIONS
H2 204 168491495489646dc30ad2e0d.ts
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ Frame 0
0 106ms
105ms Preflight
text/plain 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://www.gaflaquiz.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=31536000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 28 Nov 2023 12:36:51 GMT
expires: Wed, 27 Nov 2024 12:36:51 GMT
server: openresty/1.21.4.1

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 68ms
68ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3ccac4328249ba0e1a58f052042ea978d98b9335a091a2b1130d6e3fd9221aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12338
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 12:36:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7152 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:29:20 GMT
expires: Wed, 27 Nov 2024 12:29:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7A7F 829 B
1 KB 31ms
31ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

690bae238da1d025e1400efc91217a8d9e33479a7f7c3dccd16d17204eb3c24d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kHTJ8VBWag3zbZ22Nk_vog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gaflaquiz.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kHTJ8VBWag3zbZ22Nk_vog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 12:36:51 GMT
expires: Tue, 28 Nov 2023 12:36:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 7152 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 10:13:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7A7F 0
0 54ms
53ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2450216882897498&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7152 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QzU4GQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DBBD 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=62812222-5cbf-a13c-ad81-c9484364997d&tv=%7Bc:vgJCpk,pingTime:1,time:2720,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:11%7D,%7Bpiv:100,vs:i,r:,t:1719%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1715~0,0~100%5D,as:%5B1715~728.90%5D%7D%7D,%7Bsl:i,t:1719,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C191.1627455-73523873%7C1911%7C1a*.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:11,sis:390%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:51 GMT
server: nginx
x-server-name: dt25.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DBBD 43 B
215 B 178ms
178ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=62812222-5cbf-a13c-ad81-c9484364997d&tv=%7Bc:vgJCpk,pingTime:1,time:2720,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:11%7D,%7Bpiv:100,vs:i,r:,t:1719%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1715~0,0~100%5D,as:%5B1715~728.90%5D%7D%7D,%7Bsl:i,t:1719,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C191.1627455-73523873%7C1911%7C1a*.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:11,sis:390%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:51 GMT
server: nginx
x-server-name: dt26.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6E12 114 KB
20 KB 448ms
421ms XHR
text/xml 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22373938685%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_gaflaquiz_xyz_v_pre_1&description_url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&tfcd=0&npa=0&correlator=144019876772154&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C419x236%7C333x250%7C1x1&vad_type=linear&plcmt=1&ad_type=audio_video&vid_t=Major%20Sporting%20Events%20of%202023%20%26%202024&vid_d=3014&vid_kw=major%20league%20schedule%2C%20us%20open%20golf%20open%2C%20ufc%20events%2C%20superbowl%20sunday%2C%20final%20four%202023%2C%20march%20madness%202023%2C%20olympic%20games%2C%20nfl%2C%20F1%2C%20football%2C%20nba%2C%20superbowl%2C%20world%20cup%2C%20golf%2C%20live%20soccer%2C%20playoffs&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.2.0&sdki=445&ptt=20&adk=690714579&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=blob%3Ahttps%253a%2F%2Fwww.gaflaquiz.xyz%2F4d1ca2f5-6f30-4381-8ca7-60b50b1f0e0c&sid=EF37A57C-9DEE-4EA0-81A0-216911227B54&a3p=EhwKDWNyd2RjbnRybC5uZXQYqLm6r8ExSABSAghkEhsKDDMzYWNyb3NzLmNvbRioubqvwTFIAFICCGQSGQoKcHViY2lkLm9yZxirurqvwTFIAFICCGoSGAoJeWFob28uY29tGOu6uq_BMUgAUgIIbxIdCg5lc3AuY3JpdGVvLmNvbRioubqvwTFIAFICCGQSFwoIcnRiaG91c2UY5bq6r8ExSABSAghqEj4KBW9wZW54EixleUpwSWpvaVUyUjBZekpJU25SVVVYazFka1paUzBwYU1VMXJaejA5SW4wPRiUv7qvwTFIABIZCgp1aWRhcGkuY29tGKi5uq_BMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y4ru6r8ExSABSAghq&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44803783%2C44804291%2C44806631&dlt=1701175006868&idt=3934&dt=1701175011742&cookie=ID%3D8c50cf0ada69104f%3AT%3D1701175007%3ART%3D1701175007%3AS%3DALNI_MYfvkaD5v0ovZNobeQlOX-uF5DTJg&gpic=UID%3D00000ce156e9d58c%3AT%3D1701175007%3ART%3D1701175007%3AS%3DALNI_Mbr5oVkEQMtJHStzlgXhOm1cZX2QQ&scor=4296451807115033&ged=ve4_td5_tt1_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39c49ab95d287f24c6f616d9ddf4eae99f44ee8aa165bb419bfa56fb2d3185c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:36:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19947
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DFF1 42 B
73 B 57ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWJOUXNWYRlsYS8SmdO_e08DR0YuUGWoQo8fTdlxxi1tgZLC6bP5rtm61rX9Up36SkJcMCTdQTEvijAQ_pdP7mwMk3XzzrfWuWDnHwPT6X8miaYn1G4XhmawQlkrJd5bmpAQK34H1Bj-XJ&sai=AMfl-YRbg9apUZE2Usm0FV3UkBKhVXKUGNsXgLbMtCJ2-sl53eg2GKbk_Tqxx_iQK-0KKsAHUah8dwB3pgX-V3YNMeRdShKvVXaEss_g28W4DhM-tLi_2Yol6EzzE3Gbo0mUiRscTOMv9oHoYkLCTS7V9g&sig=Cg0ArKJSzC3L2txQUFCiEAE&cid=CAQSTwDICaaNDuaLwpJwTXdSky7GB9Rm2iHqyb7sSZT-vWYTMgcpxgHLLlG0KCjQj-S5C6X1mnp1QSeoEYq3SQSIbByE37R844SEOvKr39PCXw0YAQ&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D2174,0,0,0,0%26mtos%3D2174,2174,2174,2174,2174%26amtos%3D0,0,0,0,0%26mcvt%3D2174%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2393%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D23%26pst%3D238%26dur%3D6016%26vmtime%3D2411%26dtos%3D2174%26dtoss%3D1%26dvs%3D821%26dfvs%3D821%26dvpt%3D821%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D16777217%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2174&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1701175009378

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F95E 43 B
215 B 178ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=4170a794-5d97-738a-46ff-5050ad2ee7e9&tv=%7Bc:vgJCu4,pingTime:1,time:2083,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D,%7Br:r,w:300,h:50,t:76%7D,%7Bpiv:100,vs:i,r:,t:1077%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1006,o:1077,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1070~0,0~100%5D,as:%5B69~0.0,1001~300.50%5D%7D%7D,%7Bsl:i,t:1077,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:178,fm:tWUkY1M+11%7C121%7C122%7C123%7C124%7C125%7C126%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C143%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191.1627455-73523873%7C1911%7C1912%7C1913%7C1914%7C1a.1474271-76103297%7C1a1%7C1a2%7C1a3%7C1a4%7C1b%7C1c1%7C1d%7C1e%7C1f1%7C1g%7C1h*.1627455-73523884%7C1h1%7C1h2,idMap:1h*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:130%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:51 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F95E 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=4170a794-5d97-738a-46ff-5050ad2ee7e9&tv=%7Bc:vgJCu4,pingTime:1,time:2083,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D,%7Br:r,w:300,h:50,t:76%7D,%7Bpiv:100,vs:i,r:,t:1077%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1006,o:1077,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1070~0,0~100%5D,as:%5B69~0.0,1001~300.50%5D%7D%7D,%7Bsl:i,t:1077,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:178,fm:tWUkY1M+11%7C121%7C122%7C123%7C124%7C125%7C126%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C143%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191.1627455-73523873%7C1911%7C1912%7C1913%7C1914%7C1a.1474271-76103297%7C1a1%7C1a2%7C1a3%7C1a4%7C1b%7C1c1%7C1d%7C1e%7C1f1%7C1g%7C1h*.1627455-73523884%7C1h1%7C1h2,idMap:1h*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:130%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:51 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 206 168491495489646dc30ad2e0d.ts Show response
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ 660 KB
661 KB 106ms
105ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player_2209.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: 19b4de70690cfa260e519f17f00c2f7cf2ef3543e90ec9d6b071f575ae506be6

Request headers

Referer: https://www.gaflaquiz.xyz/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=781140-1457375

Response headers

date: Tue, 28 Nov 2023 12:36:52 GMT
last-modified: Wed, 24 May 2023 07:59:42 GMT
server: openresty/1.21.4.1
etag: "646dc3ee-13ebe904"
content-type: video/mp2t
access-control-allow-origin: *
Content-Range: bytes 781140-1457375/334227716
cache-control: max-age=31536000
Content-Length: 676236
expires: Wed, 27 Nov 2024 12:36:52 GMT

OPTIONS
H2 204 168491495489646dc30ad2e0d.ts
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ Frame 0
0 106ms
105ms Preflight
text/plain 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://www.gaflaquiz.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=31536000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 28 Nov 2023 12:36:51 GMT
expires: Wed, 27 Nov 2024 12:36:51 GMT
server: openresty/1.21.4.1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2450216882897498&bg=!n5ylnNPNAAZxrfrxUa07ADQBe5WfOE_CFrQv3mxFmNzxIO4Quo-DWuikfUxnq-WP58p_Y_Ys1dqoFRz_u-IIyts7XArKAgAAADlSAAAAA2gBB5kCxQ56sbwY6Q_HN3vKWpk21CrnjWT2tFJElvYBHdVsZ0QTCHgBhXLMnKtUY8I1yUgMTpVapeZmtMC-TsWGwZ1BqGIjrF_TFR1te2Jrvp7K5g5DWxHusdnu8deKNImI73Ezd_4O12kutpq0fIr6br17EILe7BDOXFhzvYLQMdjuMyJB52D2BYVa6LXQLT-FglxTciRoJfNU8LQy9OchP0DMewIE4wxNXJswtwh19S559MWaFJ1Nb4NBjXBl7Ii-Bqlu1Ggd3InDmpyIWbBr3K9kSGm7fDfPcD6ezfLfC02NwQ4IVYzBIANj-fkPYkLJjFWR-DC7eSEpwpiqnfY6QoWMQpGjC6YNmL2EmydCpxbndiO_u_EQvJkLc4XLU09D-sp0tCNYbgMobTYT2DjEISd0uoqJbQpGNV7lCxUN_mX2nObmVEZC09Q5OS8CjIfwkiIQOt616-KoLSfAuTcqZjRg2eO_wO3YhRcpbm01X9lg3z9cTKqom13mtwlkDuEdVlsF7NxHO5oPgXVPrtSebytMDfReSnDMPS8FTpnfe5OtcVCGoQWYT-3kUimwKsMe6_OG0ZHOpFP1OuwtWoAQcoGlb4H3ozgE240ngUBNSsSxV8snvggHsBvAn4FOTyEhBPR3PS30os93Yq3Ur8vP7W_py-iFQXAB-WSzkvigYEuddM1NtUVo16zR8-sI6mCCke-w4DQPMmmOGC7Ambb2CgfgawTmj6a8-Gux4kCCrIWke_GU5Nek7zKmoPM09AMOEhlfYRwK96vc7tr45SwGScD0isel3u9UKgqi1V6OXIDwv1m3rL_LkVmlCLHRfojTOVuRySR9vxY-gFm23pfeHsCmYHlCjEtPWRHEExPcRRrdEWT4bjrfYtztnLlIyYtX0YcT4MKxdWJTw-GOWK0NGYkxJLxqgViQBKlwzbdqlzxi-o7pzmb1rBE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 111ms
110ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:52 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

POST
H3 204 csi
csi.gstatic.com/ Frame 6E12 0
17 B 51ms
50ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpibof6q&c=8115316249199&slotId=4057658124599.5&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=0&ytext_hd=1&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6E12 0
17 B 54ms
53ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpiboga7&c=8115316249199&slotId=4057658124599.5&qqid=CJ7cn-La5oIDFaf-uwgd_48FPw&gqid=495lZa_YL5Tl7_UPrZSF2Ag&fb=ima_html5-lima&sdkv=h.3.605.0&ppt=videojs-ima&ppv=2.2.0&mrd=4&aab=1&itv=1&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44803783%2C44804291%2C44806631&met.4=ghmsh_s.lpibogaa~ghmsh_s.lpibogab&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=uxvYVWWwvgPsV-4I
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E12 0
0 54ms
54ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44803783%2C44804291%2C44806631&id=ima_html5&c=151170789677928&domain=www.gaflaquiz.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 6E12 453 B
478 B 20ms
20ms Image
image/png 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-7094677798399606

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 11:48:13 GMT
x-content-type-options: nosniff
age: 2919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 12:38:13 GMT

GET
H2 200 APkrFKbkF6e513BhCfYPMkZSeS-SXuoDoFVea31__Zzd=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6E12 1 KB
2 KB 73ms
21ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKbkF6e513BhCfYPMkZSeS-SXuoDoFVea31__Zzd=s48-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

72ce3f8421841eb92a35f3ebcab516c060cb656e570bcb2c9c0eb077c19bf3d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:59:58 GMT
x-content-type-options: nosniff
age: 5814
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1477
x-xss-protection: 0
server: fife
etag: "v29"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 29 Nov 2023 10:59:58 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6E12 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CcoSN495lZd7eMqf97_UP_5-W-AOa9umfdOW5-auSEvrEyryMDhABIKzWiUZglfrwgYwHoAHT1cqbA8gBBakC1MKjsvJesj7gAgCoAwGYBACqBOECT9C_QF3HO282KkjHlKEuFLdbW_6YcS_ooN6dA4HlzHAKCIqwJ7QlebHM73DMn4lC3U93yUmkzcU_g3DHWYqqz9_cxMomqPvdosQfFPHIJpOfH0r5u3wRxCWq0uRq5QgcZpKLJxK4FsboM4ltB51Dr4M2-ti1_JZDdeVdaUzL4INbchcxHzJYArE_mcASUNG4yMl5BoX2oSORQgzSgK2GTz5sOlYyCZoEM_veIb51NtbBsKv2_au6T3Kop7wvktO9XjXJ0lzcaEh0s-fSsVly_JYCqsxvGKv575SeWo8nk303CwJ4pCEGpK9gr6hCDw8oIe9klN88F2g8bES2L8mRe8WO50YhFems24iRTqs6m2Xwa2eaKOTdOj5qxYsDwZwtZKnIV1w3hhPlLLak1fC6Kd89ej2VHGLj-9ZmnEAtyflJaQ7YJGDteEWF07BDrf3_-5MdV7q48PlEpMVxb4V8BovABP6bk_W-BOAEAYgF1peJsk2gBlSAB5WqtWSoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6sQlah5a8UUzXmIAKA5gLAcgLAdALD6IMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEOCoqurlv53jKhICAQOaDQEPqg0CREXIDQHiDRMI3NKd4trmggMVp_67CB3_jwU_2BMC0BUBmBYB-BYBgBcB&sigh=-s-CGV9iR2s&label=show_ad&sdkv=h.3.605.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYyMzM5OTI5NjIyOTIMNjgxMDM1OTUxNzU4QMkDUiMQDyUAAEFDKAE6C1dfSm9lZVlCckJNQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 6E12 0
0 57ms
56ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=Cvl6K495lZd7eMqf97_UP_5-W-AOa9umfdOW5-auSEvrEyryMDhABIKzWiUZglfrwgYwHoAHT1cqbA8gBBakC1MKjsvJesj7gAgCoAwGYBACqBN4CT9C_QF3HO282KkjHlKEuFLdbW_6YcS_ooN6dA4HlzHAKCIqwJ7QlebHM73DMn4lC3U93yUmkzcU_g3DHWYqqz9_cxMomqPvdosQfFPHIJpOfH0r5u3wRxCWq0uRq5QgcZpKLJxK4FsboM4ltB51Dr4M2-ti1_JZDdeVdaUzL4INbchcxHzJYArE_mcASUNG4yMl5BoX2oSORQgzSgK2GTz5sOlYyCZoEM_veIb51NtbBsKv2_au6T3Kop7wvktO9XjXJ0lzcaEh0s-fSsVly_JYCqsxvGKv575SeWo8nk303CwJ4pCEGpK9gr6hCDw8oIe9klN88F2g8bES2L8mRe8WO50YhFems24iRTqs6m2Xwa2eaKOTdOj5qxYsDwZwtZKnIV1w3hhPlLLak1fC6Kd89emWU9gHhiT9ODsOIMbvtkX8klRMV4Smh2R1Jg-VNITpuryl53tVcJUWRLSHABP6bk_W-BOAEAYgF1peJsk2SBRAIEhAFGA8wk9iGsJ6PmvlboAZUgAeVqrVkqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRChlPACqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJjwFodHRwczovL3d3dy5wZW5ueS5kZS9ha3Rpb25lbi9sYXNzdHVuc3p1aG9lcmVuP2VjaWQ9ZGltX1lvdVR1YmVfUkQwOS0wMDMtMjAyMy0xMDctUEVOTlktNDQ5MC1FTS1IYWx0dW5nc2thbXBhZ25lLTIwMjNfdmlkZW9fOXgxNl9ubl92c19ubl9kaW0wMYAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAuINEwjc0p3i2uaCAxWn_rsIHf-PBT_CEwYY09XKmwPYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTYyNjIyODM3MDEwNzYwNBjEixc&sigh=qm-Uw9oM2kg&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSPADICaaNj1HgMO6aiOJq9XVmTY-BWYVdlSXk5yddcH1WzG7GDI-V7u0qbbbOkwMzS0_wYlZcXMWbeOaCLhgB&vt=10&sdkv=h.3.605.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYyMzM5OTI5NjIyOTIMNjgxMDM1OTUxNzU4QMkDUiMQDyUAAEFDKAE6C1dfSm9lZVlCckJNQglnb29nbGVhZHNQABgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 52ms
52ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lpibod9x&c=8115316249199&slotId=4057658124599.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr4---sn-4g5ednsd.googlevideo.com/ 3 MB
0 112ms
23ms Media
video/mp4 2a00:1450:4001:6e::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednsd.googlevideo.com/videoplayback?expire=1701203812&ei=5N5lZenxBoGy6dsPua6NkAg&ip=2001:1b60:2:240:3247::5&id=5bf26879e601ac13&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&hcs=ir&mh=4m&mm=31&mn=sn-4g5ednsd&ms=au&mv=m&mvi=4&pl=29&rmhost=rr5---sn-4g5ednsd.googlevideo.com&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=193.073&lmt=1700716907259794&mt=1701174558&cpn=uxvYVWWwvgPsV-4I&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=ANLwegAwRQIgWP8gg2szWMeeA4oOhVoSMOgO847EBREGecQgmuarVsUCIQCzmJIP7UPfp6iVEQR5016GCM2EQnl9WIycgMW8TEqSwA==&lsparams=hcs,mh,mm,mn,ms,mv,mvi,pl,rmhost&lsig=AM8Gb2swRQIgWy_CGwnWz9fRrOk4egKXoJ4_Mu2RYCncJ62jv-KeuZsCIQCl_2H9umROQoNCwvntpNaz42gj5ICHppKAw7plUzUK_g==

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6e::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gaflaquiz.xyz/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 28 Nov 2023 12:36:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 23 Nov 2023 05:21:47 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-13944118/13944119
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 13944119
Expires: Tue, 28 Nov 2023 12:36:52 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 50ms
50ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lpibogbj&c=8115316249199&slotId=4057658124599.5&met.4=hvd_lc.lpibogbj~hvd_ad.lpibogbj~hvd_mad.lpibogbj~hvd_admu.lpibogbj~hvd_src.lpibogbj
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gaflaquiz.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 168491495489646dc30ad2e0d.ts Show response
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ 529 KB
530 KB 106ms
106ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player_2209.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: 3e842f75b0b6696aa8536866a04e954e7b1f5a6117900f5831bd56eee9c11124

Request headers

Referer: https://www.gaflaquiz.xyz/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=1457376-1999379

Response headers

date: Tue, 28 Nov 2023 12:36:52 GMT
last-modified: Wed, 24 May 2023 07:59:42 GMT
server: openresty/1.21.4.1
etag: "646dc3ee-13ebe904"
content-type: video/mp2t
access-control-allow-origin: *
Content-Range: bytes 1457376-1999379/334227716
cache-control: max-age=31536000
Content-Length: 542004
expires: Wed, 27 Nov 2024 12:36:52 GMT

OPTIONS
H2 204 168491495489646dc30ad2e0d.ts
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ Frame 0
0 106ms
106ms Preflight
text/plain 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://www.gaflaquiz.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=31536000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 28 Nov 2023 12:36:52 GMT
expires: Wed, 27 Nov 2024 12:36:52 GMT
server: openresty/1.21.4.1

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6E12 42 B
64 B 65ms
64ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CcoSN495lZd7eMqf97_UP_5-W-AOa9umfdOW5-auSEvrEyryMDhABIKzWiUZglfrwgYwHoAHT1cqbA8gBBakC1MKjsvJesj7gAgCoAwGYBACqBOECT9C_QF3HO282KkjHlKEuFLdbW_6YcS_ooN6dA4HlzHAKCIqwJ7QlebHM73DMn4lC3U93yUmkzcU_g3DHWYqqz9_cxMomqPvdosQfFPHIJpOfH0r5u3wRxCWq0uRq5QgcZpKLJxK4FsboM4ltB51Dr4M2-ti1_JZDdeVdaUzL4INbchcxHzJYArE_mcASUNG4yMl5BoX2oSORQgzSgK2GTz5sOlYyCZoEM_veIb51NtbBsKv2_au6T3Kop7wvktO9XjXJ0lzcaEh0s-fSsVly_JYCqsxvGKv575SeWo8nk303CwJ4pCEGpK9gr6hCDw8oIe9klN88F2g8bES2L8mRe8WO50YhFems24iRTqs6m2Xwa2eaKOTdOj5qxYsDwZwtZKnIV1w3hhPlLLak1fC6Kd89ej2VHGLj-9ZmnEAtyflJaQ7YJGDteEWF07BDrf3_-5MdV7q48PlEpMVxb4V8BovABP6bk_W-BOAEAYgF1peJsk2gBlSAB5WqtWSoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6sQlah5a8UUzXmIAKA5gLAcgLAdALD6IMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEOCoqurlv53jKhICAQOaDQEPqg0CREXIDQHiDRMI3NKd4trmggMVp_67CB3_jwU_2BMC0BUBmBYB-BYBgBcB&sigh=-s-CGV9iR2s&label=video_ad_loaded&sdkv=h.3.605.0&vci=Co8BCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MjMzOTkyOTYyMjkyDDY4MTAzNTk1MTc1OEDJA1IjEA8lAABBQygBOgtXX0pvZWVZQnJCTUIJZ29vZ2xlYWRzUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 6E12 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=Cvl6K495lZd7eMqf97_UP_5-W-AOa9umfdOW5-auSEvrEyryMDhABIKzWiUZglfrwgYwHoAHT1cqbA8gBBakC1MKjsvJesj7gAgCoAwGYBACqBN4CT9C_QF3HO282KkjHlKEuFLdbW_6YcS_ooN6dA4HlzHAKCIqwJ7QlebHM73DMn4lC3U93yUmkzcU_g3DHWYqqz9_cxMomqPvdosQfFPHIJpOfH0r5u3wRxCWq0uRq5QgcZpKLJxK4FsboM4ltB51Dr4M2-ti1_JZDdeVdaUzL4INbchcxHzJYArE_mcASUNG4yMl5BoX2oSORQgzSgK2GTz5sOlYyCZoEM_veIb51NtbBsKv2_au6T3Kop7wvktO9XjXJ0lzcaEh0s-fSsVly_JYCqsxvGKv575SeWo8nk303CwJ4pCEGpK9gr6hCDw8oIe9klN88F2g8bES2L8mRe8WO50YhFems24iRTqs6m2Xwa2eaKOTdOj5qxYsDwZwtZKnIV1w3hhPlLLak1fC6Kd89emWU9gHhiT9ODsOIMbvtkX8klRMV4Smh2R1Jg-VNITpuryl53tVcJUWRLSHABP6bk_W-BOAEAYgF1peJsk2SBRAIEhAFGA8wk9iGsJ6PmvlboAZUgAeVqrVkqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRChlPACqAgB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJjwFodHRwczovL3d3dy5wZW5ueS5kZS9ha3Rpb25lbi9sYXNzdHVuc3p1aG9lcmVuP2VjaWQ9ZGltX1lvdVR1YmVfUkQwOS0wMDMtMjAyMy0xMDctUEVOTlktNDQ5MC1FTS1IYWx0dW5nc2thbXBhZ25lLTIwMjNfdmlkZW9fOXgxNl9ubl92c19ubl9kaW0wMYAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAuINEwjc0p3i2uaCAxWn_rsIHf-PBT_CEwYY09XKmwPYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTYyNjIyODM3MDEwNzYwNBjEixc&sigh=qm-Uw9oM2kg&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&ase=2&nis=4&cid=CAQSPADICaaNj1HgMO6aiOJq9XVmTY-BWYVdlSXk5yddcH1WzG7GDI-V7u0qbbbOkwMzS0_wYlZcXMWbeOaCLhgB&sdkv=h.3.605.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E12 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 20:50:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 20:50:19 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E12 0
0 55ms
55ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.605.0&e=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44803783%2C44804291%2C44806631&id=ima_html5&c=151170789677928&domain=www.gaflaquiz.xyz

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6E12 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cjp5a495lZd7eMqf97_UP_5-W-AOa9umfdOW5-auSEvrEyryMDhABIKzWiUZglfrwgYwHoAHT1cqbA8gBBakC1MKjsvJesj7gAgCoAwGYBACqBN4CT9C_QF3HO282KkjHlKEuFLdbW_6YcS_ooN6dA4HlzHAKCIqwJ7QlebHM73DMn4lC3U93yUmkzcU_g3DHWYqqz9_cxMomqPvdosQfFPHIJpOfH0r5u3wRxCWq0uRq5QgcZpKLJxK4FsboM4ltB51Dr4M2-ti1_JZDdeVdaUzL4INbchcxHzJYArE_mcASUNG4yMl5BoX2oSORQgzSgK2GTz5sOlYyCZoEM_veIb51NtbBsKv2_au6T3Kop7wvktO9XjXJ0lzcaEh0s-fSsVly_JYCqsxvGKv575SeWo8nk303CwJ4pCEGpK9gr6hCDw8oIe9klN88F2g8bES2L8mRe8WO50YhFems24iRTqs6m2Xwa2eaKOTdOj5qxYsDwZwtZKnIV1w3hhPlLLak1fC6Kd89emWU9gHhiT9ODsOIMbvtkX8klRMV4Smh2R1Jg-VNITpuryl53tVcJUWRLSHABP6bk_W-BOAEAYgF1peJsk2gBlSAB5WqtWSoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQ4Kiq6uW_neMqEgIBA6oNAkRF4g0TCNzSneLa5oIDFaf-uwgd_48FP9gTAtAVAZgWAfgWAYAXAQ&sigh=ruI_pw4yvIY&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=vast_creativeview&ad_mt=0&sdkv=h.3.605.0&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MjMzOTkyOTYyMjkyDDY4MTAzNTk1MTc1OEDJA1ImEA8lAABBQygBOgtXX0pvZWVZQnJCTUIJZ29vZ2xlYWRzSMQBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6E12 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cjp5a495lZd7eMqf97_UP_5-W-AOa9umfdOW5-auSEvrEyryMDhABIKzWiUZglfrwgYwHoAHT1cqbA8gBBakC1MKjsvJesj7gAgCoAwGYBACqBN4CT9C_QF3HO282KkjHlKEuFLdbW_6YcS_ooN6dA4HlzHAKCIqwJ7QlebHM73DMn4lC3U93yUmkzcU_g3DHWYqqz9_cxMomqPvdosQfFPHIJpOfH0r5u3wRxCWq0uRq5QgcZpKLJxK4FsboM4ltB51Dr4M2-ti1_JZDdeVdaUzL4INbchcxHzJYArE_mcASUNG4yMl5BoX2oSORQgzSgK2GTz5sOlYyCZoEM_veIb51NtbBsKv2_au6T3Kop7wvktO9XjXJ0lzcaEh0s-fSsVly_JYCqsxvGKv575SeWo8nk303CwJ4pCEGpK9gr6hCDw8oIe9klN88F2g8bES2L8mRe8WO50YhFems24iRTqs6m2Xwa2eaKOTdOj5qxYsDwZwtZKnIV1w3hhPlLLak1fC6Kd89emWU9gHhiT9ODsOIMbvtkX8klRMV4Smh2R1Jg-VNITpuryl53tVcJUWRLSHABP6bk_W-BOAEAYgF1peJsk2gBlSAB5WqtWSoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQ4Kiq6uW_neMqEgIBA6oNAkRF4g0TCNzSneLa5oIDFaf-uwgd_48FP9gTAtAVAZgWAfgWAYAXAQ&sigh=ruI_pw4yvIY&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=part2viewed&ad_mt=0&sdkv=h.3.605.0&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MjMzOTkyOTYyMjkyDDY4MTAzNTk1MTc1OEDJA1ImEA8lAABBQygBOgtXX0pvZWVZQnJCTUIJZ29vZ2xlYWRzSMQBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 playback
www.youtube.com/api/stats/ Frame 6E12 0
0 30ms
29ms Image
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/api/stats/playback?cmt=0&rt=0&rtn=10&delay=30&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=193&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=uxvYVWWwvgPsV-4I&docid=W_JoeeYBrBM&visitordata=CgtzanRWYW5LMnlYWQ%3D%3D&of=-_xhI4eL4MjOL53E0nwGhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6E12 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cjp5a495lZd7eMqf97_UP_5-W-AOa9umfdOW5-auSEvrEyryMDhABIKzWiUZglfrwgYwHoAHT1cqbA8gBBakC1MKjsvJesj7gAgCoAwGYBACqBN4CT9C_QF3HO282KkjHlKEuFLdbW_6YcS_ooN6dA4HlzHAKCIqwJ7QlebHM73DMn4lC3U93yUmkzcU_g3DHWYqqz9_cxMomqPvdosQfFPHIJpOfH0r5u3wRxCWq0uRq5QgcZpKLJxK4FsboM4ltB51Dr4M2-ti1_JZDdeVdaUzL4INbchcxHzJYArE_mcASUNG4yMl5BoX2oSORQgzSgK2GTz5sOlYyCZoEM_veIb51NtbBsKv2_au6T3Kop7wvktO9XjXJ0lzcaEh0s-fSsVly_JYCqsxvGKv575SeWo8nk303CwJ4pCEGpK9gr6hCDw8oIe9klN88F2g8bES2L8mRe8WO50YhFems24iRTqs6m2Xwa2eaKOTdOj5qxYsDwZwtZKnIV1w3hhPlLLak1fC6Kd89emWU9gHhiT9ODsOIMbvtkX8klRMV4Smh2R1Jg-VNITpuryl53tVcJUWRLSHABP6bk_W-BOAEAYgF1peJsk2gBlSAB5WqtWSoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQ4Kiq6uW_neMqEgIBA6oNAkRF4g0TCNzSneLa5oIDFaf-uwgd_48FP9gTAtAVAZgWAfgWAYAXAQ&sigh=ruI_pw4yvIY&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=admute&ad_mt=0&sdkv=h.3.605.0&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MjMzOTkyOTYyMjkyDDY4MTAzNTk1MTc1OEDJA1ImEA8lAABBQygBOgtXX0pvZWVZQnJCTUIJZ29vZ2xlYWRzSMQBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 116ms
116ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:52 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 115ms
114ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:52 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 113ms
113ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:52 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 115ms
115ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:52 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
344 B 113ms
113ms XHR
text/html 51.79.79.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_dev_2209/vdo.min.js?v=v3.10.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.65 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568718.ip-51-79-79.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Nov 2023 12:36:52 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Keep-Alive: timeout=2

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 4EA7 23 KB
9 KB 22ms
22ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 303771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 00:14:01 GMT
expires: Sun, 24 Nov 2024 00:14:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EA7 39 KB
15 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:13:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Nov 2024 10:13:51 GMT

GET
H2

200

dt
dt.adsafeprotected.com/ Frame DFF1
Redirect Chain

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUyIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY...
https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...

43 B
215 B

177ms
177ms

Image
image/gif

2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol: H2
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Redirect headers

Location: https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A3%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date: Tue, 28 Nov 2023 12:36:52 GMT
Connection: keep-alive
Content-Length: 0
Vary: Origin
Content-Type: image/png

GET
H3 200 dc_oe=ChMI5fvD4NrmggMVd0odCR14HARvEAAYACDQ7vNgQhMI9v6X4NrmggMV8si4CB0VXAEO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D2962,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame DFF1 42 B
63 B 61ms
61ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5fvD4NrmggMVd0odCR14HARvEAAYACDQ7vNgQhMI9v6X4NrmggMV8si4CB0VXAEO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D2962,0,0,0,0%26mtos%3D2962,2962,2962,2962,2962%26amtos%3D0,0,0,0,0%26mcvt%3D2962%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3181%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D24%26pst%3D238%26dur%3D6016%26vmtime%3D3201%26dtos%3D788%26dtoss%3D2%26dvs%3D788%26dfvs%3D788%26dvpt%3D788%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1609,1609,1609,1609,1609%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2962;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1701175009378;ecn1=1;etm1=0;eid1=18;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DFF1 42 B
64 B 64ms
63ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CMxQK395lZbaTH_KR4_UPlbiFcPrs7PNztt-ivPERt7rthZc5EAEgzf-HfGCV-vCBjAegAd78oIMDyAEFqQIDt1lr-l-yPqgDAcgDmwSqBPQBT9AWPU24Cw3YNIK2jGDeJt5gaLCnBSmExRgPhyFUK2SvbiWxi6NIj1sjSk4sj85xR4omwsKWC1NnOVkKS-HOvOevah257RBJ5CsTqY-SYi_6iPcM1bcbrUCuT_iqIeE1C51NstI0VvsHHZe9hasfvThSDUbtZ5ke2lrkCMFYrztKH7uIRXYQno51t5NavuyhI9e_hR1usf1S-CiD4E6OZYPsk1yKbVe79HBHwZU7GlFBgzjI8zPLAovT3XAu7KBI9uX67xvwTkSe4ePRMkISVrU9gChMJdn0NvpDA2F6KwZlJ7kIKTR0pmEQf5eKnQbSgsmQ6MAE7fHf67ME4AQDiAX4zOSzTJAGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBO_3NIV0BMA2BMNiBQP2BQB0BUB-BYBgBcB&sigh=Wy5Orf5XS70&label=videoplaytime50&ad_mt=3201&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D2962,0,0,0,0%26mtos%3D2962,2962,2962,2962,2962%26amtos%3D0,0,0,0,0%26mcvt%3D2962%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3181%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D24%26pst%3D238%26dur%3D6016%26vmtime%3D3201%26dtos%3D788%26dtoss%3D2%26dvs%3D788%26dfvs%3D788%26dvpt%3D788%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1609,1609,1609,1609,1609%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2962&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1701175009378

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=9578285275&adk=3645834497&adf=3077256435&pi=t.ma~as.9578285275&w=750&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007199&bpp=1&bdt=332&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EA7 0
28 B 55ms
55ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.605.0&bgai=B8IoN495lZd7eMqf97_UP_5-W-AMAAAAAOAG6BRMI79Wc4trmggMVlPK7CB0tSgGL&bg=!8fKl8r3NAAZxrfrxUa07ADQBe5WfOK1j49LrL9OJRPOyHLqMD3uD1bE0eGWtDArjfwEnV7Lx8oFSEpDrzVLcHi_VgVudAgAAADtSAAAAAWgBBwoBY7hix24i6a1gvyzz8AdBci5Hbg6T8U2nDVjm2MP7cz1MZIxtviFdFD4Su2zpQhIw6oJicNrKrVLrliJMq7bwRjop85G0xl5LIdQj2kNOHg0RO8YtREF9e5eubb-sOPhwu5RkcyXYraGx_o02mSO8gnYJNjp9J2uVjOtfUx9ogvUzE0CR71Q1cZrJJ9TobA0fl2aeI0Z4VB33ujB701JT925ZoBLXmURif7ByBm7JUwkeqqaLsW3StvxN7KuCTW-8ZDbCxfhuelgf7yI_gkzcfHcLrmy92n1SB45xhtxecrVrDG3l4_m6xTnymM8UqDGlPeWYJWWDIqG9fU-5UqJ0EW-CBR9q0kCN8Z77cDLPdox49ZhdagcZNGfMQ3uhNU-pC3dVAt_ht4oYmYCRBtEvJYGLCeDE2CE-DZEUrnNlmKGVmdy1dUIJsR09tsyOdd5dhebT2vIw1VEt8dNWJCJExWQtqZOZAitW1ViorAR38lQ7iuZ4tm6ccU5WEx6uNa_bE5nLHln-ZvtVk8h7i2YElTVpCuy89EEhREnbFzKJatNJoOtDqwueBnDuG6MbKHOikxX4boJmGBUb1LfWKUCxqXseGH10qWWmDcrczEQA0pc6iAmZ1jbge0cnlXxDB3H-Zk5J-bh-caYVZ8hEF-vSi-IwPi1WRq09sdbVaVDTov3RxP0y1_xs4CW7H4lTZXn0Hsoj120Ohlr-Z5mLQDNRzMifHrIeoOI05SADl04gXVsgqfgNIhJjoUTr7ofr--gD3E-5NTBOrz5w-9u0yktnFi5wLnY0BSoxarXZznfvWmUmiMEVkZKmDQnMZsqRhypByebC5Iij35oH6865lvi3xlWaatfBX5q4E7qZWAiXmTO85jzeUXas8Figmtv4y8Z2OviqzeoFsWpDgjSX3FLpiIuuIgIW-8M4jLRZ-PlBg5gxomI09F57_xq8OBg1k_kHVfUlGmXT7E0g3U1AF75MsI4GjK_YfnG0U-3n8DhRkvSE1CO3OZsiTgg_4uI-lvjOHQ3JEA4wwr8f_q9rtDuATwIbIJU2Hy6v8xre-pkJTReReXrQ-azIYeJugraNWhB8PHZQsL-oJzWNteSB0223wv7N4hDaWB_2JaB802rlQKraeK6fFDc-Jj6OlI1bxnXGqQeaVDVhFT1gaTss-mfM1nCdJ8eVb2YeAaRJVGFvYDSkCFw2MBdqCLwJ2r4eUHODs0k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 168491495489646dc30ad2e0d.ts Show response
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ 422 KB
423 KB 106ms
106ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player_2209.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: d5e37e2358f8f294116ec3482d779662b1c9ee8d76fd554c4507c61b49025f27

Request headers

Referer: https://www.gaflaquiz.xyz/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=1999380-2431779

Response headers

date: Tue, 28 Nov 2023 12:36:52 GMT
last-modified: Wed, 24 May 2023 07:59:42 GMT
server: openresty/1.21.4.1
etag: "646dc3ee-13ebe904"
content-type: video/mp2t
access-control-allow-origin: *
Content-Range: bytes 1999380-2431779/334227716
cache-control: max-age=31536000
Content-Length: 432400
expires: Wed, 27 Nov 2024 12:36:52 GMT

OPTIONS
H2 204 168491495489646dc30ad2e0d.ts
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ Frame 0
0 108ms
108ms Preflight
text/plain 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://www.gaflaquiz.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=31536000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 28 Nov 2023 12:36:52 GMT
expires: Wed, 27 Nov 2024 12:36:52 GMT
server: openresty/1.21.4.1

GET
H2 206 168491495489646dc30ad2e0d.ts Show response
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ 701 KB
702 KB 107ms
106ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player_2209.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: b9d2ed3088e00909d76fefe4d6c2b837c9a8223b4a5d3efc1697ab3ca1431774

Request headers

Referer: https://www.gaflaquiz.xyz/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=2431780-3149375

Response headers

date: Tue, 28 Nov 2023 12:36:53 GMT
last-modified: Wed, 24 May 2023 07:59:42 GMT
server: openresty/1.21.4.1
etag: "646dc3ee-13ebe904"
content-type: video/mp2t
access-control-allow-origin: *
Content-Range: bytes 2431780-3149375/334227716
cache-control: max-age=31536000
Content-Length: 717596
expires: Wed, 27 Nov 2024 12:36:53 GMT

OPTIONS
H2 204 168491495489646dc30ad2e0d.ts
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ Frame 0
0 105ms
105ms Preflight
text/plain 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://www.gaflaquiz.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=31536000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 28 Nov 2023 12:36:53 GMT
expires: Wed, 27 Nov 2024 12:36:53 GMT
server: openresty/1.21.4.1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 28ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8J9SC9WB3T&gtm=45je3b81v9116829475&_p=1701175006950&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=344698243.1701175007&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1701175008&sct=1&seg=1&dl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&dt=Gafla%20Quiz%20-%20Love%20Calculator%2C%20Friendship%20Dare%2C%20Whatsapp%20Dare%2C%20Secret%20Message&_s=2&tfd=8714
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-8J9SC9WB3T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 29ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5JRXKHRCBQ&gtm=45je3b81v892043596&_p=1701175006950&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=344698243.1701175007&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1701175007&sct=1&seg=0&dl=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&dt=Gafla%20Quiz%20-%20Love%20Calculator%2C%20Friendship%20Dare%2C%20Whatsapp%20Dare%2C%20Secret%20Message&_s=2&tfd=8803
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JRXKHRCBQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 168491495489646dc30ad2e0d.ts
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ Frame 0
0 105ms
105ms Preflight
text/plain 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://www.gaflaquiz.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=31536000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 28 Nov 2023 12:36:53 GMT
expires: Wed, 27 Nov 2024 12:36:53 GMT
server: openresty/1.21.4.1

GET
H2 206 168491495489646dc30ad2e0d.ts Show response
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ 700 KB
701 KB 107ms
106ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player_2209.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: e842512d81d3fe89c8c23d741d859e76e954c9b4eba6646ffe4860ec3133ee69

Request headers

Referer: https://www.gaflaquiz.xyz/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=3149376-3866595

Response headers

date: Tue, 28 Nov 2023 12:36:53 GMT
last-modified: Wed, 24 May 2023 07:59:42 GMT
server: openresty/1.21.4.1
etag: "646dc3ee-13ebe904"
content-type: video/mp2t
access-control-allow-origin: *
Content-Range: bytes 3149376-3866595/334227716
cache-control: max-age=31536000
Content-Length: 717220
expires: Wed, 27 Nov 2024 12:36:53 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
821 B 102ms
102ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1701175013656&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1577&pt=-1241807090&tz=60&viewable=true&ddast=V8z8UCLAasBhbpCj6zzhNYDSzSFXxmnS8AAABgYGDnAEl4ZsPFxDJzS1yG3Vo0HA3XyolttFYZZ87dzLVwzozDISAJz2y4mFhmbonLsFuLhqPhWjmxjdYq48y5m7kWzplxOAUOU3aaXJaDWiBrmlx-N9BA0-nwue71ut_vrnPYzA7H62m9C5_XvxwAAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAAMXBYB2ez8vsDwAAAAAgAAAAAEgAHPDvlwBwWVw_8f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwM4fIbaZrhKOMhUrBZhBEAAACAbDltiyOTdIKKRZX___9-KwBXAAACGCvcNYOy6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqGlmJk0Qhl64ml9AAIA1v4AAAGzUDQDAGwE4QYegFYPB6gTE7AAAAADc-f___9cDIpvRajPZWEYOm3Mwc21cE5NlOFxMBiuPZ2XcWLzHtav595TeJriPw5SdJpfloBbImiaX334mbDFaTSab5XC2XEwGw9FwNNqfgVgsB2giBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHIarnYOGybtcyxsLhFy9lyrXBZHGuNZ-TbWGyrycblXIteH9PHNbONVjMvEgwQ2YvkaZFOlJvlzDHyrXbLkcUzc1hmi8XENHOsXLbBymZbOCxiieZkkU5kl31lM1ptJhvLyGFzDmaujWtisgyHi8lg5fGsjBuLv7JaLjYO22YtcywsbtFytlwrXBbHWuMZ-TYW22qycTnXotfH9HHNbKPVzN_YDRaL3Wow2O0bu8FisVsNBrt9h87wXX3ORtU44fUIlenr8a-wOQ0Kl8Hi_UlMi2l3dhCdfEenTqpSFnVGv9_v9_v9fr_f7zdoPQezQeE7fVtG3013XU2n1cfBoIglgot0onl5LC_T2-X5PHwut85hMzscr6f1IpYoTRfpRC8RSwSni3QiehlPF_UfOchiN1csRnPJYjiXTFYJAAAAAAAAAMASTDPdBAAAAMDJoCab1WK1TgczWA1Gu9VyAVSAPugCBgEAAAAAANhVS515oHwqVFSssccu5uWxvExvl-fz8LncOofN7HC8ntYrA6gAZWC22WcEsVarZQ0AAEAAGwAAQAA33XgTQBbF_f___48DAAAgI4ceAADAzj4gKNXwI1eKPX4EOZyN9g9AhVir1ep2Y61WK2DBDEeT4QT-____Aw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3050475&dpubid=523515&abtst=166721b_vA!206725b_vA!adxsub-out_vA!adxsub-out_vB!uftchrwf_vC!ul148355-465_vA!unf_vC&mPre=0.033&cirf=https%3A%2F%2Fwww.gaflaquiz.xyz&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.1/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc6d4293174b6510494ffab7a4ea7f7bd209e33b449a557fa949625a400a8da0

Request headers

Referer: https://www.gaflaquiz.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Tue, 28 Nov 2023 12:36:53 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1452
x-cache: MISS
x-served-by: cache-cph2320052-CPH
pragma: no-cache
server: nginx
x-timer: S1701175014.666427,VS0,VE67
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gaflaquiz.xyz
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 206 168491495489646dc30ad2e0d.ts Show response
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ 433 KB
434 KB 106ms
106ms XHR
video/mp2t 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player_2209.8.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash: 610124d58694e15dcfd3704b0ec282e934776e6d0cb4221047af3004fc6ca95e

Request headers

Referer: https://www.gaflaquiz.xyz/
vdoai: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=3866596-4309899

Response headers

date: Tue, 28 Nov 2023 12:36:53 GMT
last-modified: Wed, 24 May 2023 07:59:42 GMT
server: openresty/1.21.4.1
etag: "646dc3ee-13ebe904"
content-type: video/mp2t
access-control-allow-origin: *
Content-Range: bytes 3866596-4309899/334227716
cache-control: max-age=31536000
Content-Length: 443304
expires: Wed, 27 Nov 2024 12:36:53 GMT

OPTIONS
H2 204 168491495489646dc30ad2e0d.ts
h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/ Frame 0
0 105ms
105ms Preflight
text/plain 51.79.72.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.vdo.ai/media_file/v-gaflaquiz-xyz/source/uploads/videos/168491495489646dc30ad2e0d.ts
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.79.72.196 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns567732.ip-51-79-72.net
Software: openresty/1.21.4.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vdoai
Access-Control-Request-Method: GET
Origin: https://www.gaflaquiz.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=31536000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 28 Nov 2023 12:36:53 GMT
expires: Wed, 27 Nov 2024 12:36:53 GMT
server: openresty/1.21.4.1

GET
H2

200

dt
dt.adsafeprotected.com/ Frame DFF1
Redirect Chain

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUzIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY...
https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A4%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...

43 B
215 B

177ms
176ms

Image
image/gif

2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A4%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol: H2
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:54 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Redirect headers

Location: https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A4%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date: Tue, 28 Nov 2023 12:36:53 GMT
Connection: keep-alive
Content-Length: 0
Vary: Origin
Content-Type: image/png

GET
H3 200 dc_oe=ChMI5fvD4NrmggMVd0odCR14HARvEAAYACDQ7vNgQhMI9v6X4NrmggMV8si4CB0VXAEO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D4270,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame DFF1 42 B
63 B 61ms
60ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5fvD4NrmggMVd0odCR14HARvEAAYACDQ7vNgQhMI9v6X4NrmggMV8si4CB0VXAEO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D4270,0,0,0,0%26mtos%3D4270,4270,4270,4270,4270%26amtos%3D0,0,0,0,0%26mcvt%3D4270%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4489%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D26%26pst%3D238%26dur%3D6016%26vmtime%3D4511%26dtos%3D1308%26dtoss%3D3%26dvs%3D1308%26dfvs%3D1308%26dvpt%3D1308%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1308,1308,1308,1308,1308%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D31%26psv%3D30%26psfv%3D30%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4270;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1701175009378;ecn1=1;etm1=0;eid1=960585;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DFF1 42 B
64 B 63ms
62ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CMxQK395lZbaTH_KR4_UPlbiFcPrs7PNztt-ivPERt7rthZc5EAEgzf-HfGCV-vCBjAegAd78oIMDyAEFqQIDt1lr-l-yPqgDAcgDmwSqBPQBT9AWPU24Cw3YNIK2jGDeJt5gaLCnBSmExRgPhyFUK2SvbiWxi6NIj1sjSk4sj85xR4omwsKWC1NnOVkKS-HOvOevah257RBJ5CsTqY-SYi_6iPcM1bcbrUCuT_iqIeE1C51NstI0VvsHHZe9hasfvThSDUbtZ5ke2lrkCMFYrztKH7uIRXYQno51t5NavuyhI9e_hR1usf1S-CiD4E6OZYPsk1yKbVe79HBHwZU7GlFBgzjI8zPLAovT3XAu7KBI9uX67xvwTkSe4ePRMkISVrU9gChMJdn0NvpDA2F6KwZlJ7kIKTR0pmEQf5eKnQbSgsmQ6MAE7fHf67ME4AQDiAX4zOSzTJAGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBO_3NIV0BMA2BMNiBQP2BQB0BUB-BYBgBcB&sigh=Wy5Orf5XS70&label=videoplaytime75&ad_mt=4511&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D3%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26tos%3D4270,0,0,0,0%26mtos%3D4270,4270,4270,4270,4270%26amtos%3D0,0,0,0,0%26mcvt%3D4270%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4489%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D26%26pst%3D238%26dur%3D6016%26vmtime%3D4511%26dtos%3D1308%26dtoss%3D3%26dvs%3D1308%26dfvs%3D1308%26dvpt%3D1308%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1308,1308,1308,1308,1308%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D31%26psv%3D30%26psfv%3D30%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4270&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1701175009378

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=9578285275&adk=3645834497&adf=3077256435&pi=t.ma~as.9578285275&w=750&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007199&bpp=1&bdt=332&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B222 43 B
215 B 178ms
178ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b059bab8-94db-e99e-3f97-3aa1f35d68e0&tv=%7Bc:vgJDaD,pingTime:5,time:5689,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:15%7D,%7Bpiv:100,vs:i,r:,w:160,h:600,t:688%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:688,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B684~0%5D,as:%5B684~0.0%5D%7D%7D,%7Bsl:i,t:688,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:180,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181*.1627455-73523873%7C1811%7C191.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:421%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:54 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B222 43 B
215 B 179ms
178ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=b059bab8-94db-e99e-3f97-3aa1f35d68e0&tv=%7Bc:vgJDaD,pingTime:5,time:5689,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:15%7D,%7Bpiv:100,vs:i,r:,w:160,h:600,t:688%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:688,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B684~0%5D,as:%5B684~0.0%5D%7D%7D,%7Bsl:i,t:688,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:180,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181*.1627455-73523873%7C1811%7C191.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:181*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:15,sis:421%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:54 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC18 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1fb5320b-a63e-68e8-6d29-0dbe147062a4&tv=%7Bc:vgJDba,pingTime:5,time:5626,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D,%7Bpiv:100,vs:i,r:,w:160,h:600,t:625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B621~0%5D,as:%5B621~0.0%5D%7D%7D,%7Bsl:i,t:625,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:182,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191*.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1a2%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:373%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:54 GMT
server: nginx
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC18 43 B
215 B 176ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=1fb5320b-a63e-68e8-6d29-0dbe147062a4&tv=%7Bc:vgJDbb,pingTime:5,time:5627,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D,%7Bpiv:100,vs:i,r:,w:160,h:600,t:625%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:625,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B621~0%5D,as:%5B621~0.0%5D%7D%7D,%7Bsl:i,t:625,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:182,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191*.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1a2%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:373%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:54 GMT
server: nginx
x-server-name: dt25.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FE2C 43 B
215 B 178ms
178ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c8985277-ad2d-bbc1-e794-f48fee1f98d1&tv=%7Bc:vgJDgh,pingTime:5,time:6535,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:360,h:280,t:14%7D,%7Bpiv:100,vs:i,r:,t:1535%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1534,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1530~0,0~100%5D,as:%5B1530~360.280%5D%7D%7D,%7Bsl:i,t:1534,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~360.280%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:tWUkY1M+11%7C121%7C13%7C14*.1474271-76103297%7C141%7C15%7C16%7C17%7C181.1627455-73523873%7C1811%7C191.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1h.1627455-73523884,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:15,sis:220%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:54 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FE2C 43 B
215 B 180ms
180ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=c8985277-ad2d-bbc1-e794-f48fee1f98d1&tv=%7Bc:vgJDgi,pingTime:5,time:6536,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:360,h:280,t:14%7D,%7Bpiv:100,vs:i,r:,t:1535%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:1534,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1530~0,0~100%5D,as:%5B1530~360.280%5D%7D%7D,%7Bsl:i,t:1534,wc:0.0.1600.1200,ac:NaN.NaN.360.280,am:i,cc:NaN.NaN.360.280,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~360.280%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:tWUkY1M+11%7C121%7C13%7C14*.1474271-76103297%7C141%7C15%7C16%7C17%7C181.1627455-73523873%7C1811%7C191.1627455-73523873%7C1911%7C1a.1474271-76103297%7C1a1%7C1h.1627455-73523884,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:15,sis:220%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:54 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 53ms
52ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=9~lpiboe3t&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&dm=6000&met.4=2sbc.4t6~5s.5fb&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1135760%252F76105514%253Fmon%253D76105515%2526omidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xsid%253D%255BTIMESTAMP%255D%2526ias_dspID%253D3%2526ias_campId%253D1008772806%2526ias_pubId%253Dpub-2462751652998210%2526ias_chanId%253D1%2526ias_placementId%253D20509697656%2526bidurl%253Dhttps%253A%252F%252Fwww.gaflaquiz.xyz%252F%2526ias_dealId%253D%2526xsId%253DABAjH0jWo6TJ9ML8Xjw4XnJ6vbwc%2526ias_xappb%253D%2526adsafe_par%2526ias_impId%253Dv4~~ABAjH0jWo6TJ9ML8Xjw4XnJ6vbwc%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN7442.1972103DOUBLECLICKBIDMANAG%252FB30857687.379597277%25253Bsz%25253D0x0%25253BAUCTIONID%25253DABAjH0jWo6TJ9ML8Xjw4XnJ6vbwc%25253BEXCHANGEID%25253D1%25253BSELLERID%25253D916475631320%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Fwww.gaflaquiz.xyz%252F%25253Bnel%25253D0%25253Fves%25253DdGltZXN0YW1wOiAxNzAxMTc1MDA4MjQ5CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdWd6aHdrVFRMb2hJQV8yUUNQUWNPLTk0SVdGazZXc0lmYlJjSUVEZ0Q4UlhPOXhPOTJtWWVnQjVGSUNpTUNnZmxEaXQ1WmRBd2VQVVh4ZXppaU5oY0lqemgzNXFYTEppdTQ2Qm9jcy1lNVJ5SkY5cVNVZU4wNGw4dUZ0OTJzdEgtR2tSbFhta3lqU0dRSjktQy1MdTFDLWs0NHJIaVZMaDBXWnVRR0IySmdycmUzMWgwRGxwZ2dwcW8xNFlGVlRxWGJEdExJMzhkTVphNl80T3ExMDlmdF9VWlFvMW40eVgzNFpQRl8wa3FXUTEzQ2RGTHVKaG15RlhaNnlJa1Z6ZGVDZ1JybzRjZWV5bHRhVWFkd2NJWDhESUxjbS1BY0VZWWxpTzZFLXFqd0E4TnVYdW1XTWVscXhuUkhvWUY3d20yTG4wUUcwOFNjQmVHbERCR1NDM3oxTmVGZWdDQ0xNMXBPM2NKeGRfTEk1QjhlbkNSeEFvYkdxU3l0dDJLR1VBVDlpVjJxOWVBVUtxdlo0dWN4Vkl3emlPNUZVWUxyWWFDbi1DQW1VbUd0LW1WWENTZkhTRkxEajUwclpCa3gwOHdNLVRQdktZTG9KX1hwbzNYU040dHNad0EyRFJNcEx4R1pqUzZBeUtiUlVYU2xVRUg4Y2Z4Vmx1dmVYcU92U2YxbE5tR1dIVDhDb3B3YVZqVkR5ajRaZ1pzdFE2WTFFWG9CcEZaZ0gzVVZWbGRLWVNwSUdtbHlLdEl5aHBjUDJaSDdxREFEYUtHbm9rMTlzejlGaVFHeHRRYjNWOE5yYTVuNmJTQml1M1Y5R3otcWhmZXJmWUZWVHM3WVFGRjROdXJDTUg3WWF0OWJCTGdFSDdXMUNkMk5NMGhVcnhWS1A5MDBOYTlvdHdtczVTMUZfbjQzcTJpejh0VTVsNFJ5cThURFd3V1c5bTI3QUpRTXN3VXVTVXhtTzZiay1rM1NkSW9XZ0paUEZlTnpVM2pfS3pnWklhZVpGbFlhY0N3VmlsTV9rNWFuUHRvOW9JRkJXVlNxVjVYamhXZVlGbVAtZmNhR0J2cENKSjRfV05ETzBWWFcwdTZBaW1hV2VJWmxmUDhyS2hQRHJSVld2RF9rTjg1TVpWT2FaZVhPZGNfbzFfby1CR3JweEYtTENBY1dqbjJTMXNGT0JvQTEwc2RFVjBrQ3gya3VCZEZWMTBuUjY0bTRDNXo4TUE2a2lUX1QzdFdLQ1pfNDVPVXNaMmtMN2IycXdfR3ptRi1DZnVoaER1TXFXaGtTdEc0SFhrM1R6bVZBY3dibTdCXzRRQzhTcnZzOEkycE1WQ3R5OS1NUHJCR1EzZFRxM19hSlRvc3V0ZmxqUWNybGZxTUl0VzlMd19Vai1lcHBwekVleWJMWlNUVWxwRTN0alZJY1hyVkRwTGUwLUNyZktyQnI2MXZyMXBTajlWN0p6aHhZbW9FSUFJYVFSUG14eVRGMW5BWHpzWEg2MElldjNobzM0TjlvTXFZZ3ppa0tNUlZ4TFJ0aFZpQXI3bWRnQ1hLcHMzM21LWEtpWnlfc2Q5ajdGLTRRQ2lGaTFWYlNkbkNmSlFjdThYYUxBWkZHa2NmdjRFMDFZMWlORUFrd1Q2My1GbUJXZGpGY1A4SjY4UHJTcmJHZUR1aGFZZGFUSTd0MkV5UDN0REJZR1ZTclFoU0dZNUxHc2lwLThqQjNYcGlkVzZUWkJaQjE4Tm56MEhHcUpvN3piV0JYQXFDTjZSbnZkVnQ5Nmp2Y0xxSnQzek1nZW5fUThRamdPb05OX0FQa2lRS3dLVEkmc2FpPUFNZmwtWVNFS0VsUFBGLVhobzRMVXpOTGU5eGNPc09kUDNLX1NkeTZsbWF6Nnk4T0hpb3hITTdtaGZBc2UwQVFkajRmc2lIYWxBWTlRY3RZVHFzdzdDX0s5Q25FTi1la3c4YUx5MTk1Q0xSWC1JU1dDQ210a0Etemo5V2xhbzFhRnlXb1lJbHhFN3FqTGxkZEVHWkJ5S2hSWVJMT2xVeHBZM0ltSEloOE5lLUpFbmxseUptM1B4V2RtbVFhbjJoNzVYbTVzR09FRXc1U29rRGhtejhVTEJ5SDZJY1RNMlgxUVhRb252SXVDTjl1RlYxQVYtMWVZZ0UwNFRYSDA2VXVhWmhQVWxZVURHNFBMWGswZHVrWUpfb0xTZHN5NHZHT2VjTGhEUHNUSWcyV3ZSb0N0VkJmZTl2T1FhMnd4VGF3OFJuT2VjRjg5b3hOWHVwZlN5cTImc2lnPUNnMEFyS0pTekdDOUxKRlVrYkJhRUFFJmNyeT0xJmZic19hZWlkPSU1Qmd3X2Zic2FlaWQlNUQmdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cuY2lzY28uY29tL2MvZGVfZGUvcHJvZHVjdHMvc2VjdXJpdHkvZmlyZXdhbGxzL2dldC1zdGFydGVkLmh0bWwlM0ZDQ0lEJTNEY2MwMDMwNTMlMjZPSUQlM0R0cmxzYzAyNzA1NCUyNkRUSUQlM0RwZGlwcmcwMDAwMDElMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg%252526dc_cid%25253D203224912%252526dc_adid%25253D570667618&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 51ms
50ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=a~lpiboir2&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&dm=6000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fpixel.png%253FeyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0LyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiMi4wIiwiY3VzdG9tMyI6IjIuMCIsImN1c3RvbTciOiIxMTM1NzYwIiwiY3VzdG9tOCI6Ijc2MTA1NTE0IiwiZGF2M19kZXZpY2UiOiJERVZJQ0VUWVBFX1VOS05PV04iLCJkYXYzX291dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwiLCJkYXYzX3VhIjoiIiwibW9uaXRvcmluZyI6ImZhbHNlIiwicmVnaW9uIjoiaWUiLCJ4c2lkIjoiYTdjMzY0ODItYTM5ZC00YTc4LTgxNWItNGZlZGUyNzQyZWQ5In0sInRpbWVzdGFtcCI6IjAwMDEtMDEtMDFUMDA6MDA6MDBaIiwiaGVhZGVycyI6eyJoZWFkZXIxMCI6IjIwNTA5Njk3NjU2IiwiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMiIsImhlYWRlcjQiOiI3IiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNiIjoiMTcwMTE3NTAwODUzNTA3NTI1MCIsImFkRHVyYXRpb24iOjE3MDUwMzI3MDQsImlhc1NpbmdsZXRhZyI6dHJ1ZSwiaWFzU2luZ2xldGFnT3V0Y29tZSI6Ik9VVENPTUVfTV9fVkFTVF9fT01JRF9fV0VCX1BYTCJ9%2526advEntityId%253D1135760%2526pubEntityId%253D76105514&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 51ms
50ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=b~lpiboir2&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&dm=6000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fs0.2mdn.net%252Fdot.gif&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 51ms
51ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=c~lpiboir2&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&dm=6000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fpixel.png%253FeyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0LyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiMi4wIiwiY3VzdG9tMyI6IjIuMCIsImN1c3RvbTciOiIxMTM1NzYwIiwiY3VzdG9tOCI6Ijc2MTA1NTE0IiwiZGF2M19kZXZpY2UiOiJERVZJQ0VUWVBFX1VOS05PV04iLCJkYXYzX291dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwiLCJkYXYzX3VhIjoiIiwibW9uaXRvcmluZyI6ImZhbHNlIiwicmVnaW9uIjoiaWUiLCJ4c2lkIjoiYTdjMzY0ODItYTM5ZC00YTc4LTgxNWItNGZlZGUyNzQyZWQ5In0sInRpbWVzdGFtcCI6IjAwMDEtMDEtMDFUMDA6MDA6MDBaIiwiaGVhZGVycyI6eyJoZWFkZXIxMCI6IjIwNTA5Njk3NjU2IiwiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY3JlYXRpdmVJZCI6IjIwMzIyNDkxMiIsImNiIjoiMTcwMTE3NTAwODUzNjk3NDY2OSIsImFkRHVyYXRpb24iOi0xLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ%253D%253D%2526advEntityId%253D1135760%2526pubEntityId%253D76105514%2526iris_id%253D%255BIRIS_ID%255D%2526ss_iris_id%253D%257B%257BIRIS_ID%257D%257D%2526fw_iris_id%253D%2523%257Brequest.keyValue(%252522_fw_content_id%252522)%257D&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 51ms
51ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=d~lpiboir2&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&dm=6000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fpixel.adsafeprotected.com%252Frfw%252Fst%252F1135760%252F76105515%252Fskeleton.gif%253Fxmtp%253Dv%2526xmapp%253D0%2526xsId%253Da7c36482-a39d-4a78-815b-4fede2742ed9%2526bidurl%253Dhttps%253A%252F%252Fwww.gaflaquiz.xyz%252F%2526ias_campId%253D1008772806%2526ias_pubId%253Dpub-2462751652998210%2526ias_placementId%253D20509697656%2526ias_chanId%253D1%2526ias_dealId%253D%2526ias_impId%253Dv4~~ABAjH0jWo6TJ9ML8Xjw4XnJ6vbwc%2526ias_dspId%253D3%2526ias_creativeId%253D203224912%2526ias_%253D%2526ias_xappb%253D%2526mon%253D76105515&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 52ms
52ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=e~lpiboir2&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&dm=6000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fpixel.png%253FeyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTEzNTc2MCIsImN1c3RvbTgiOiI3NjEwNTUxNCIsImRhdjNfZGV2aWNlIjoiREVWSUNFVFlQRV9VTktOT1dOIiwiZGF2M19vdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIiwiZGF2M191YSI6IiIsIm1vbml0b3JpbmciOiJmYWxzZSIsInJlZ2lvbiI6ImllIiwieHNpZCI6ImE3YzM2NDgyLWEzOWQtNGE3OC04MTViLTRmZWRlMjc0MmVkOSJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTAiOiIyMDUwOTY5NzY1NiIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE3MDExNzUwMDg1MzQ1NjI5MjAiLCJhZER1cmF0aW9uIjoxNzA1MDMyNzA0LCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ%253D%253D%2526advEntityId%253D1135760%2526pubEntityId%253D76105514&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame DFF1 0
17 B 50ms
50ms Ping
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=f~lpiboir3&c=7106090933299&slotId=3553045466649.5&qqid=CPb-l-Da5oIDFfLIuAgdFVwBDg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1810&mt=video%2Fmp4&vs=1280x720&dm=6000&event_name=first_pause&asset_bytes=1715650&video_bytes=1514096&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=28&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=8&video_played_seconds=6.02&video_muted=true&video_seconds_loaded=6.02&vqdf=1&vqtf=180&vqfr=30&endedMediaDiff=-16
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dt
dt.adsafeprotected.com/ Frame DFF1
Redirect Chain

https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiQ09NUExFVEUiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjV...
https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A5%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...

43 B
215 B

177ms
177ms

Image
image/gif

2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A5%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoComplete%2Csl%3An%2Cad_duration%3A1705032704.1151%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol: H2
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Redirect headers

Location: https://dt.adsafeprotected.com/dt?anId=10173&asId=a7c36482-a39d-4a78-815b-4fede2742ed9&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A5%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoMidpoint%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoThirdQuartile%2Csl%3An%2Cad_duration%3A1705032704%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoComplete%2Csl%3An%2Cad_duration%3A1705032704.1151%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date: Tue, 28 Nov 2023 12:36:55 GMT
Connection: keep-alive
Content-Length: 0
Vary: Origin
Content-Type: image/png

GET
H3 200 dc_oe=ChMI5fvD4NrmggMVd0odCR14HARvEAAYACDQ7vNgQhMI9v6X4NrmggMV8si4CB0VXAEO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26p0%3D0,0,0,0%26p1...
ade.googlesyndication.com/ddm/activity/ Frame DFF1 42 B
63 B 59ms
59ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5fvD4NrmggMVd0odCR14HARvEAAYACDQ7vNgQhMI9v6X4NrmggMV8si4CB0VXAEO;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26p0%3D0,0,0,0%26p1%3D7,139,273,612%26p2%3D7,139,273,612%26p3%3D7,139,273,612%26tos%3D5772,0,0,0,0%26mtos%3D5772,5772,5772,5772,5772%26amtos%3D0,0,0,0,0%26mtos1%3D1353,0,0%26mtos2%3D1609,0,0%26mtos3%3D1308,0,0%26mcvt%3D5772%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5991%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D36%26pst%3D238%26dur%3D6016%26vmtime%3D6016%26dtos%3D1502%26dtoss%3D4%26dvs%3D1502%26dfvs%3D1502%26dvpt%3D1502%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1502,1502,1502,1502,1502%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D127%26psv%3D126%26psfv%3D126%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5772%26ss0%3D0%26ss1%3D0,0.06,0.06%26ss2%3D0.06%26ss3%3D0.06;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1701175009378;ecn1=1;etm1=0;eid1=13;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DFF1 42 B
64 B 62ms
61ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CMxQK395lZbaTH_KR4_UPlbiFcPrs7PNztt-ivPERt7rthZc5EAEgzf-HfGCV-vCBjAegAd78oIMDyAEFqQIDt1lr-l-yPqgDAcgDmwSqBPQBT9AWPU24Cw3YNIK2jGDeJt5gaLCnBSmExRgPhyFUK2SvbiWxi6NIj1sjSk4sj85xR4omwsKWC1NnOVkKS-HOvOevah257RBJ5CsTqY-SYi_6iPcM1bcbrUCuT_iqIeE1C51NstI0VvsHHZe9hasfvThSDUbtZ5ke2lrkCMFYrztKH7uIRXYQno51t5NavuyhI9e_hR1usf1S-CiD4E6OZYPsk1yKbVe79HBHwZU7GlFBgzjI8zPLAovT3XAu7KBI9uX67xvwTkSe4ePRMkISVrU9gChMJdn0NvpDA2F6KwZlJ7kIKTR0pmEQf5eKnQbSgsmQ6MAE7fHf67ME4AQDiAX4zOSzTJAGAaAGToAHioPffKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAkRFsBO_3NIV0BMA2BMNiBQP2BQB0BUB-BYBgBcB&sigh=Wy5Orf5XS70&label=videoplaytime100&ad_mt=6016&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D4%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,139,273,612%26p0%3D0,0,0,0%26p1%3D7,139,273,612%26p2%3D7,139,273,612%26p3%3D7,139,273,612%26tos%3D5772,0,0,0,0%26mtos%3D5772,5772,5772,5772,5772%26amtos%3D0,0,0,0,0%26mtos1%3D1353,0,0%26mtos2%3D1609,0,0%26mtos3%3D1308,0,0%26mcvt%3D5772%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5991%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D36%26pst%3D238%26dur%3D6016%26vmtime%3D6016%26dtos%3D1502%26dtoss%3D4%26dvs%3D1502%26dfvs%3D1502%26dvpt%3D1502%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26i3%3D33554707%26ic%3D0%26cs%3D50332435%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1502,1502,1502,1502,1502%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D229452579%26psm%3D127%26psv%3D126%26psfv%3D126%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5772%26ss0%3D0%26ss1%3D0,0.06,0.06%26ss2%3D0.06%26ss3%3D0.06&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1701175009378

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2462751652998210&output=html&h=280&slotname=9578285275&adk=3645834497&adf=3077256435&pi=t.ma~as.9578285275&w=750&fwrn=4&fwrnh=100&lmt=1701175007&rafmt=1&format=750x280&url=https%3A%2F%2Fwww.gaflaquiz.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701175007199&bpp=1&bdt=332&idt=195&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=8115316249199&frm=20&pv=1&ga_vid=344698243.1701175007&ga_sid=1701175007&ga_hid=2132356980&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C42532524%2C44809315%2C31078301%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=2450216882897498&tmod=708313881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DBBD 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=62812222-5cbf-a13c-ad81-c9484364997d&tv=%7Bc:vgJDrQ,pingTime:5,time:6720,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:11%7D,%7Bpiv:100,vs:i,r:,t:1719%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1715~0,0~100%5D,as:%5B1715~728.90%5D%7D%7D,%7Bsl:i,t:1719,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:182,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C191.1627455-73523873%7C1911%7C1a*.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:11,sis:390%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DBBD 43 B
215 B 178ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=62812222-5cbf-a13c-ad81-c9484364997d&tv=%7Bc:vgJDrQ,pingTime:5,time:6720,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:11%7D,%7Bpiv:100,vs:i,r:,t:1719%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1719,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1715~0,0~100%5D,as:%5B1715~728.90%5D%7D%7D,%7Bsl:i,t:1719,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:182,fm:tWUkY1M+11%7C121%7C1221%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C1431%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C191.1627455-73523873%7C1911%7C1a*.1474271-76103297%7C1a1%7C1b%7C1c1%7C1d%7C1e%7C1h.1627455-73523884,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:11,sis:390%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F95E 43 B
215 B 178ms
178ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=4170a794-5d97-738a-46ff-5050ad2ee7e9&tv=%7Bc:vgJDwu,pingTime:5,time:6077,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D,%7Br:r,w:300,h:50,t:76%7D,%7Bpiv:100,vs:i,r:,t:1077%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5000,o:1077,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1070~0,0~100%5D,as:%5B69~0.0,1001~300.50%5D%7D%7D,%7Bsl:i,t:1077,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:180,fm:tWUkY1M+11%7C121%7C122%7C123%7C124%7C125%7C126%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C143%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191.1627455-73523873%7C1911%7C1912%7C1913%7C1914%7C1a.1474271-76103297%7C1a1%7C1a2%7C1a3%7C1a4%7C1b%7C1c1%7C1d%7C1e%7C1f1%7C1g%7C1h*.1627455-73523884%7C1h1%7C1h2,idMap:1h*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:130%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F95E 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7780:af6f:8685:5ae:f455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=4170a794-5d97-738a-46ff-5050ad2ee7e9&tv=%7Bc:vgJDwv,pingTime:5,time:6078,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:20%7D,%7Br:r,w:300,h:50,t:76%7D,%7Bpiv:100,vs:i,r:,t:1077%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1077,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1070~0,0~100%5D,as:%5B69~0.0,1001~300.50%5D%7D%7D,%7Bsl:i,t:1077,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:180,fm:tWUkY1M+11%7C121%7C122%7C123%7C124%7C125%7C126%7C131%7C132%7C14.1474271-76103297%7C141%7C142%7C143%7C144%7C15%7C16%7C1711%7C181.1627455-73523873%7C1811%7C1812%7C1813%7C1814%7C191.1627455-73523873%7C1911%7C1912%7C1913%7C1914%7C1a.1474271-76103297%7C1a1%7C1a2%7C1a3%7C1a4%7C1b%7C1c1%7C1d%7C1e%7C1f1%7C1g%7C1h*.1627455-73523884%7C1h1%7C1h2,idMap:1h*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:130%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:af6f:8685:5ae:f455 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:55 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6E12 42 B
64 B 59ms
58ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cjp5a495lZd7eMqf97_UP_5-W-AOa9umfdOW5-auSEvrEyryMDhABIKzWiUZglfrwgYwHoAHT1cqbA8gBBakC1MKjsvJesj7gAgCoAwGYBACqBN4CT9C_QF3HO282KkjHlKEuFLdbW_6YcS_ooN6dA4HlzHAKCIqwJ7QlebHM73DMn4lC3U93yUmkzcU_g3DHWYqqz9_cxMomqPvdosQfFPHIJpOfH0r5u3wRxCWq0uRq5QgcZpKLJxK4FsboM4ltB51Dr4M2-ti1_JZDdeVdaUzL4INbchcxHzJYArE_mcASUNG4yMl5BoX2oSORQgzSgK2GTz5sOlYyCZoEM_veIb51NtbBsKv2_au6T3Kop7wvktO9XjXJ0lzcaEh0s-fSsVly_JYCqsxvGKv575SeWo8nk303CwJ4pCEGpK9gr6hCDw8oIe9klN88F2g8bES2L8mRe8WO50YhFems24iRTqs6m2Xwa2eaKOTdOj5qxYsDwZwtZKnIV1w3hhPlLLak1fC6Kd89emWU9gHhiT9ODsOIMbvtkX8klRMV4Smh2R1Jg-VNITpuryl53tVcJUWRLSHABP6bk_W-BOAEAYgF1peJsk2gBlSAB5WqtWSoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQ4Kiq6uW_neMqEgIBA6oNAkRF4g0TCNzSneLa5oIDFaf-uwgd_48FP9gTAtAVAZgWAfgWAYAXAQ&sigh=ruI_pw4yvIY&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=video_skip_shown&ad_mt=5260&sdkv=h.3.605.0&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MjMzOTkyOTYyMjkyDDY4MTAzNTk1MTc1OEDJA1ImEA8lAABBQygBOgtXX0pvZWVZQnJCTUIJZ29vZ2xlYWRzSMQBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 12:36:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sdk.truepush.com
URL: https://sdk.truepush.com/api/v1/updateOriginalUrl

Verdicts & Comments Add Verdict or Comment

330 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gaflaquiz.xyz/	1970-01-20 16:34:21	Name: _gid Value: GA1.2.1821773748.1701175007
.gaflaquiz.xyz/	1970-01-20 16:32:55	Name: _gat_gtag_UA_161442750_1 Value: 1
.doubleclick.net/	1970-01-21 01:54:31	Name: IDE Value: AHWqTUl3Do1G-Fx9WwqFiooHjR-rt27qnWLtafIpvNO5a5H6UgJovFk6NyVkOjyQ
.gaflaquiz.xyz/	1970-01-21 02:08:55	Name: _ga Value: GA1.1.344698243.1701175007
.casalemedia.com/	1970-01-20 18:42:31	Name: CMPS Value: 3373
.casalemedia.com/	1970-01-20 18:42:31	Name: CMPRO Value: 3373
.casalemedia.com/	1970-01-21 01:18:31	Name: CMID Value: ZWXe4Mm3EOp3ikkf3ajvaAAA
.adnxs.com/	1970-01-20 18:42:31	Name: uuid2 Value: 5708935329828139927
www.gaflaquiz.xyz/	1970-01-21 01:18:31	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D2591ca63-f1ab-4969-aeb1-c3d7cb652ce9-tuctc5f645f
.adnxs.com/	1970-01-20 18:42:31	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?]uY^0(!]tbPl1M>e)ZlrFUfJ+tGXxpWGRz<NQl=ZlOVt:YSbVhhE7?_BZsivzit[pM3If)y3KL9D3I?+]BWej2
.gaflaquiz.xyz/	1970-01-21 01:54:31	Name: __gads Value: ID=8c50cf0ada69104f:T=1701175007:RT=1701175007:S=ALNI_MYfvkaD5v0ovZNobeQlOX-uF5DTJg
.gaflaquiz.xyz/	1970-01-21 01:54:31	Name: __gpi Value: UID=00000ce156e9d58c:T=1701175007:RT=1701175007:S=ALNI_Mbr5oVkEQMtJHStzlgXhOm1cZX2QQ
.doubleclick.net/	1970-01-20 20:52:07	Name: APC Value: AfxxVi4nL9rApOwxHkWAtas0Jrjvj7gFhNvnBKYQ2VYDWYeEMsNAXQ
.doubleclick.net/	1970-01-20 17:16:07	Name: ar_debug Value: 1
.gaflaquiz.xyz/	1970-01-20 16:32:55	Name: lotame_domain_check Value: gaflaquiz.xyz
.redintelligence.net/	1970-01-20 18:42:31	Name: 8lcfmzhxc8d6_uid Value: 59f64c6189158113
.gaflaquiz.xyz/	1970-01-21 01:18:31	Name: connectId Value: {"ttl":86400000,"lastUsed":1701175008736,"lastSynced":1701175008736}
.openx.net/	1970-01-21 01:18:31	Name: i Value: 49db5cd8-726d-4d0c-b9bc-560a259d4c92\|1701175008
.criteo.com/	1970-01-21 01:54:31	Name: uid Value: 1cf6f8d9-73d1-49b4-ab3e-9c839d7625ca
.criteo.com/	1970-01-21 01:54:31	Name: receive-cookie-deprecation Value: 1
.awin1.com/	1970-01-20 16:42:59	Name: awpv11601 Value: 113440\|1701175009\|ccb9dae0-8dea-11ee-98d5-22653d8c0e4c
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.gaflaquiz.xyz/	1970-01-21 01:54:31	Name: cto_bundle Value: hZR_L195N2FHY1QlMkJCZW9zTlMxaiUyRnZhaldqM0tvUWFkZmpldkcwdGNYeVNhcjlsJTJCMXl3U3VrZ1psNlp3N0hpZ1I2NGZEZVVsRlI2OHNMMDZucXJaZ0tzMlpzb2YlMkIzamJpdmp0VWdZblRVTTR1Q1lrZEJyUGY4UWVRV3VzNnV4VWUycXg0RTlwcjFCc0tRSFBrVjF4NkZ2JTJGTHJnJTNEJTNE
pb.media01.eu/	1970-01-21 02:08:55	Name: DTU Value: 4E7A2C374AB50C93377A3A96D3E190FC
.office-partner.de/	1970-01-21 02:08:55	Name: source Value: {"webgains_webgains":{"timestamp":1701175009470,"clickCookie":false}}
.gaflaquiz.xyz/	1970-01-21 02:08:55	Name: _ga_5JRXKHRCBQ Value: GS1.1.1701175007.1.0.1701175009.0.0.0
.simpli.fi/	1970-01-21 01:19:57	Name: suid Value: 9B951BEDDAE3400D9A575B01B93BC75B
.lijit.com/	1970-01-21 01:18:31	Name: ljt_reader Value: Hu1UpGZHoURS1rMuTYa-cNOn
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.gonet-ads.com/	1970-01-21 01:19:57	Name: pid Value: NDk5OGU1NDlhYjc1Yjc2Zg
sync.srv.stackadapt.com/	1970-01-21 01:18:31	Name: sa-user-id Value: s%3A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
.srv.stackadapt.com/	1970-01-21 01:18:31	Name: sa-user-id Value: s%3A0-8cf540b6-ec41-5ea7-60bf-b47e216d658a.N9kKVSvaQWLrLvdCk5Pg5d7xKF97d2UZ6ZyX8ZgmO60
sync.srv.stackadapt.com/	1970-01-21 01:18:31	Name: sa-user-id-v2 Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
.srv.stackadapt.com/	1970-01-21 01:18:31	Name: sa-user-id-v2 Value: s%3AjPVAtuxBXqdgv7R-IW1litly2hY.XbDmjDLAcYMGY9mYDME0uIu3%2BjWvDZvNRXCZ5ROl3S8
sync.srv.stackadapt.com/	1970-01-21 01:18:31	Name: sa-user-id-v3 Value: s%3AAQAKIFucj13AgAf0uFIkoyap2h1nTfEJV6lZguIF-XNcZQ-oEHwYBCDivZerBjABOgRyABfNQgSKhM3s.KSaWoWpl4jXqCiBxJm4el2mds5gv%2FmF2pxGvsgByvVg
.srv.stackadapt.com/	1970-01-21 01:18:31	Name: sa-user-id-v3 Value: s%3AAQAKIFucj13AgAf0uFIkoyap2h1nTfEJV6lZguIF-XNcZQ-oEHwYBCDivZerBjABOgRyABfNQgSKhM3s.KSaWoWpl4jXqCiBxJm4el2mds5gv%2FmF2pxGvsgByvVg
.zemanta.com/	1970-01-21 01:18:31	Name: zuid Value: fECvk5VaE1nOuryy218G
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: FstpHOri66A
.youtube.com/	1970-01-20 20:52:07	Name: VISITOR_INFO1_LIVE Value: 7pIhLiIXmSY
.gaflaquiz.xyz/	1970-01-21 02:08:55	Name: _ga_8J9SC9WB3T Value: GS1.1.1701175008.1.1.1701175014.54.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
8696aeb5dd85ecbb82d60cecf7e57a39.safeframe.googlesyndication.com
a.vdo.ai
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adv.office-partner.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
analytics.vdo.ai
analytics.webgains.io
ap.lijit.com
api.webgains.io
b1sync.zemanta.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
connectid.analytics.yahoo.com
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gaflaquiz.xyz
gcdn.2mdn.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h5.vdo.ai
hal9000.redintelligence.net
hal90008.redintelligence.net
ib.adnxs.com
id5-sync.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
invstatic101.creativecdn.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pb.media01.eu
pips.taboola.com
pixel.adsafeprotected.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
pv.medialead.de
r5---sn-4g5e6nsy.c.2mdn.net
region1.analytics.google.com
region1.google-analytics.com
rr4---sn-4g5ednsd.googlevideo.com
s0.2mdn.net
sdk.truepush.com
sdki.truepush.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.gonet-ads.com
sync.srv.stackadapt.com
sync.teads.tv
tags.crwdcntrl.net
targeting.vdo.ai
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
trc.taboola.com
um.simpli.fi
unified.adsafeprotected.com
ups.analytics.yahoo.com
us-u.openx.net
videos.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.awin1.com
www.gaflaquiz.xyz
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
sdk.truepush.com
103.231.212.226
13.42.155.83
138.201.63.150
141.226.224.32
141.226.228.48
142.250.184.194
142.250.185.98
142.250.74.198
145.239.193.130
15.197.193.217
151.101.193.44
162.19.138.83
172.217.16.198
172.64.151.101
172.64.152.89
18.134.20.61
18.66.147.98
184.30.22.30
185.89.210.244
188.42.105.220
2.16.97.41
2001:4860:4802:32::36
216.52.2.91
23.56.205.163
2600:1f13:800:7780:af6f:8685:5ae:f455
2600:9000:223c:ac00:10:dd8:5e40:93a1
2600:9000:223f:5e00:8:48e:53c0:93a1
2600:9000:2250:d200:a:e047:753:a221
2600:9000:2491:b800:7:6b7b:1000:93a1
2606:4700:10::6816:3556
2606:4700:3038::6815:ea92
2606:4700:3038::6815:ea93
2606:4700::6810:5814
2606:4700::6811:180e
2a00:1450:4001:64::a
2a00:1450:4001:6e::9
2a00:1450:4001:802::2001
2a00:1450:4001:803::200e
2a00:1450:4001:806::2006
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::200e
2a00:1450:400a:803::2003
2a00:1450:400c:c09::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:4780:23:fb38:ca55:149b:7fb4:e5a3
2a02:4780:24:9ad:b4:fee5:a15e:6e24
2a05:d018:d29:3602:d09c:564c:cd27:b30c
2a0b:4d07:102::1
3.71.149.231
34.102.146.192
34.120.135.53
34.242.245.123
34.91.62.186
34.96.70.87
34.98.64.218
50.31.142.95
51.38.120.206
51.79.72.196
51.79.79.65
52.210.22.122
52.28.119.39
52.48.81.28
54.144.205.34
65.9.66.122
66.102.1.157
69.173.144.139
78.46.23.46
88.198.250.30
99.86.4.94
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02f0f703fbc39f74414c414357cd77d8f1e7c208a8d5380f1cf98d5768429b6e
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0641d0fd41a1f9f87e52defda482dc8913044ab77293839ad071255ff1e134d9
07f1ace56a7af2f94582221c820a61ced64834e3b92ad1c459b3b72825d3e7f3
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0d3ee27de593f890a6cc9951bcf36d8bd85a68654777fefdcc1492aca2c4f865
0de2a176ad08f62d4eb01561e51936094f156760b03746e2f17e69345824f7b2
0dfe1f9ce8410e9cd1eb921153319aa98dd53d12a6e4fb0efca81ab345bda814
0ff71d5065ac7b60128927f0519ef6ec4afdcad52b5428dabb3851ec339277af
11d8979e574565926525a6b71ef868c163eb760c566324365a11b3e72c8c2b23
128ee7dfb1288ef301192c216de02a16d74281eded353d17d6104af1db6ed2e3
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12ff2ec39651e02b34ee26ae91b66614f3b981e5b8db58feb16115c2b6b201f0
14364bf98604fb074fa18a57fd2bfe2c7623ef16f3bbb575a80c80de76f8f54a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1746d0f39d62722e598c64f983e1e1c3957253e80e2f15cb3a198093dbb0ecd1
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
194f9b1ad5c6876de8ad8f118602b6f5e19f84079c795dcc04dbd9381791f588
19b4de70690cfa260e519f17f00c2f7cf2ef3543e90ec9d6b071f575ae506be6
19b9aac3825075e1042edff03edeffacb5997e6ae4d08ac3a5d3e840a599c8ae
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2139950bb0334b1eb28373b38356567d694c11d614d8dbcff785b1400d75b0b9
227dbcbcfee239493cea1f2eceebf923bd768a4032d0af10b370dc35f4d114ae
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
263403e6cea55abd488e73b1a3ed6fac18d6b3136572570953b3392504715123
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
291baf62c8f53332630e9d9ecef374d548be73af83c23bd9c11f1cd1fed717e7
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
29f042d1345dc3f04bcca4098635ac350095f142d5742172f8e914f9e8ac9ae2
2b1db638b8137df4162c3a0ce29d0d786422797cdea6483ccf9c616b90791a6b
2c9ac08c5d577d2712c4ceebe0bf9c83014aada61d8f6093130242c2ac7902e8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d76d4eb560f3f07393988e9f8f8425791f26d0438483c222ff53c73b9900be4
2dd06b032096e1ff1481bd84f3501f8ae944df52f65eafdf9fbbf9145c6d875d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1ae783e570bbddc7985c4fd7a6a9d3dd698a5989b6b2ca8aa0c7eb1b37e411
2f92f0adaf2370f83fcdb0a2001f2d1fd3192982ddade3c9e7853735c78accd3
2fcb5f0b3cc34d0486826ac2a84993cd394da356f6ea208c7e54f9d27a3e5a4e
2fdbb1c2b2ebf66dfa07949fc25b37a5b66a64e76b2b51d93821bd7756af7731
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320c83a2ecf5473795e1137deb93090208180cdb0cf8e7f6dad1a1f1aef35770
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a152da069782f7b75acb50f508ec2d99f697d2a65376fdbe846dacacf915eb
32b99b7648cc880c2c70ea717245a86a853eabd2f305af8db1027535677b9c4e
359bb2ce18858bd87a64bb12bd30bef0605b54123848444587a0c661a765bd67
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
380e838cbc880652638a2b380c6a391237b21e77eed478eb2febc9f9a312e469
38404e9bc23d0d853a8e26a1d578490460850b68bdc3701ce06ed20467bbfc92
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39c49ab95d287f24c6f616d9ddf4eae99f44ee8aa165bb419bfa56fb2d3185c8
3a312ee89ec5f18a416fb6a95ffa6f98c2f580d4542cdb271905f4c9823c5a7c
3afbda57c34b54d947c6bb3f937fc74100849573bc7e13816b02522ff1538107
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3c75bb3d00bf67f7eb542653159d395150d3fd94699e2cbb64f5e20ac54cb4d9
3cb379880cd9aa9e2d4c2499037469450ac8cefc07de4907dd928782ad1051cd
3d66ba6bc03128cc3ce96e393fc2b3f7c8bd2e73af8258ae6d6a5e6f2efb9848
3e842f75b0b6696aa8536866a04e954e7b1f5a6117900f5831bd56eee9c11124
3e9277d621c6180949f034a6e3d69ceeb85ed8740f595cc1f887586ea88e8c64
3fc09a130820c5e03c7c87bfa89446e32fe19ba35adbadf252616fe2f158ba28
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4137ca4dbc6af096da3cac033360a1566c0355ee5ca220e3bbee30e181e973f6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41e8d373b9d97d2006ac7790c8962b71668574e1342cd834ee9e6f40302bc7e2
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43b383f74300298db317837e66d37f05ab2ec84f8236704901eb56c94634a939
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447070c93425ac71ab73129ec57e0293904deb6fab9d7798c64b99fd0369040c
451c6ad408582c07cee6d9d502b56bb3f982a2000bb2f6f28474aeead35a7385
459fd29bd44e6c75dbbce57e7b0efe135a57e198d265ec6a5930c912e214c29b
45efde479722891703327df01410cd0cef2f03c3c7abdbd501e2e4887a5fd052
466798fae129eb3899a28dc6cd8aaab04bfbad6e4a9f51d598a225041ea64165
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495f4c9c2cc9d2ea92326d9247b9153a70081333fe635c95514181ae261c3d93
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbedc12e70ce6525551bd9f209384160f2c4ff68a6fe6e3ed80daaec1cec8c4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62
4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16
52770d7ed8a425cf298da4db7c8a5c4274479d5266d2271b448097ec0fe55129
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57dd6a980d3c8b433cb6c3539aac3498448de60beba2511fdf243ff4fe4e50c4
5bac43d16f70997c4c10534c904bd30c5c0a95d7b6fe7069f9fe491c91526851
5bfc8547b7dc530c22a9fe437c65e70deb8d99a381fb55d40da45c397c31345e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c62b517ffe1441829a1bd6ab8fa0e8738eb937ccdbd630808a381ee9a83a68d
5f9143e830a0b967a401b2f2472c0a02c3a8ffdfc40f53f8aed9d1154c236379
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
610124d58694e15dcfd3704b0ec282e934776e6d0cb4221047af3004fc6ca95e
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
617b086625bae27b106bdf422407f79ad3f3f60dbea160f7da77148a64c419a6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6706e4b58b7ca3f57acefc1a41ef328f0f0ac97ad750d029c5690def1fc3cbe7
6712eddfa9a7084c0702cba4431c4072d0ad04a7fb6254871ddee177b2f32de6
680ea157971c77dd6f21d89407c5d3b10458b26c6e4219075e12e71a99b37548
690bae238da1d025e1400efc91217a8d9e33479a7f7c3dccd16d17204eb3c24d
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
6a8f94aa5751b9410832e97b5049961c4cf9483c4047230528920e8a53e80cd4
6b0592c17dae6f17acb82625d235a0bc54165fa10269d0521d964882f5fabb04
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da39d7016983da78b0cbb621d5d26e753ffc8eb7185f3239aa6b97ec64c073b
6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef
6dee119ee49ab8771cf531190b1b186a092c709f799baf9ab566a3ca9778ea0b
72ce3f8421841eb92a35f3ebcab516c060cb656e570bcb2c9c0eb077c19bf3d2
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
736b371994824d8b49bff02d6c1c87c98766fa43db4be62c6ae84821097d333a
7577537c77e5b09f279cad612a0db070908e6c02c7e744f25e40cb9a6d04ee21
7ac6c155aa063758c1222c3990d67266f05ada2514d4fe7485797a7d994706ff
7e56a842a5678e97055f0b4aaf6b0fc3e79cfa0c3d46ebaf0bff1807748e9ffd
80ffba77f81b5431329d5d6f73af0c4d9c2d168541a64d56faa12b7661520400
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83745af2c6c22c8f5bedf39c667c6c26cbcc334f8d5184679ad512e21eaa41e2
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
89ba1d7204261aca8c661188127e489e452157be8b33c181a0913803d90a4cc5
8d09353b5e1b06bc7a9f599b918ceea995fba474d305ff92c099501532027bc7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df0dd2eda15d87c893a5779875e5c4e99e525e65ce3775d809fcde28752d2be
8f097183aa55de8e731d7f219fe8739a0409a355db3918bc3a548764e534d8db
8f504076812628732919c2046c8a7c90759fa92c4a06b82c823219c6b42dab99
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
921855cc0d54c25fe1a9393a5b4f89b3050d4236b268bf509c2dae1d77a0c9e6
933c66152fd3dfd879a49b9da75a5157b9a37afde1ee7e8474e6b81632d8f092
982dc96e90397a3544efc19af229d80621104098c016124a48415fdde5923da2
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99a8f24280f9887507f9f5c531645166fef6ee2e079e14fe4295deba5b1e0e9e
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9ef61f64c59ab09b4c42ae1c91674f17f25f93ad2876c6a64bffc5883216c63a
9f47c55ec7912b9c5d35e1c6a4e645f4177f5ebedeb742bcb30e41c9b007810a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a2fad356b2d5119336e6cb3297068e4e39a9af3f0908ea8386ed09b3add27b7c
a4c85b1228a6283cdd61697b663680d84992b02a2e780f85f327a40ecce66fb2
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5e3a0b72eb8a471a8159f1804a0e0fd3bf544d39d3b850fd26f62a02d3ec660
a65159fc8d84656cbe2780e94737d6c9fb7ec222eef688ba6d833465edf720ac
a7052f376d2b4dad4f61f95bf516f246d5a87d944bb13362c62627228f2cf7aa
a714b17007676992f0c571ceabb1d24a69479d7e0393ed5433459701909e4498
a810b4c2ffea1a40047523d8c834c0ae660274466020bd02a337bc53c692f411
a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1
ac4c2ad5fcf743b75a0521ac4247780fd2d4ff7b3a527bb3e95be65c89c15291
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
adae88d827fbee7c03860b03951195d9b70b0e1660f245b713c789929e2b3da9
ae7ba12f368e82e80bfc013f9c7b4b6c64a6a7ec1619d48befbe5320c33ae478
af82cd92cb1df231870f60b847a411fcc4adfffef67f01fff41885828edee2e3
afe86dc7b6b877e78e6a28769d2a463343d220cf1922c3a733a8bedd976895f2
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d60002ba985d5f46e19650ff1c5d4f0299f63349a0b7073b8cfb46bf417613
b394c28b11e5ba1d0e8071b5cbc27cb04bff215fc9e3c01b5301116712d47890
b9d2ed3088e00909d76fefe4d6c2b837c9a8223b4a5d3efc1697ab3ca1431774
baf3a6616c444a15a7dcb2484fd3a4721a22503fc210169ab2adc8d6165ed636
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
bf6edf2641b7ceef04b0d11554630bf01346d52bf9841f43b981601083d0f587
c06a0e413fe6a60629d8259dcc0cef98cfa1a472d87f699e9149c75aea8ed98e
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c40f6594140fa5808113398ff89301fa113bdfed185aece5957b4bd738620968
c42aee7b6ddf1715a763e71e50e4f6f79b5e99ab95a4020aacdb86903f9ffff6
c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461
c691572e19ed2e972be60459bb3c16e00eba1bd85ae4856804555f53973c0d45
c7587de90f8ba6bfbf27b176765f5d10d1fbbcb65b4753c355d952fd3b10e631
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca212a6d45038b16f7e2ee85414d0f67362985095eac9dc26a34e96d1ea529b5
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf52e2a9236efe7f7a8ec7d4fc0048c832141c7145d00edb38136252a77d1495
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
cfb8e4f1743b2af292f89bf8d74acd6cb223f344779ba19fbac80488dfa722fd
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d050c56b76cb2dae10e3eadd8e8f5e83594db0916d25946bec2f662f69dd776d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1a0f6dd33c99969ce16612f86dd92df45cd0f380e1442ff6087fd48a75c8784
d3ccac4328249ba0e1a58f052042ea978d98b9335a091a2b1130d6e3fd9221aa
d5e37e2358f8f294116ec3482d779662b1c9ee8d76fd554c4507c61b49025f27
d74871f1d66e7c0230449ab708d05f088e33d578275cfbc2e0d95529b689cfcd
d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8
dc6d4293174b6510494ffab7a4ea7f7bd209e33b449a557fa949625a400a8da0
ddfef1883718681942a3416dafc4bcf4f0e306d3b41e779b3912b6ddeaab4e94
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de63bf5ecaf8695bae42a604e9808a63c55b0d62bdb3b4462c1530950772fc27
e0018d3debe59f96c05dc04ae1fe54e88a54f36145c36194f544460bd1dc907f
e19ca0a7e27c2900aa7a2ce10c961d98599e542a44a82d8f90e93c5d8ebe4a79
e1c2ba085e19c1ac1ee71a5cab21e4c909676c822097bd7d7d02bed446e0273a
e24e46459c7d6e73401ab03d015d9819826b4d7e01d5dacb37c0264ebf8f069a
e360172b946b9dc3ddd890cea4e19f086f7b53e8b2a1f0ea3d8424c9e1b53998
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4469dd506952315dbcd398d2b630e2632aec6cfd4374de1aa48b4e6ddd7c0a9
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e64d5a72c7287c3d1112bcd246cf4f69c3be3f6eb5c6685b1cd63732e2acd38d
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e8290bcbfcb4d0d95b42539f3370a6f35922b4c0d425e0e345fd657276584f4a
e83728915097ca844c7ae675c20f8bb58799d20dd07292d813129f592984c1f0
e842512d81d3fe89c8c23d741d859e76e954c9b4eba6646ffe4860ec3133ee69
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e91c75e5bc4d41136139358f680cadb41cd8bacdafd607abff249e72bb9d7c0f
e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90
eb253ae288b6ced99c1996343154a62c9487bd3532bde5d1bbcacf7a12244fee
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec75971119338393914c15037706a684f44ce97105e89a57f521f47d33570b0c
eccfe2dacabb31d8c37f0ea1e035b217fe04d7d1c79367b674e7009dd0361863
ee87275e5e3f2a00a19c7849c5a6345b06315dee49212e9933ed4932ae4a281e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8
f0a83cece9c36a031be34bcc8f6261158319ab3974d37db801af7deadc133a57
f3ada978140a37cb15721509aab828a77aa974e69b66b1658c1f0056e7be5228
f4388cf4cf8abdc95f660f65d4faa298f644c7617663085396e6e7c4cd9deecb
f57eeeff70e24baf0bc00634fcf662f5bcd2e19a891b5226dcbda0084304411e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67a2f74d6947813ce0fb33b888e74591079ab75d95a7dd1b581f3b863e8465d
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f9445c0d46ad77cd39f68da39973510f68712a5b9e0c966735177e6464372a85
f95a1fda63dbf42a7e121cf09dc9efeffbd2a31958bcb3cbad4bc7562732ac48
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fcf326b98c14cca2229a115c83b81e573f1cb2d4411da5c18a2004cb08db39ad
fd593ea07b6941773988adeb86bad47a8b9b0c6e17913e44d0aa1fd6d7004683
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f
ffef2b07cab83ecd7a031073188b7077b15e1af20d085172ffb9f5685588ff9d

www.gaflaquiz.xyz Open in urlscan Pro 2a02:4780:24:9ad:b4:fee5:a15e:6e24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

583 Requests

92 %HTTPS

47 %IPv6

50 Domains

100 Subdomains

77 IPs

11 Countries

13339 kBTransfer

29424 kBSize

40 Cookies

24 Outgoing links

Page URL History

Redirected requests

583 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gaflaquiz.xyz Open in urlscan Pro
2a02:4780:24:9ad:b4:fee5:a15e:6e24 Public Scan

Screenshot
Live screenshot

Full Image

583
Requests

92 %
HTTPS

47 %
IPv6

50
Domains

100
Subdomains

77
IPs

11
Countries

13339 kB
Transfer

29424 kB
Size

40
Cookies

583 HTTP transactions
11 data transactions