URL: https://www.yyzzbaby.com/
Submission: On December 24 via api from DO — Scanned from DE

Summary

This website contacted 95 IPs in 12 countries across 65 domains to perform 490 HTTP transactions. The main IP is 2606:4700:20::681a:854, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.yyzzbaby.com. The Cisco Umbrella rank of the primary domain is 106041.
TLS certificate: Issued by GTS CA 1P5 on December 22nd 2022. Valid for: 3 months.
This is the only time www.yyzzbaby.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:20:... 13335 (CLOUDFLAR...)
2 151.101.129.55 54113 (FASTLY)
36 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2.18.233.180 16625 (AKAMAI-AS)
6 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 2a00:1450:400... 15169 (GOOGLE)
13 54.39.16.115 16276 (OVH)
15 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 8 185.89.210.244 29990 (ASN-APPNEX)
7 54.93.93.30 16509 (AMAZON-02)
3 52.59.97.181 16509 (AMAZON-02)
1 2.17.245.32 16625 (AKAMAI-AS)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 2a02:2638::24 44788 (ASN-CRITE...)
1 185.64.190.77 62713 (AS-PUBMATIC)
10 178.32.210.227 16276 (OVH)
5 54.229.195.56 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
15 15.235.114.204 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.66.97.88 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
2 54.73.211.146 16509 (AMAZON-02)
1 139.45.197.234 9002 (RETN-AS)
41 2a00:1450:400... 15169 (GOOGLE)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
18 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 185.170.63.50 27381 (CASALE-MEDIA)
1 141.95.33.111 16276 (OVH)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
3 178.250.2.146 44788 (ASN-CRITE...)
8 13.32.99.28 16509 (AMAZON-02)
15 13.248.245.213 16509 (AMAZON-02)
17 25 142.251.39.2 15169 (GOOGLE)
3 96.16.132.239 16625 (AKAMAI-AS)
4 37.157.6.233 198622 (ADFORM)
3 104.109.57.2 16625 (AKAMAI-AS)
57 205.185.216.10 20446 (STACKPATH...)
1 3 2a00:1450:400... 15169 (GOOGLE)
4 2.18.37.133 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.98.64.218 396982 (GOOGLE-CL...)
3 85.14.248.71 24961 (MYLOC-AS ...)
8 8 52.29.215.64 16509 (AMAZON-02)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
6 35.71.131.137 16509 (AMAZON-02)
1 2 172.64.154.237 13335 (CLOUDFLAR...)
1 13.41.244.204 16509 (AMAZON-02)
3 5 185.64.189.115 62713 (AS-PUBMATIC)
3 13.41.112.146 16509 (AMAZON-02)
6 184.30.20.47 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
2 7 185.80.39.216 27381 (CASALE-MEDIA)
2 4 52.46.130.91 16509 (AMAZON-02)
2 2 185.29.132.241 30419 (MEDIAMATH...)
2 2 52.29.214.155 16509 (AMAZON-02)
6 7 3.124.135.253 16509 (AMAZON-02)
1 3 34.91.62.186 396982 (GOOGLE-CL...)
1 172.64.151.162 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 35.186.253.211 15169 (GOOGLE)
4 4 3.126.56.137 16509 (AMAZON-02)
2 142.250.186.98 15169 (GOOGLE)
7 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.198 15169 (GOOGLE)
4 142.250.180.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.129.108 54113 (FASTLY)
2 23.37.42.132 16625 (AKAMAI-AS)
1 184.30.20.22 16625 (AKAMAI-AS)
1 98.98.134.242 21859 (ZEN-ECN)
2 2 3.121.53.43 16509 (AMAZON-02)
10 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 4 67.220.228.202 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
2 2 37.157.3.30 198622 (ADFORM)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 1 162.19.141.161 16276 (OVH)
4 4 69.173.144.165 26667 (RUBICONPR...)
2 4 69.173.144.139 26667 (RUBICONPR...)
1 2620:1ec:21::14 ()
490 95
Apex Domain
Subdomains
Transfer
79 googlesyndication.com
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
ade.googlesyndication.com — Cisco Umbrella Rank: 269
437 KB
69 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 801
cdn.flashtalking.com — Cisco Umbrella Rank: 1126
ad-events.flashtalking.com — Cisco Umbrella Rank: 2090
stat.flashtalking.com — Cisco Umbrella Rank: 2352
824 KB
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
pubads.g.doubleclick.net — Cisco Umbrella Rank: 404
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297
ad.doubleclick.net — Cisco Umbrella Rank: 161
372 KB
36 lrgarden.com
img.lrgarden.com
1 MB
34 vdo.ai
a.vdo.ai — Cisco Umbrella Rank: 21585
analytics.vdo.ai — Cisco Umbrella Rank: 20536
targeting.vdo.ai — Cisco Umbrella Rank: 23713
h5.vdo.ai — Cisco Umbrella Rank: 26002
4 MB
26 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 510
ib.3lift.com — Cisco Umbrella Rank: 1261
eb2.3lift.com — Cisco Umbrella Rank: 335
131 KB
22 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 481
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage2.pubmatic.com — Cisco Umbrella Rank: 641
image2.pubmatic.com — Cisco Umbrella Rank: 852
image4.pubmatic.com — Cisco Umbrella Rank: 824
simage4.pubmatic.com
43 KB
18 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
21 KB
11 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
eus.rubiconproject.com — Cisco Umbrella Rank: 529
token.rubiconproject.com — Cisco Umbrella Rank: 563
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
16 KB
11 yyzzbaby.com
www.yyzzbaby.com — Cisco Umbrella Rank: 106041
140 KB
10 casalemedia.com
a4338.casalemedia.com — Cisco Umbrella Rank: 315165
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
8 KB
10 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1528
3 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 713
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
dis.criteo.com — Cisco Umbrella Rank: 658
9 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 576
25 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
6 KB
8 vtracy.de
red.vtracy.de — Cisco Umbrella Rank: 76758
5 KB
7 gstatic.com
csi.gstatic.com
577 B
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
2 KB
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 374
122 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
327 KB
7 vidoomy.com
d.vidoomy.com — Cisco Umbrella Rank: 9018
a-prebid.vidoomy.com — Cisco Umbrella Rank: 12726
a.vidoomy.com — Cisco Umbrella Rank: 8039
2 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
3 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
2 KB
6 adform.net
cm.adform.net — Cisco Umbrella Rank: 1390
c1.adform.net — Cisco Umbrella Rank: 566
2 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 389
geo.moatads.com — Cisco Umbrella Rank: 674
px.moatads.com — Cisco Umbrella Rank: 442
110 KB
5 smaato.net
prebid.ad.smaato.net — Cisco Umbrella Rank: 5007
2 KB
5 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 405
fonts.googleapis.com — Cisco Umbrella Rank: 37
393 KB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2630
google-bidout-d.openx.net — Cisco Umbrella Rank: 2574
rtb.openx.net — Cisco Umbrella Rank: 1546
929 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26541
738 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
1 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1427
2 KB
3 exactag.com
m.exactag.com — Cisco Umbrella Rank: 10374
1 KB
3 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4006
2 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1230
bcp.crwdcntrl.net — Cisco Umbrella Rank: 881
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
10 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 73
s.youtube.com — Cisco Umbrella Rank: 925
63 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8549
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4459
560 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3857
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1844
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 639
952 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 688
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
1 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 958
id5-sync.com — Cisco Umbrella Rank: 413
17 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
41 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 267
62 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1148
contextual.media.net — Cisco Umbrella Rank: 540
9 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
3 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 9099
12 KB
2 anymind360.com
anymind360.com — Cisco Umbrella Rank: 25415
138 KB
1 linkedin.com
px.ads.linkedin.com
706 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 2152
337 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2401
382 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
191 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 213
2 KB
1 googlevideo.com
rr3---sn-5hne6nsr.googlevideo.com — Cisco Umbrella Rank: 63651
3 MB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1782
174 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
352 B
1 bedrapiona.com
bedrapiona.com — Cisco Umbrella Rank: 49071
439 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2467
2 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2875
8 KB
1 inklinkor.com
inklinkor.com — Cisco Umbrella Rank: 74936
25 KB
1 reypelis.tv
reypelis.tv
857 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1377
392 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
43 KB
490 65
Domain Requested by
57 cdn.flashtalking.com servedby.flashtalking.com
cdn.flashtalking.com
41 tpc.googlesyndication.com www.yyzzbaby.com
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
securepubads.g.doubleclick.net
36 img.lrgarden.com www.yyzzbaby.com
28 pagead2.googlesyndication.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
ib.3lift.com
tpc.googlesyndication.com
www.googletagservices.com
googleads.g.doubleclick.net
www.yyzzbaby.com
securepubads.g.doubleclick.net
25 cm.g.doubleclick.net 17 redirects ssum-sec.casalemedia.com
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
googleads.g.doubleclick.net
18 www.google-analytics.com a.vdo.ai
www.google-analytics.com
www.yyzzbaby.com
16 googleads.g.doubleclick.net 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
www.yyzzbaby.com
ib.3lift.com
15 eb2.3lift.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
ib.3lift.com
anymind360.com
15 h5.vdo.ai www.yyzzbaby.com
a.vdo.ai
15 securepubads.g.doubleclick.net a.vdo.ai
securepubads.g.doubleclick.net
www.yyzzbaby.com
13 analytics.vdo.ai a.vdo.ai
11 www.yyzzbaby.com www.yyzzbaby.com
10 prg.smartadserver.com anymind360.com
8 red.vtracy.de 8 redirects
8 ib.3lift.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
ib.3lift.com
8 ib.adnxs.com 4 redirects anymind360.com
googleads.g.doubleclick.net
acdn.adnxs.com
7 csi.gstatic.com imasdk.googleapis.com
7 x.bidswitch.net 6 redirects ssum-sec.casalemedia.com
7 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
7 cdn.ampproject.org securepubads.g.doubleclick.net
7 www.googletagservices.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 simage2.pubmatic.com ads.pubmatic.com
6 stat.flashtalking.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
6 match.adsrvr.org 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
ads.pubmatic.com
6 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 image6.pubmatic.com 3 redirects ads.pubmatic.com
5 prebid.ad.smaato.net anymind360.com
5 a.vdo.ai www.yyzzbaby.com
a.vdo.ai
4 pixel.rubiconproject.com 2 redirects
4 token.rubiconproject.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 ade.googlesyndication.com
4 ups.analytics.yahoo.com 4 redirects
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 cm.adform.net googleads.g.doubleclick.net
4 gum.criteo.com 2 redirects static.criteo.net
4 d.vidoomy.com anymind360.com
4 imasdk.googleapis.com a.vdo.ai
imasdk.googleapis.com
www.yyzzbaby.com
4 ads.pubmatic.com anymind360.com
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
ads.pubmatic.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
www.yyzzbaby.com
3 um.simpli.fi 1 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
3 ad-events.flashtalking.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
3 px.moatads.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
3 dsp.adfarm1.adition.com 3 redirects
3 m.exactag.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
3 www.google.com 1 redirects www.yyzzbaby.com
tpc.googlesyndication.com
3 servedby.flashtalking.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
3 ad.yieldlab.net googleads.g.doubleclick.net
3 mug.criteo.com www.yyzzbaby.com
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
3 tlx.3lift.com anymind360.com
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 a-prebid.vidoomy.com
2 eus.rubiconproject.com anymind360.com
eus.rubiconproject.com
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 sync.mathtag.com 2 redirects
2 ssum-sec.casalemedia.com 1 redirects 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
2 oajs.openx.net 1 redirects www.yyzzbaby.com
2 static.criteo.net securepubads.g.doubleclick.net
anymind360.com
2 s0.2mdn.net imasdk.googleapis.com
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
2 www.youtube.com a.vdo.ai
www.youtube.com
2 cdn.jsdelivr.net anymind360.com
securepubads.g.doubleclick.net
2 hm.baidu.com www.yyzzbaby.com
2 anymind360.com www.yyzzbaby.com
anymind360.com
1 simage4.pubmatic.com ads.pubmatic.com
1 px.ads.linkedin.com
1 ws.rqtrk.eu 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 a.vidoomy.com
1 pixel-sync.sitescout.com
1 contextual.media.net anymind360.com
1 acdn.adnxs.com anymind360.com
1 s.youtube.com
1 ad.doubleclick.net
1 yt3.ggpht.com www.yyzzbaby.com
1 rr3---sn-5hne6nsr.googlevideo.com www.yyzzbaby.com
1 rtb.openx.net 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
1 tr.blismedia.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
1 s.tribalfusion.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 js-sec.indexww.com ssum-sec.casalemedia.com
1 geo.moatads.com z.moatads.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 fonts.googleapis.com tpc.googlesyndication.com
1 z.moatads.com ib.3lift.com
1 id5-sync.com cdn.id5-sync.com
1 a4338.casalemedia.com 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
1 bedrapiona.com inklinkor.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 inklinkor.com reypelis.tv
1 reypelis.tv a.vdo.ai
1 fastlane.rubiconproject.com anymind360.com
1 hbopenbid.pubmatic.com anymind360.com
1 bidder.criteo.com anymind360.com
1 prebid.media.net anymind360.com
1 a.teads.tv anymind360.com
1 targeting.vdo.ai a.vdo.ai
1 www.googletagmanager.com a.vdo.ai
490 114

This site contains links to these domains. Also see Links.

Domain
vdo.ai
www.facebook.com
twitter.com
pinterest.com
Subject Issuer Validity Valid
*.yyzzbaby.com
GTS CA 1P5
2022-12-22 -
2023-03-22
3 months crt.sh
anymind360.com
R3
2022-10-30 -
2023-01-28
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-16 -
2023-05-16
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2022-07-05 -
2023-08-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.vdo.ai
Go Daddy Secure Certificate Authority - G2
2022-08-19 -
2023-09-20
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-01 -
2023-10-02
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
teads.tv
R3
2022-10-27 -
2023-01-25
3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
smaato.net
Sectigo ECC Domain Validation Secure Server CA
2022-09-19 -
2023-09-19
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.google.de
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.reypelis.tv
E1
2022-12-23 -
2023-03-23
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2022-12-02 -
2023-03-02
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-11-08 -
2023-02-04
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
cdn.prod.uidapi.com
R3
2022-11-29 -
2023-02-27
3 months crt.sh
bedrapiona.com
R3
2022-12-13 -
2023-03-13
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-01-15 -
2023-01-13
a year crt.sh
*.id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-11 -
2023-11-12
a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-27 -
2023-02-25
a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-18
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA
2022-08-19 -
2023-09-15
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-05
a year crt.sh
ad-events.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-03 -
2023-08-31
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2022-12-14 -
2023-03-14
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2022-12-13 -
2023-02-21
2 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-11-28 -
2023-02-20
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-15 -
2023-01-15
a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon
2022-07-20 -
2023-07-19
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh

This page contains 49 frames:

Primary Page: https://www.yyzzbaby.com/
Frame ID: 0BE84AA3AF3D8E270E3A134C5ED137DE
Requests: 174 HTTP requests in this frame

Frame: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3EC8FFB06B30098FA78951B6ED285760
Requests: 1 HTTP requests in this frame

Frame: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A19219A3A29B5B12310B870177A68091
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 30FA4989CE52F854035AC9636B27250F
Requests: 24 HTTP requests in this frame

Frame: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4ABF8D82D604740A8AE2CC2662459154
Requests: 18 HTTP requests in this frame

Frame: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1E0B32FC2250D19B86943A090384888F
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Frame ID: 3FEE612A38AF9F40565A44CB091B2B05
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.yyzzbaby.com
Frame ID: 4C40F1DF054632A96816EB6B9ED40185
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNWfi4IKCxK1YKT0Ud31dxjMved-EuXNNbb-4oO63TAa7K8xIcfVLr_yWFAVDZ1h-WFpBtsCfepdjuA_QT94TEiCSSl_AeHh5BGfj4Po-6hM9KEMWv_HiV6tFIgn89QXILkj6CvKZwlzifCohXYWuu22cwcFDkxDTFIgeoXc_AACoiCGlx--8ylBzita7N8r58m_UVfk
Frame ID: C971C72540D041F538BC43C86037989B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNW6geXJXGwwisV4oLqQkyMzqe4vE7E__FOQELdXbsH402rBgE5S6e8EZ-aL9-9siPCdimlpSbt307oci4vMBSWjt_HHhEvtZPvG5WGcHSL5awtggqhA6kd4da91SippL_TsnJka0XdDoS5bQBWeP06wTgHRw0XsIAFf0w7Ww2dmFF-uPOs
Frame ID: F251A3CC845305197CB1223C7FE0EEB0
Requests: 3 HTTP requests in this frame

Frame: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 41892983F0860E999CC37C6A73325E7B
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D168926517F65771B1FE51D4AC171687
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 46817526546325A7A01F64FA325645D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNUXUgpWdAY5nJ2OyJ_oCNnq5wmY2exGQ1W1e_Hz225RP6yUW6-MEaMv-0q6vTTK7ATMxb4-jvxr0Ce-TICYa8iatazLqWXqc3i6JP9bTN2cs7v_M50n4DrJDeOqFHFoqLBCx_aIOayqh9aRldwBB-PRS8uZOOlYmf3LE9sbdIHxkjbnveg
Frame ID: 16B94D0EC7F288A5D7361237A3C6CBED
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6ZLEkDsC5uHMamJgyN-8ZQgB6hUI0NvcEFk1swd3e9AIYZn_VX_JC5QTL52u7w2hvfSLgXu_AxA0b3-kpgMOKc9zyZZH0jtCWI84-2iMsfdzJzBfGDX0aog0_GU94VOMjptPFwDBHr98sQ7we1vpNP9N5nqTXwmvtcSIRqgKt7Ea2Dak&cry=1&dbm_d=AKAmf-Bz35HnbD6COWeFMquv3p7CRy0nnona1xopPnOD1P45E81r7YxZ3puTK0QLhgJ26K_8udukYExAK3rzLk-vJCYed4ir3lSzPRFiygTNDUwUwTEjln8Y_U4bGlFB-dV6moKnebicRN9r9h38GuS17jI8mm04CV4VZ1rsin6pq6uNNww5fzkNWK9d06CgpcTGRaUBOQkY5oiaMMwxOlzBMnw88znnmCt-pVs6u-btbZBgCHEqRXB-C7FktyllwGTBZ19iQX3F7z_-F9k74WF1UeIFEdNOACy6AgXSZw_spioZm2zux1L8m-Kp0coawalBiYPwtEuaEVvWenmLlkHR41fYKLWGew6pI8j96VhzDxkQQt-KDajYuxAiaEIDiWSCOd3r0frZjtvzIxg7Ca54Bc_9gU8sYzWyfNAVds3oRrqiZjWkQ6aY3L-aG7XYCAAUl6mjMz9-QF1pnvRY0H6nFn5LH7lJ3AOLSiZ133nTLSwrwCi-CH-T90KG3-U8Feqt-nr61ALQvmZri9UocLCnWCZiNHmvxE7WaXeq6DpiZhJDFKEfMoVcdhN0UXc1h9c3ZST240EN7LZOtGntk1dQN5EXFYuJANwa1G8VuPG8HvRpHS6Aoi-4KD8OaSd_KzqlZF8kvMNs2COwl9kb0bJSv7PMlJ0osz9y27VBwgryItdwAZ2ZpyrtvR783ilapr8oXHrPjlcgspO2r4skCzZ1pmCkiLAzx2eAqM-69LPxYhAP5nHhk27F2c_EbSzBjW-G1RnYriIJ-CHKnzzuMpBO21sqcnszcv1urW8DypX2xkuzdmDkcs3S_Czc9Yrg8LH_RnwpUxlo1AW8beFwcsdkS7L5eRcJwOMi29S51D_WdrcOc5ujaHb8smrJorrPORa9AspDUePB7DXO0j5HlEzfrIMAi-bHXVeT7-leKgo8oGiiTtHsPY36RCJppgUYRkKb1zp_zSIkwx75z_BIGGK1KeHdtam6sQjuYFwb_8ZmX98piUzBxasuiyWno0deCAz8DV8CgfdiQc3g5e-BDC5S_Djj1cBm53Zeofip_g0aJ-FQleC0xWMJmUEcaUY6hAXsnIZZOzXUc67dhwbVoGF6j8tePGUz48X9bupNPIbegOEOSJaEkbpstbAhENz2mVPg4Kbd9PxZD6tWH8sujjKHee0fYPAuQILRqjPfbF9Re_ItYfj_j7AKVWAiYjwQ51xnKodinvolt3Elr5pLfOS51P0SnAl-IYzxsXREJzMDMvT2B24zw2HPObyJzGjkk8bhSsOeCn20pZGXomV4J4t2ErKXC9TBIwp7aoCUtutaLrJqT7kdlQ1EMDy42w0HBNRfikfFqfHAeMUosMSVxZ6byHPz2VReMCCqsQCUOcANtbLBFiA9ZrfCQWusSS6dJzGfwPhoUmHqYDD35Y7IzH-1HjAZZViQ5w2xJ-HABsyUWAeKUqABBchzC_DM2Y6SUcNjrILuPEM9wJ40Updu0N-Z37lL2Y1TMVxPs9sX36s6-ENccs6rT8YKX9aq8P-mMLj7DOMPQ6GRAHCCMnVVafTFOQnQNKswfXZqQTlZxlMS9LnpdtyzCCd4rTXyixAoI3P28CHOf5NBN9f2YlcrlSxqgjNlHo5sRltMIA2QzJfGFmddxTBuTHp6sr7TtqZOIyU0XQiWQADtfPjNASGSlqbOulIyX-fb9NuOPNigiBRSOWVSt_WWfE4x7vrUuJdu5OIq6DmGxoSz6bblhgMq-tWtJ9p9uRZ8iTAgl02eg8xxxJ4vliXxjLA8ktjbUhWFmL1lkVC39zEEzXHlnWddFLX419pouDOlcGQGlBWU_AMmoOVPnXM4zJW3A-wxeytkgqMgNlqeHdnG5TwR4-BgOi1YmMC7dYYsJFFTuetNSIUzJFio2sfZweUldm9y2BlkTA1JYRJ2BSmteJ9BBe3TNsl-JZMQ7ttcy5HuC1IjudWDQo5dGz1zuTh10NSEDJWVv74ZT1tHx3LkU2wQL7uwGaUVyioXzuCVf_X5v2tivBMGMegYOE6nwBPemOm_cOIRBBe03HuyfebQTgPuC5R02CdyGFie7wp3_49rk8WFwIBEtGi-upRZXLZr2qAwkicPEvPi0RCCl4l5OONXQA3k3zcT75NU-YAT-_ScpVuWCmnjsTngu0Q1CQFGIEf9JYYY7jY4yVbIwAB7d6DSO6uU1dG7d9VUScTccdH5BBDR7hiwvy8szNaywZMMEonuNLmcUCnslroT1iNDkGw6EsM92XP9F5C4rDTCdTKgmADyxUZj4xInGO1oVmusaui4HaEjtiei1q50TwlUaVKOQ_pSjRMlJLKW4TR8Q91a2ciDDTiBTIK0aTzPral9ZqQGZFmmvYv0gj-d6Y5QeNlxNljRqhUUsit9DFozK22bbwq1kegPCEHM_yhr5ao75OIi0Jfbe3pONo12GC2a5naynUPiulLVBevoenDX1kGLgUIC3A93ch7AdJAW6YcyKTgln5rClpFzgYV0a7Z7Ll2dgeLQ4ZhDHXflyBiLyjiHOrK39hrec9SwNaMNhKTWKNz5QXJDlfbYx6V69WM1Wd7drQr1MfR1lXAbkiszv5aTY6urPuRJrLeoXIaEnTkwlN_MnZUvEJllcfVC6Wnf89__bbpBVnoObzhuIjaj_sXQ0kdlt9WzsT2YQ_3qudSRz9p8FK1LxOU_6Z7JepkZBlkGWKi_B_3OSw2eI6AGdx92Teg5YMPQ3CcZL1vhkC5i8TQystDU3jOPrZ_WkCtP_6AjJut0xUaeXDAN_WMIIxkF5hmhAHbedEdBIpsqEXRpypKmLkja2699Ge4op2k2uxffNyKxIbnqvzRjEZ1DlOwHIFy7RNIRGMlI4G9hjTT6AIUMl1iLEZkxmj0hMUL2CMdYUSO76kjhpxLWePITHcn0jODgVgSKgx42lvRhnqWkKewai8h_zvsf2rTeLowuOfKPsmfoPC7NsvyIsngSYPrAw4DnTQxMkgnNgpMEOjYaiLf_88_VBmYU0hOdbZ_x6jfpeBQU9xVX9vjZktvBR1U1DgeVvbNQwmIQRR3G5_-7LfCtjRfgLjJ7NboLR2CoubrU9x1c8N3iN9xGT9juwIM-URC7ktqywuqcFQZIyYhk5F-i7w6t89QiU8PXJ8dGH38f_kBCdPivfBzYM-iAgLlneY3vz7wZ_Wofmrq3cBpn0JKLDH_YAdHLgWZ8aob11DlQg73uN24Edu1dPm3TqyOFsDiE8bjPkqB_-hWtNDg4n51FXt1dQYv6YOfOmnt4aBjXDb1n9H5yyLNDmtEHBXd-txT_QfZGgA23ywgODoyIqExkU4EXiNfvbMRQqSfRuSBppsj-z403X_JshnQ1IWASw6ZJt7Nf_AvehKBUxzGletejDu3pDY-z-zprw2kxTfgrGW55rpGvmcXxsAyoVZXYOQp5Nrlyzl44tZOsH3D27rXMPwmQpI84DDTiJIK3SssZzV7l2hwn9qa8cNKI80XN2l66cIS_VDzdXBZRuMRRid14K3E4MerE-etu6zB_0_zNHtn_nTqmzk0kNFRcB4LL6Q6RfTx0OpDPjUyzYZtiB9XZ1E14u8tF3biWxIMA&pr=96:0.07&cid=CAQSGwDq26N9DAWeBsibWYRpyS54r2mJwXti1_AzmRgBIAo&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Frame ID: D590FEF47E4A890927BB3E8BDED2A01F
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F11B1636BAC1765FFCD3B3CAA3CC8966
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F16F50A72972F37CAB1DF138E0DAE95A
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: DF6F2050BAD6906466EFB995BF045418
Requests: 1 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/170119/4082875/main.html
Frame ID: C53DFCCFC4D8CB0A7344A94124B22004
Requests: 17 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/170119/4082875/main.html
Frame ID: 6AC349502A0A92E2EC458112F0EA728F
Requests: 17 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Frame ID: 6813F90FDB1D4FBE57A58BE858059E45
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BF6DFA118AED5B629A73839C86B0C8BD
Requests: 2 HTTP requests in this frame

Frame: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7939E55E748DE848F16FD03AD981A0FA
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: FA87E8A348468E0C5E93FD416DE0F1E1
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8328A1017C4DDAB1C7BDB90F56B72BB0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F4A5894B55C7442FF124C469D572256
Requests: 9 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/170119/4082875/main.html
Frame ID: E9C2B69E9C0BB37C8B78A37C6C401C72
Requests: 17 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6E8B9F069EF2C17B07DA51EA995FC91E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCENfq76UCGOitjMkBMAE&v=APEucNUEROQUdfZSN0VLUz8Z2hkld0Oix6hfUSAvWZSNHW1yEEGgXZiQjAgt2-PitmdXebpm6RC7JlwP0NqEuQNnutsFnmKNutPTkgYzLYhENuwl2grgOFyN42U0zJafIvYPxn-Kprzm3vIfWkba4hRc5nRSzZWSCcfcDJoIj5hRpkA6KG-90gE
Frame ID: B616F734BA7ED6ADF1C0A11EF3917958
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASBSsVeo9S0OUJc7C0HcXrvz0YiBhlPsQTbRPQy088VIBJtrK-cJg6DrQmhnZUp8dW70oUPNb8ekSd8QWsTvTcxj_-OHkT012mV7bke_DpajXUAuWTiwSD78Ku7pv7hsELlgaKyHx9IZJDcMsrwt9q3M8AfaQrc94DIo5EYrTQPIpe3Do&cry=1&dbm_d=AKAmf-Df4Nv-t3-9brDwd-_O6fK08Z8lNjFal4ruvg4nysjWPEOLBsxz8l9kmCkJdjhyMUW4j0B_ep30xb030qClCKPI3rnbnNQ4wwVr9MPaFm2g_rPSQhwFbq1RuDRJDKg_2G56sxg8HZZu1TDYbKj2Jz_2KBbKvj8muEWFOm8dswjOKj9qpI44Npom7HamOX1LjSEflrb_vvvYDtMO7qG8Qw716_T6PgvwC2N-R8WeHb6R9D_8yb9LuPji18xjvmIJRACmRZ5Zf1DMBmFyvrOoG2_xuW2vKFD47ui9yGgShs1Uw5ulTQusAeXHMd9J4M5TAQ5DrXdpl6GHTeRHVY0KL9U7MgEowmUSEfr9xYUVDkueOI6C2drm8o84rExoIZQrz3G_XzTuRAipiHiN6Yj1yCsVVW1ESbO-Vubd3uDl_nFjtC8yiYdBZ1oFTokKNlfcOzCfh0n3g3kh6yVo1y7eLGhhKPbRDqRkGgH8COfPqsSojUgAL62gLMC59Li1faft4sIdDZdzzOShvqzUmszgo5uW2Bf6kfWhYAW3JZwPBlPQdIKtEzmNG9BYlpcUd-3R52SdvLno4WeE307j2pn3RMB1rJl8enYhJLmI34Pvk61YbXjYLmbRM5JXgFGZLnAD6WX8aMtpd14CTUOZXFvmkKmDqr8pbX3juVGft4rHKNsXjpBaT3YKaq4KvXPxi-Q1T-lotJHNdcnYRBaqDGBMbCu_U795N__VC0RMAxpjWt0fNTAxKBGmOQhwL1l6zCluQhvYenmN17b332__D9iGK5IX51aOddIBFDROvqcV7Y4XpAAtNNtMFm5ITKr5o0FnL82zUjLUWEdI8sab26Z-ODUSL-AzlnzDto9fam5Go_9zAG_bPYFiGWp4GmYhLRVE4kRHYiwr5F6cEy7YEwgAJpRR-A_ttI0yc3-W1ACpdgS9ec943shp8k8Ksf_2j4-mQMMfOgB2sRk_8DNSll46K5BuB2e70T3wITwty3hk-OeBobWUzraGXkiapUj__qTOSmQP6jU-tVWvvXEL1NVMzioqZU6kbttuREfNaD1bcF4cFpHgbiZGctqbz35g4JB-_zwkfGeU7MfjDeftL-Zpb8pPFcEjr0wZcwnaxfqEBbs7GjVPrgvUJ6w7JFfSEpeD2EWQdZPrdTude8SJARCsvotjIzRUaCvYhe2q0eXDCbjAj2yelxcGcfFxdsLlvfYsfZbfYEFdxZrAG3ocBlcVZ5EvBnh6dFWifkyZfN6tfErUtzX_Ks9kmE1ZqfJ-3AVqNbN6YT1CedhGhBJ0b1cCmbXrc-Qsw701Xud2ayxpWrNLA_mYXN_AAYFG64rPgViwr7CHldJEtF9tXhZa6GSMAmFewepDD9nNCrDEsByYy1uh-67hcO78QSyG7kf163V8QYvPldhZDLCbKwR7bbOoHhsNz73_ytdd04OoeykEZ_HVHWo5chuA0HHVG-uhTupmuHorvxlHM3kplgEmf46-5GBFhmy8gB9U-ncLNVQDCLVBvoj1hlk8nPj9XCxjfZDKKpt2GtFSGC30L9tSrbJq0nFQG4mkUNeNeSqs6WbJJhq5RTk32ru7khW4qXRIubc3HMgekk8lvJgYqdrVYTmOvS6FmWrNX76BeXNeGCrDQxLfH7e5WAxx-JkfhOE2oO-ILw0fv_kzCIHg4nSoeMT-IbO8pTLJ4RcHRcJTJp4PZl8uhGWzPzR8hie0oOfGJAVtqIZZt9MGBByGpLK98qdhtWpXyqAWRd69X6U_5Rtx1szGcHXkr9Zx2CpR2gLL6Op6UGojfLqDXjk77VatwSpd6Qd99Zb8ccdbORoU65A50-0qRP0zmBu1k-KqTYbBrfUdkVrkNvWKerMxl6LqIkga1DgytKVqqclVS8g4m-BvlQfv3oRqqz59cK_GjidysENjICakVXC5QI6owx4AV3s1L71MhRnaunH5bK2FU5UxaQVAL5RF_DdXqTXhEM8bTkiapxXoYMl_wbHB3Kw28SOdmx654ioyEbUzAe5Nip9I1H5ufvxiZFu4c0wNg0AgJUTsspWNsaJY7wwBLZQyC1sH2VVde6ReN7nDS8fLu5kq-NGiDdstODHQA1WC7-UVjA14Ry157f-sHTTKczWVj2QVx00S3wRpo9Ga1O50vjtUGik2hpqLLlm7ot7w0-pa-R8BaCuQ5TfsIr72U8NzTbfPKRi6Z4Bo6NOG3uM1_m6kF97X_JGE5FaTVWyNp4wE-eCMuIOMo6mSEcrKNENIpifhBV5bOQ23cVX-16R7ByGvmNAFg9CdBWYyhOAQtey8BOGfs2pJh4EB5WLlpBGJgQn-c_Aql6PEJEdFe8MuQ1irIX2xtizfsRFhLZVWWRSALqxEzu8zxFqkUTX047W8Jnz97OPSiNgFy4jcWX5Unv8YAfdwOwPDbpLF9Z19f48JCrsXu1TCwa-rASfEdeUWC5AqJH0e-7pkfgRwrn-SESKQI_fiKfgTUK2RtxUWGw31wnjeSwUxUH9jW-g5vExwH0TTriUVqJ2gWyPKRYpXquSLZOxZJQWQrD4L8IUDGOIXok6IwP53u1_G4SyDdNZhC_UOo0Riagke-wSdLDT2EtBRYHRLIuoD7ABPWXIGkLlZoiHWZxycHKxOz42ssQUsVzlfJqkLcV1FXdGyI_16nIXxctGdMrQXQnprIkD-X8RUoObJUtKnsYtBhgCYHGigvuqB9aFyqByxeES0hqJRKnDJC2_P50_c-HMilcM7MeGIlN103-O_Jx1Mo9a_gS_7j7MHb_WeRuTU_kURklthHvo4h0NLY94adX_jPmGKutvZRbWcl6iYcUDGPEiTo7Ke_2U3BaJIDoIM7wftVk7GkXKfJSmLqbIb1xbU1pMviwRBlf1dQN49RkQr1OsgxD9OtGpLJf3BIe8hxu3y38IpQhGXumgT9WHf5ym0XjeWonqyrG2H-WeD6ZQYbpfPCNeBuRNkaonxyskJISpNU-ukAYcHZE9wgBX9YLJnapwv6XGsK-1zcNf8MdjL3LISZLwqj7WYjIugBzYaLxR3CM0XjI0-coHYrMGGmDXC1RbHipKB2apOTwDb7T-fHuSgk2lrAKye4z6KJ0v4Cuii5L4pQXNOqh1tDNq75_AjIhqV90qfPI_Ze12qe3eA1w3gEOEG-iFLRYCgCz_iB6GKJEcVLSXJVShhP7dZFaco8vSb1pVgrPAneeRYYUFod2s_FHnoj3cWAkUOrfLzVkYqC3-y8zEnLqIJzs09GRUR7nM-rspTxgaEw7dkOfURsMym90wt6vRKKl20OHGDOSdj2DKNtOkENclmsfYqzHeSCsTH2SgqBvDRHtPRe4aOrHRWthX2FT9mWM8uQR0crUnKf-0dOVr-2y9YAQh8B5gYc2DqBCJdbRK0vqAMPW5pDp929hhcFy9GGvSymwIKAP28ppuMhGrL2irkC6NewiOEZ22swygnw7ttEIFKxQ_G&pr=96:0.049&cid=CAQSGwDq26N9IcOpei8rPIuEIdDTMTKsU9TEpYz01BgBIAo&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dadasia_allpublishers_display%26aid%3D3704257862038289135010%26rev%3D2369ca4%26pr%3DY6brngAFYaUK4DEWAAKHTilMVqwrjNgngttkrQ%26bc%3D0.049%26bmid%3D5989%26biid%3D6021%26sid%3D106025%26brid%3D498733%26adid%3D421730024%26crid%3D25975648%26ts%3D1671883678%26bcud%3D49%26ss%3D5%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D89170%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Frame ID: 38F83E2228267188177C6B4A671F3222
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 565F0D5F7E68DAFF82ED8188C7BFA6B4
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=70415
Frame ID: C319BB6812246FDE61EC0E7F0C3925F6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/simid/simid_trueview_en.html
Frame ID: AFB006F16AF8A20F3CDB04B8D673DE28
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=71599
Frame ID: 81E23BEE629767921DE3AAAFDD849305
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 70F8F8B73B56FB5138D190FFDE3A615C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2F1FC069860FE346CE15E7726924880
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5009B0DEB081D05983BFFF99A9DE3535
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: 660D14774367B7CBBCA2362B06762852
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FDB2B49F1BEF89E7E9A7193FADD77525
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EF1175AD13C49746805B825C8E44D9F6
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C208%2C2055%2C3020%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C182%2C141%2C222%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 32F00692097019A0E88585B656AAB188
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 5F4F0223CE6B4FF2C49B0DFDC9D1DED1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:989163a6-eba0-4900-882f-4601cb76453c&gdpr=0&gdpr_consent=
Frame ID: 1294083428993AA91A6AB0BE5FCEFEB2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=615023845212102004
Frame ID: 0080EDA04D356A06CB4C719854E00702
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7EACE247EF4B9737F4FEDD0BCFCD4263
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F767B67-5106-4654-8F5F-8F36A0E45D18&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 2933A2B5DF8820039AC4564CA35EC393
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3947707574299169722&gdpr=0&gdpr_consent=
Frame ID: 7985879C8C821AA33181E7E57C179379
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Z_XX4DSkj7B89IfkZKSbsmOghuR884fmaP57Jztf
Frame ID: 404689F8A955E94468F4F024ACF3C73C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180685719748933776&gdpr=0&gdpr_consent=
Frame ID: 4BF3C8D4F7D12B0C85609369247E88A4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

YYZZ Baby

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

490
Requests

90 %
HTTPS

36 %
IPv6

65
Domains

114
Subdomains

95
IPs

12
Countries

11687 kB
Transfer

18108 kB
Size

80
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 163
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.yyzzbaby.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.yyzzbaby.com%2F&rid=esp&cc=1
Request Chain 164
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yyzzbaby.com&sn=ChromeSyncframe&so=0&topUrl=www.yyzzbaby.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=xH0hJ3x0M1dGekF6SVdrQ0FZWWg0OWJpenk1MDFGQzh3b1NCemVzeDZ4Q1FDOTVzRm9ITTZPbDFOTGNtRk9sSHpFbDNTZlZDa2pORGRXeld4WTlBaEhuNkpaTDM5eFQ1c2U0OW9oRTFGWEszaUVMZzBZQnBkRFFTRmdqWVU2aERxVzFyTW5idmQ4Y1NPbEkrS24wT1VBN3BNSEx5eVR6YWw0TkQ3dTZxWExwU3MvZ3dFUkIxWlExNkN4NU4rVEN0aCtKS3ljU3FzTVk1eUR0S2NnVjQzSFA0TFAwc2JFMUZadDVyd3FKSnYxWnpQZ29LeTA5cERNMnAyV2xCRXowQWpLZ2NPZTM1ODVwY1dwSGRPU0N1OGNRdXMyZz09fA&cppv=2
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENNE5AvKIBysh8sBz1l4kpQ&google_cver=1
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESECMTGvQvtK2WEfoN86oVxMI&google_cver=1&adform_v=1
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEBF3mM1ujAfDxbDSLZ1uVRM&google_cver=1
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMid7a0TfhBosrJBS8-D8B0&google_cver=1&adform_v=1
Request Chain 195
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 223
  • https://red.vtracy.de/img.tr?tr_adid=k195196_s15874_p6882479_c4082875&tr_div=ftdiv6882479&tr_sync=true&tr_mid=5471457E13125D&gdpr_consent=&gdpr=&tr_uid1=FT&&t=878005206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-25bc84e2-726b-4108-98f2-63755cb83e60&adid=k195196_s15874_p6882479_c4082875&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1671883678581&tamgdpr=&tamgdpr_consent=&request_uid=Y6brngYv7y4zRL23E44s5AAAAIA HTTP 302
  • https://red.vtracy.de/tr_cm?v3=vi-25bc84e2-726b-4108-98f2-63755cb83e60&adid=k195196_s15874_p6882479_c4082875&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1671883678581&tamgdpr=&tamgdpr_consent=&request_uid=Y6brngYv7y4zRL23E44s5AAAAIA&google_gid=CAESEJSfxJ5PrLvpvNCiQjAKx68&google_cver=1 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fred.vtracy.de%2Ftr_aa%3Fv3%3Dvi-25bc84e2-726b-4108-98f2-63755cb83e60%26adid%3Dk195196_s15874_p6882479_c4082875%26userId%3D%25%25COOKIE%25%25%26tr_timestamp%3D1671883678809%26tr_run%3Dfalse%26tr_ttd%3Dtrue%26tamgdpr%3D%26tamgdpr_consent%3D%26request_uid%3DY6brngYv7y4zRL23E44s5AAAAIA HTTP 302
  • https://red.vtracy.de/tr_aa?v3=vi-25bc84e2-726b-4108-98f2-63755cb83e60&adid=k195196_s15874_p6882479_c4082875&userId=7180685719748933776&tr_timestamp=1671883678809&tr_run=false&tr_ttd=true&tamgdpr=&tamgdpr_consent=&request_uid=Y6brngYv7y4zRL23E44s5AAAAIA HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25bc84e2-726b-4108-98f2-63755cb83e60&gdpr=&gdpr_consent=&request_uid=Y6brngYv7y4zRL23E44s5AAAAIA
Request Chain 227
  • https://red.vtracy.de/img.tr?tr_adid=k195196_s15874_p6882479_c4082875&tr_div=ftdiv6882479&tr_sync=true&tr_mid=54719E56D09C10&gdpr_consent=&gdpr=&tr_uid1=FT&&t=270578767 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-91ae40c2-72ce-4a83-9346-af7741764818&adid=k195196_s15874_p6882479_c4082875&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1671883678580&tamgdpr=&tamgdpr_consent=&request_uid=Y6brnn3qUHDHmqeNYlWn1wAAAAc HTTP 302
  • https://red.vtracy.de/tr_cm?v3=vi-91ae40c2-72ce-4a83-9346-af7741764818&adid=k195196_s15874_p6882479_c4082875&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1671883678580&tamgdpr=&tamgdpr_consent=&request_uid=Y6brnn3qUHDHmqeNYlWn1wAAAAc&google_gid=CAESEJSfxJ5PrLvpvNCiQjAKx68&google_cver=1 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fred.vtracy.de%2Ftr_aa%3Fv3%3Dvi-91ae40c2-72ce-4a83-9346-af7741764818%26adid%3Dk195196_s15874_p6882479_c4082875%26userId%3D%25%25COOKIE%25%25%26tr_timestamp%3D1671883678809%26tr_run%3Dfalse%26tr_ttd%3Dtrue%26tamgdpr%3D%26tamgdpr_consent%3D%26request_uid%3DY6brnn3qUHDHmqeNYlWn1wAAAAc HTTP 302
  • https://red.vtracy.de/tr_aa?v3=vi-91ae40c2-72ce-4a83-9346-af7741764818&adid=k195196_s15874_p6882479_c4082875&userId=7180685719751489690&tr_timestamp=1671883678809&tr_run=false&tr_ttd=true&tamgdpr=&tamgdpr_consent=&request_uid=Y6brnn3qUHDHmqeNYlWn1wAAAAc HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-91ae40c2-72ce-4a83-9346-af7741764818&gdpr=&gdpr_consent=&request_uid=Y6brnn3qUHDHmqeNYlWn1wAAAAc
Request Chain 228
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEBF3mM1ujAfDxbDSLZ1uVRM&google_cver=1
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMid7a0TfhBosrJBS8-D8B0&google_cver=1&adform_v=1
Request Chain 275
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6brngDy3T.SrBxh72BEjQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1&google_hm=2
Request Chain 277
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y6brngDy3T-SrBxh72BEjQAAFA0AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y6brngDy3T-SrBxh72BEjQAAFA0AAAAB&dcc=t
Request Chain 278
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=989163a6-eba0-4900-882f-4601cb76453c&gdpr=1&gdpr_consent=
Request Chain 279
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jOCuwdkt1P93jM5&gdpr=1
Request Chain 281
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 326
  • https://red.vtracy.de/img.tr?tr_adid=k195196_s15874_p6882479_c4082875&tr_div=ftdiv6882479&tr_sync=true&tr_mid=5471A0FFDE97AD&gdpr_consent=&gdpr=&tr_uid1=FT&&t=210139801 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-25bc84e2-726b-4108-98f2-63755cb83e60&adid=k195196_s15874_p6882479_c4082875&tr_aa=false&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1671883678960&tamgdpr=&tamgdpr_consent=&request_uid=Y6brnsS-PvxS91DEnXqFUQAAAIY HTTP 302
  • https://red.vtracy.de/tr_cm?v3=vi-25bc84e2-726b-4108-98f2-63755cb83e60&adid=k195196_s15874_p6882479_c4082875&tr_aa=false&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1671883678960&tamgdpr=&tamgdpr_consent=&request_uid=Y6brnsS-PvxS91DEnXqFUQAAAIY&google_gid=CAESEJSfxJ5PrLvpvNCiQjAKx68&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25bc84e2-726b-4108-98f2-63755cb83e60&gdpr=&gdpr_consent=&request_uid=Y6brnsS-PvxS91DEnXqFUQAAAIY
Request Chain 347
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEL7E0F6eGmSYBfV4VHWnYK0&google_cver=1&google_push=AavPq0Or-jhrml8MS9z66gNrM2L2orhHKjgoewhje8IJZdaFYnDYlGl8LMCUksKUdkgHYO0MDfyMbrrAJnFlkB6bUxiCrk8f0mek&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Or-jhrml8MS9z66gNrM2L2orhHKjgoewhje8IJZdaFYnDYlGl8LMCUksKUdkgHYO0MDfyMbrrAJnFlkB6bUxiCrk8f0mek%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL7E0F6eGmSYBfV4VHWnYK0&google_cver=1&google_push=AavPq0Or-jhrml8MS9z66gNrM2L2orhHKjgoewhje8IJZdaFYnDYlGl8LMCUksKUdkgHYO0MDfyMbrrAJnFlkB6bUxiCrk8f0mek&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Or-jhrml8MS9z66gNrM2L2orhHKjgoewhje8IJZdaFYnDYlGl8LMCUksKUdkgHYO0MDfyMbrrAJnFlkB6bUxiCrk8f0mek%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 349
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA0hDzIte6qsqgpNF5ZSSQc&google_cver=1&google_push=AavPq0PymMKJcLp5VXs7JkqDigh6TSZ14R3JApy20h1f4mDcnm4sVgprR95E6de6uWdM4ybmzxsoV1iCtnnc_877lGsxtlnlHJbb HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEA0hDzIte6qsqgpNF5ZSSQc&google_cver=1&google_push=AavPq0PymMKJcLp5VXs7JkqDigh6TSZ14R3JApy20h1f4mDcnm4sVgprR95E6de6uWdM4ybmzxsoV1iCtnnc_877lGsxtlnlHJbb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PymMKJcLp5VXs7JkqDigh6TSZ14R3JApy20h1f4mDcnm4sVgprR95E6de6uWdM4ybmzxsoV1iCtnnc_877lGsxtlnlHJbb&google_hm=wmFNJNW8SeOwjcpVaf4EyQ==
Request Chain 351
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHxf-zATQwdSIPc6YmxpAnQ&google_cver=1&google_push=AavPq0Mn6TTkbsEDnQ3CzSVxjBJfASI2cQrm9xTFiHQLFYHwosVVmDauGxPwxL4AiMXz5LEzxP04LsmcJliNFrehAPR2QX7K2dp6 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHxf-zATQwdSIPc6YmxpAnQ&google_cver=1&google_push=AavPq0Mn6TTkbsEDnQ3CzSVxjBJfASI2cQrm9xTFiHQLFYHwosVVmDauGxPwxL4AiMXz5LEzxP04LsmcJliNFrehAPR2QX7K2dp6&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P3Z7Z1EGRlSPX482oORdGA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Mn6TTkbsEDnQ3CzSVxjBJfASI2cQrm9xTFiHQLFYHwosVVmDauGxPwxL4AiMXz5LEzxP04LsmcJliNFrehAPR2QX7K2dp6
Request Chain 352
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMEnYJ1x2GdcrWqMyrEp8dQ&google_cver=1&google_push=AavPq0PF5rHRw6lWgN-YsZmwZ_wZD1ZfuayPjLJTGURCCWTLkmL7wVm3_DIpEH4N0xoc9ZreoWlUjKsGI8BaRDdkSoZhDHbbqTWa_g HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMEnYJ1x2GdcrWqMyrEp8dQ&google_cver=1&google_push=AavPq0PF5rHRw6lWgN-YsZmwZ_wZD1ZfuayPjLJTGURCCWTLkmL7wVm3_DIpEH4N0xoc9ZreoWlUjKsGI8BaRDdkSoZhDHbbqTWa_g&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02M3lKSGhwRTJ1SFg1d3I2T2JHZU90NDhQTThzZTBZen5B&google_push=AavPq0PF5rHRw6lWgN-YsZmwZ_wZD1ZfuayPjLJTGURCCWTLkmL7wVm3_DIpEH4N0xoc9ZreoWlUjKsGI8BaRDdkSoZhDHbbqTWa_g
Request Chain 354
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1
Request Chain 355
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6brngDy3T.SrBxh72BEjQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1&google_hm=2
Request Chain 356
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEMesDaqerf_rSaPsH9hfWI&google_cver=1
Request Chain 357
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0NzcwNzU3NDI5OTE2OTcyMg%3D%3D
Request Chain 450
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.yyzzbaby.com%2F&domain=www.yyzzbaby.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=r6f1SnxUYzhZVUZvRkFzNXNPTERWRWJaQmlhd3pWMWd2RG9GLzE5VnJjK0xkWHhObGlSRWVmbU0xMy9KajlpLy8zQk5zdUFpSlFKcUZQQ0Zob25FQzRiNSs0WXk3UVlMdGxVVEV5ZFEvQzNENFFvS1o4U3l0S0lONGpmVnFzTUdaNFYxcVQrV1ZtcElReW8xd2VSVlRvWG1zWWlQdUVRLzgrOGdVRE5EUElRaG9qYVM2Skh0bGZ6N051R3JtaUJpRldIZzg2c2QxM0FOTmV4aDZkTi9mdEN4bWMzV0tvejJoa1lLSlhyOHBxOHk2bVR1VlZpWXRVQkFRZ1gvUFhUTTVKdEgyQ1pHL2tSTXQ3SFoxUHp1ZVdXalFZcmQ1c1JrWC9oc2w3TjZoMTVwYVZuST18&cppv=2
Request Chain 459
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-D8qGPaBE2uHs4vom6KmpGOt1ui1LJcIBmDpcRBM-~A&gdpr=0&gdpr_consent=
Request Chain 460
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3947707574299169722
Request Chain 461
  • https://x.bidswitch.net/sync?ssp=vidoomy HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=c2614d24-d5bc-49e3-b08d-ca5569fe04c9 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=c2614d24-d5bc-49e3-b08d-ca5569fe04c9 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=aee1031c-7cdd-4bdd-a927-b2b64b1dd078&ssp=vidoomy&expires=30&user_group=5&bsw_param=c2614d24-d5bc-49e3-b08d-ca5569fe04c9 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c2614d24-d5bc-49e3-b08d-ca5569fe04c9
Request Chain 463
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:989163a6-eba0-4900-882f-4601cb76453c&gdpr=0&gdpr_consent=
Request Chain 464
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=615023845212102004
Request Chain 465
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 466
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F767B67-5106-4654-8F5F-8F36A0E45D18&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F767B67-5106-4654-8F5F-8F36A0E45D18&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 467
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3947707574299169722&gdpr=0&gdpr_consent=
Request Chain 468
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Z_XX4DSkj7B89IfkZKSbsmOghuR884fmaP57Jztf
Request Chain 469
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180685719748933776&gdpr=0&gdpr_consent=
Request Chain 470
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P3Z7Z1EGRlSPX482oORdGA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 473
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=611868835 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3F767B67-5106-4654-8F5F-8F36A0E45D18
Request Chain 474
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Y3NjdCNjctNTEwNi00NjU0LThGNUYtOEYzNkEwRTQ1RDE4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 475
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC3Jj8zo3BEik71W02eJX6U&google_cver=1
Request Chain 478
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5463142829037364157
Request Chain 480
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3F767B67-5106-4654-8F5F-8F36A0E45D18&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GzIz59BE2uUYR3IgCMwnlaZjYSFK7Ho-~A&gdpr=0&gdpr_consent=
Request Chain 481
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c2614d24-d5bc-49e3-b08d-ca5569fe04c9&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 485
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ4MWU5OWI4Mjg3YmUxYTM4YjY3ZjBkNzBkZmJkNWNjMjYzOGM3Yg
Request Chain 487
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxV0RIQTYtMUMtTTFVTg==
Request Chain 488
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5iSk1RvcSiysRB24uuymlQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5iSk1RvcSiysRB24uuymlQ
Request Chain 489
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OgBcQPnqLk1aF_ShlvV6GMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ioXhuNRE2oItbsI0bqNRozXZ7jZ1cTlo4Wo35A--~A
Request Chain 490
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1WDHA6-1C-M1UN
Request Chain 491
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=T57XCnRfSEWqSrU5E6nd0w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=T57XCnRfSEWqSrU5E6nd0w
Request Chain 492
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGSK9umQeDICf2eIRJHNAuU&google_cver=1

490 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.yyzzbaby.com/
53 KB
8 KB
Document
General
Full URL
https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
ed964e8aa4636851968b32e78851e4c45abc2d69b14af040f4ced779af6a7285

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
77e9382f2af39a15-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 12:07:56 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOP8Vum6YhD2Xgw3EfyZRlR24XFoWgHRX%2FZKaCQxl85gR306tP9EIlj9LwF5YDNEXUX%2Fsh9Wua4G0%2FeWyr7%2BUEuKflkvL5zmIsr%2BgsCx4P%2F7mE%2FJe5L37RQIH1dGA1ujxapqciaMSN%2BjV%2FBki24%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
jquery.min.js
www.yyzzbaby.com/files/js/
85 KB
31 KB
Script
General
Full URL
https://www.yyzzbaby.com/files/js/jquery.min.js
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 04 Apr 2018 03:11:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmBONc3Y74UpNdAdTc68e8VBbkXI5VWnzeEz2VN42xkMuQ6gdXVn%2BSfaCTzTaiDQ%2FPbLeVZ0LUZC4BlW31ODyIyQcQ6YzynSuKMFTRkuIKtEe3gMcMcK4QN52Zjb2v1xUNxGuRSbAg58A9mGvE8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
77e9382f6b6e9a15-FRA
expires
Sat, 24 Dec 2022 13:07:56 GMT
ats.js
anymind360.com/js/7735/
137 KB
32 KB
Script
General
Full URL
https://anymind360.com/js/7735/ats.js
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4d84c0dc0fee49ba1d62f95002673c1681cee960bc64ed67ddb4069ecd6753d1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 23 Dec 2022 11:57:45 GMT
date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
87011
x-guploader-uploadid
ADPycduUi0BnzH5wYagN4Jywe2O3rn5pLRdOirJLFJxC4rfaSH9XFigiyv82WQyUramCnuyr60s8dlW4JeMdrF5ArWNHiA
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
31948
x-served-by
cache-tyo11935-TYO, cache-hhn-etou8220055-HHN
last-modified
Fri, 16 Dec 2022 11:20:24 GMT
server
UploadServer
x-timer
S1671883676.085657,VS0,VE0
etag
"250391a2846a14caf6457370d3c189fc"
vary
Accept-Encoding
x-goog-generation
1671189624017192
x-goog-hash
crc32c=eLMmZA==, md5=JQORooRqFMr2RXNw08GJ/A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
31948
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
95, 2
index.css
www.yyzzbaby.com/files/dist/css/yyzz/
9 KB
3 KB
Stylesheet
General
Full URL
https://www.yyzzbaby.com/files/dist/css/yyzz/index.css?v=65
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad3a7717de7d3df6c1bddc599b5dfe15a71d3fe2b4e4249b196ec4209bc9c2f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Thu, 15 Sep 2022 03:21:36 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=11516
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2Geyu7onYVUye5YGtDpJlFN28EbrCRB7Ft%2B2hpSgrLhLo11G%2Bt3SB1pbH4%2FfcbgzJ7bwnyHg%2BIWKNQKGO5Pdijgl%2B8drvQ2tNSpew676PTYnLwTNfLitOj7vaobvEnAf7KM6C1XDvwznan%2BxBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77e9382f6b709a15-FRA
expires
Sat, 24 Dec 2022 13:07:56 GMT
352.png
www.yyzzbaby.com/files/images/yyzz/logo/
4 KB
5 KB
Image
General
Full URL
https://www.yyzzbaby.com/files/images/yyzz/logo/352.png
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6cad571a51929df501cf37965050f9b95588f53ff99bd1d8e84e18838607b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Jul 2022 03:37:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1195693
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVjSYy%2BH%2F1HRGBuAwkPXTZFIjBAC020lffT13soaR8dAfk3mYWrdXEFogfIDKGvCyeEQvhvJOTtZuneeKjjLkYbuS16wHSb%2FRsB6XGBo3O3c3Ui2qRl8ISHa2qo3q%2FhnMBunkfKvF0ljDK6xnNg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
77e9382fcc3a9a15-FRA
content-length
4429
expires
Mon, 09 Jan 2023 15:59:43 GMT
2002139261_24252_1671671792.jpg
img.lrgarden.com/feed_pic_2/p600/125/48/
62 KB
63 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/125/48/2002139261_24252_1671671792.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d9aee23556fe305cf14f7df66640f17665da60952e09bfee209a4a3e10f336
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
186001
cf-polished
origSize=67243, status=webp_bigger
content-length
63562
cf-bgj
imgq:100,h2pri
last-modified
Thu, 22 Dec 2022 01:16:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5i3sLbG%2BjJTjj3h5R7RUPQUaEEsM5zTinbE4KQmJpfduCarwJBpV7bO%2FcZ6%2BRXkA5YFDBeB0gGaWVRPkwi3ecwMIAjb5Auu6NTcmc5mEkYDKg5NQ69uoGEANpksEAsgvYL45Rj0i4O93RVlQ2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383008288ff8-FRA
expires
Sat, 21 Jan 2023 07:42:23 GMT
2002139258_24252_1671410567.jpg
img.lrgarden.com/feed_pic_2/p600/122/7/
69 KB
70 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/122/7/2002139258_24252_1671410567.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a30a6b65c41c70772e7cb14c88c2b7c9bbd617147f04c74e333638f1eb46b00
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
445312
cf-polished
origSize=75843, status=webp_bigger
content-length
71061
cf-bgj
imgq:100,h2pri
last-modified
Mon, 19 Dec 2022 00:42:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzMYKVuSirS4cnPN2RzcNo%2ByEIdFnoPwhGxTOZPT%2BXNfsNf9%2F0a2jRL9vIvykykVvjh9n5t1j%2FjXjwyUXA6IlgBe6VtCBpHGfBUHF3tI5xJnah1UsPT91BBPPnY%2B0D4QzLV3nF3u422JQ5JsQXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383008298ff8-FRA
expires
Wed, 18 Jan 2023 07:40:36 GMT
2002139256_24252_1671179339.jpg
img.lrgarden.com/feed_pic_2/p600/120/11/
16 KB
17 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/120/11/2002139256_24252_1671179339.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9caa3b8b22355ca3cf4ab4a42bde2fbcf10d7ae1f7bdeea40b92dcd51ea1907
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
691402
cf-polished
origSize=18431, status=webp_bigger
content-length
16609
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 08:28:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BErQOtl6PSrDhNfAaoHBHflO17MbV3vYzFVPPvHch%2BJDFsmlJNO1EnAc2v1Tp4I%2FoneX6c5u%2F4iUo5zOuljVb65n9Y1bb%2FHeyQevnXfenZ9Tur7XoZRforuhNWs%2FriXn3zaXbH8VAEZmiE%2Fw2A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830082b8ff8-FRA
expires
Sun, 15 Jan 2023 11:19:11 GMT
2002139254_24252_1670977413.jpg
img.lrgarden.com/feed_pic_2/p600/118/5/
69 KB
69 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/118/5/2002139254_24252_1670977413.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b812885648b40e2a26eea562a823b6b59815ffbb94eb059f693e8848b2f1da95
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
877369
cf-polished
origSize=75734, status=webp_bigger
content-length
70503
cf-bgj
imgq:100,h2pri
last-modified
Wed, 14 Dec 2022 00:23:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FV1XXBv6yGsrTMc9gNXirWCcoB4A5xR1BHo2wC17yXetdERDJn9gVta17UcvVqXLoVZv6k7yh5L1v5OeotJBOh55%2BqxWqZYG5LgOiMkJtjXrupCpVZaXceqRCaKGZAhny4%2BsmZ4rQCNXW4F2GGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830082c8ff8-FRA
expires
Fri, 13 Jan 2023 07:39:46 GMT
2002139251_24252_1670547508.jpg
img.lrgarden.com/feed_pic_2/p600/115/52/
30 KB
31 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/115/52/2002139251_24252_1670547508.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7430434f3c19cd05cffe74ec0b16c2b695f730cbde8ccb8a8f3b331d90fa753
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1326122
cf-polished
origSize=32657, status=webp_bigger
content-length
31039
cf-bgj
imgq:100,h2pri
last-modified
Fri, 09 Dec 2022 00:58:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEwyOWQi6qmYnaMLseshBOFwY5Z1CJIpc1HKSxYyDSkukhKgCpOtA9IhrzyhONOfJ%2BsWYW61OwSa6gOs6cBSDV%2BFYuvgm%2B5HUGHUXmpeb%2BGKTKN6Pm1WRmzrRN2A1%2FvU7i63xSzJsvbMVuZ2oZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830082e8ff8-FRA
expires
Sun, 08 Jan 2023 03:00:41 GMT
2002139244_24252_1670201624.jpg
img.lrgarden.com/feed_pic_2/p600/108/24/
76 KB
77 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/108/24/2002139244_24252_1670201624.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b653c1bf24cad57820eb09c7955c744567fc06fb5e333634d663b9e538240097
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1667837
cf-polished
origSize=82300, status=webp_bigger
content-length
78146
cf-bgj
imgq:100,h2pri
last-modified
Mon, 05 Dec 2022 00:53:44 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2YjWTXvR%2FZENxG5qqSpjpBixYCE%2BBEdYfSwLdxOe2kiBgQkZ%2Fsnu5obciXuOHqdly40FXLW6DeYhQTPcIJcIx6AU84tkVqIVcGJzalaJDcV3js%2FF5sNRZvagbtHTd4RtijFVtd%2Bs%2FCh%2BotNW18%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383008338ff8-FRA
expires
Wed, 04 Jan 2023 04:05:32 GMT
2002139238_24252_1669681868.jpg
img.lrgarden.com/feed_pic_2/p600/102/12/
62 KB
62 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/102/12/2002139238_24252_1669681868.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7064222dda30364ef7ad969521cbf75891b23b6c6b697e1685ab799d9b8550a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
735780
cf-polished
origSize=67225, status=webp_bigger
content-length
63062
cf-bgj
imgq:100,h2pri
last-modified
Tue, 29 Nov 2022 00:31:08 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVurI0G5%2Be8zywjvv1w%2F9hm4D9mVoMi2NTcctEI9YbYM4JrL3dhLVVRE0LjNNCrwNkjv1ABShrikZprCQjQJo9xaMFNnCL5PPqvN%2Fc9saUE8IL%2F9Djw4qhBYNfeRcmShnQ6%2BcME5XNMrPOWfNQw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383008228ff8-FRA
expires
Sat, 14 Jan 2023 22:59:33 GMT
2002139230_24252_1669596763.jpg
img.lrgarden.com/feed_pic_2/p600/94/27/
47 KB
48 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/94/27/2002139230_24252_1669596763.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58de19b9b52f611b37f9842712aba148a24854dd26c7851a88e34faf1be8d477
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2283839
cf-polished
origSize=50567, status=webp_bigger
content-length
48145
cf-bgj
imgq:100,h2pri
last-modified
Mon, 28 Nov 2022 00:52:43 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsU2bW30UjVxz%2BRxvSPxZcb1d%2F%2BlKdBOzvGkg3z4PhOkFb6u7p9qDaDZ%2BFUK%2BLrjA9rvrc7pGVyCJ%2FEWTgQeyNxjQ%2F5mIRA7%2BcHCEbiqtBj0k8vICZq9sB3SE6N2XMJXMQEjXetgeg6SDlaq8pI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383008238ff8-FRA
expires
Wed, 28 Dec 2022 00:58:59 GMT
2002139226_24252_1669253096.jpg
img.lrgarden.com/feed_pic_2/p600/90/40/
49 KB
50 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/90/40/2002139226_24252_1669253096.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf83d5332fc8390324289b81ac68ba11ac89ba21d51b58506b6ceb8af2d512c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25786
cf-polished
origSize=53297, status=webp_bigger
content-length
50370
cf-bgj
imgq:100,h2pri
last-modified
Thu, 24 Nov 2022 01:24:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9SqISQSEFSc9yNHun70kYlboBz1ELrMerF0XkKOsOmXNQ3mrsIGIVHE5u7UXvAx7cBwMKYE%2FZbYsnPtD4aJkBLCTnlHGccIeD48A58abMpIWtSXneTvQV4FnDSzx%2FgU4OvcEmkhIeTFkK9TIYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383008278ff8-FRA
expires
Mon, 23 Jan 2023 04:12:35 GMT
2002139225_24252_1668993768.jpg
img.lrgarden.com/feed_pic_2/p600/89/40/
51 KB
51 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/89/40/2002139225_24252_1668993768.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ea06b223dd402e83dc8207f0c48b1b3ec7148c9f9e9d9956071cc1c7493b473
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
279114
cf-polished
origSize=54895, status=webp_bigger
content-length
51945
cf-bgj
imgq:100,h2pri
last-modified
Mon, 21 Nov 2022 01:22:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BoxAnmHc72EaWBkeeViw%2BhGc0XlzQ5jkb1XuupCgwg%2F2%2FwQleEmOswc%2BuJ%2BtWkb9h%2BK1qH7gWUM%2FpTPcuK%2Be6bGKJnrMfH4Bf4GeQFRRosCGfFZEzfsHUTJkft4v1ELd2Zf5B2q6YJJ7hpRzM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018388ff8-FRA
expires
Fri, 20 Jan 2023 05:50:31 GMT
2002139220_24252_1668731410.jpg
img.lrgarden.com/feed_pic_2/p600/84/18/
17 KB
18 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/84/18/2002139220_24252_1668731410.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdbf7d69dcc7f90017540ace7c0760da7996850936385f0664eacecde7bd360f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
541996
cf-polished
origSize=18985, status=webp_bigger
content-length
17735
cf-bgj
imgq:100,h2pri
last-modified
Fri, 18 Nov 2022 00:30:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWHaLWNildaaYe3wq8qLVAyhxx1T83IScaNf0jbciW49EelwXBndqt3Dm0DvQUMtY0h%2FQULrce9PGoXb6Nr04x%2B2oQV%2FGfQp2ZOvSFSXhboDylXMNhn67qg6GdqK6cPRBzMyOZuT%2Ff3WIh0n4mM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830183b8ff8-FRA
expires
Tue, 17 Jan 2023 04:49:13 GMT
2002139215_24252_1668472265.jpg
img.lrgarden.com/feed_pic_2/p600/79/9/
33 KB
33 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/79/9/2002139215_24252_1668472265.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81491ddf5323b14471a6c51eb7f9a6cdaf353d38ad4433d350e31aa6c12c9a37
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
796350
cf-polished
origSize=36200, status=webp_bigger
content-length
33839
cf-bgj
imgq:100,h2pri
last-modified
Tue, 15 Nov 2022 00:31:05 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCeRe8WPmPyDB8mUU8yhdXGp%2BlY8j3vmnTEfh9NJByL9Baup1TSxpwMuT4f2RLgZbjHCh2MMLgWwMuUmSIix1whnZExRSR3gcJxaH1keZbTSpKRrVBOJI9nNftO%2FMegKjlYc49US4PWnDtvszLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830183c8ff8-FRA
expires
Sat, 14 Jan 2023 06:10:04 GMT
2002139192_24252_1667522627.jpg
img.lrgarden.com/feed_pic_2/p600/56/3/
70 KB
70 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/56/3/2002139192_24252_1667522627.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d7a6cf0b575659dff91570f7871c63a95eecc59a08b710b8fc44bd85a7b4f5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1747924
cf-polished
origSize=75756, status=webp_bigger
content-length
71704
cf-bgj
imgq:100,h2pri
last-modified
Fri, 04 Nov 2022 00:43:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIobLityl5g6AXy4Zrk%2Bkg0d4BUpFz8LuMddODU6p21tyD4iuSXvxGzRj9NVRDSGF5O3WmmKQpufFxltyV8%2BzVTuJecZ9RBETbxoTt304zTZq1rc7leS%2FQCh4DIrHb%2F286Z82D%2Bo1iBO1kQDaag%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830183d8ff8-FRA
expires
Tue, 03 Jan 2023 05:50:45 GMT
2002139189_24252_1667277750.jpg
img.lrgarden.com/feed_pic_2/p600/53/54/
60 KB
60 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/53/54/2002139189_24252_1667277750.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
468907f51d74e48ecd47d52465f954c56b978fbaf1506566b997a6d87e793b9f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1435060
cf-polished
origSize=64510, status=webp_bigger
content-length
61139
cf-bgj
imgq:100,h2pri
last-modified
Tue, 01 Nov 2022 04:42:30 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BR7ToG62sEYneC7bxg%2FmLtNAYt2ffpQadu2IvqoJsWXcpiq6702UO%2BMg1U7usouAqErO7YDat4xOZkbn8fpttDKVQ8sg7fbcGp6kUnx%2FI%2BtHNuXLcGBogCan7tJ3iDeBBQlh5a96ahbz66wDOzA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830183f8ff8-FRA
expires
Fri, 06 Jan 2023 20:45:05 GMT
2002139082_24252_1663922283.jpg
img.lrgarden.com/feed_pic_2/p600/202/43/
37 KB
38 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/202/43/2002139082_24252_1663922283.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ffeb07223d185f5aa0ea14081ee9c86d8a98b77ca6f2d82c207dcbda7dc6657
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1026533
cf-polished
origSize=40603, status=webp_bigger
content-length
37833
cf-bgj
imgq:100,h2pri
last-modified
Fri, 23 Sep 2022 08:38:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yn%2BBy2g5wbw3cZ2LwrBEN6r4WAwmj%2F%2BUKDtdjX%2B4gX%2BJDxgIPlt6obHMCeh0qg0danayezLYLFnxmfr9wf965%2FpKDUsk1rw%2FpsQLrs9UYW38MReQNSIjrCy4MK1eXZqQrTr%2FtBoXiIAoOT2xrX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018408ff8-FRA
expires
Wed, 11 Jan 2023 14:13:45 GMT
2002139075_24252_1663574116.jpg
img.lrgarden.com/feed_pic_2/p600/195/36/
59 KB
59 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/195/36/2002139075_24252_1663574116.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e242be2edd8eb6220661282d41f66a87ff90db36618a3f83911eb0c4777499bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
677644
cf-polished
origSize=63868, status=webp_bigger
content-length
60194
cf-bgj
imgq:100,h2pri
last-modified
Mon, 19 Sep 2022 07:55:16 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyilc%2FDi6rXQErjryt83OeV6RTyAd7yzIPGWBJcA8xOYdj6L1Z1yWsiZVSescuMjCSfQjOlqedmj61idWA7IvxevW8cu7417pFAoYU1RCyKiZgyS%2B5ieb6gy9j5pBi%2F38GALrfic%2Fr19ANomvek%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018418ff8-FRA
expires
Sun, 15 Jan 2023 15:08:28 GMT
2002139036_24252_1660715446.jpg
img.lrgarden.com/feed_pic_2/p600/156/54/
57 KB
57 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/156/54/2002139036_24252_1660715446.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82463ea172654963701647923a9556b3ac722c65f17d94877407553adbd94bc9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185998
cf-polished
origSize=60708, status=webp_bigger
content-length
58404
cf-bgj
imgq:100,h2pri
last-modified
Wed, 17 Aug 2022 05:50:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46RNerzl5uxVEne6bPdp%2FAIQoJ8GWUjvWkYo%2FMej2lenA9TsGOKQRqqdvkPVHHm7EJ%2FVEMRbVcDg5z7OTusbFQkd2b4EOkwOOZe1IMv4DSmZsct3DAT7as1S7qcpbYFbpXAqm%2B6QzaxGwDZORS0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018438ff8-FRA
expires
Sat, 21 Jan 2023 07:42:26 GMT
2002138939_24252_1658982854.jpg
img.lrgarden.com/feed_pic_2/p600/59/6/
77 KB
78 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/59/6/2002138939_24252_1658982854.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4198838093f8141f5365cda089d0f7a80b213db5df754b4c3a3760234fc8fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2396564
cf-polished
origSize=84187, status=webp_bigger
content-length
79307
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Jul 2022 04:34:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONy1agiLd8PTL9igCDKFPr4KqeO1brXgnk1jnspQ4hDIWsJ2%2BpBzWlrOMji7pCrFXj86obHZHaN4JKK49TchzABPvbenway1I9WqcBhgfhJyWVFmj9DyBNzAb9vDwqRXBU5KfSrelch9dRT28nk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018458ff8-FRA
expires
Mon, 26 Dec 2022 17:40:16 GMT
2002138938_24252_1658979110.jpg
img.lrgarden.com/feed_pic_2/p600/58/38/
19 KB
19 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/58/38/2002138938_24252_1658979110.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffa4826b06f1505a9a4d31a723b1adb4c5189e0eb5cf5cd99be274afb1bfc6c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2518074
cf-polished
origSize=20529, status=webp_bigger
content-length
18974
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Jul 2022 03:31:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTiCN%2BrnCvXHIk1Jv6Rb%2FlGC2TG%2FezoluUifcgBxYvL8aaPxzH6F103vpMy5gp5GsJoAC3OgPpH8sG8Aneqww%2FiSa9ThYyybzV8GlwNpIK%2F43qXcRUoVfsfx4X6uFSPqkrapo0YT374cG3XyBXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018468ff8-FRA
expires
Sun, 25 Dec 2022 07:55:09 GMT
2002138937_24252_1658978527.jpg
img.lrgarden.com/feed_pic_2/p600/57/31/
30 KB
31 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/57/31/2002138937_24252_1658978527.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d2e3f0f8f846d781a15b9a95828e0d503ea231c0b7f65d883e6d6d16b8c1d4f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
735780
cf-polished
origSize=33496, status=webp_bigger
content-length
31207
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Jul 2022 03:22:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FribUgi%2Bmo4su0N6B9q0llvQCXckUBjjkavvaOfJ4IsWB0iSF7dfN7fyVDPbUcDKPKmvvoQTkl119HE91GCccO4bSq64uAii5Bltbm%2FzdflpqmKwsuWioy2kpzCjX1%2BhrdXamYl6vHQ6U9aMKs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018478ff8-FRA
expires
Sat, 14 Jan 2023 22:59:33 GMT
2002139209_24252_1668125093.jpg
img.lrgarden.com/feed_pic_2/p600/73/37/
39 KB
39 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/73/37/2002139209_24252_1668125093.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a77912e8fe1229d50aaa6a59e935ebd933084e3a9169c2cc250b400fc41427d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1151791
cf-polished
origSize=41939, status=webp_bigger
content-length
39544
cf-bgj
imgq:100,h2pri
last-modified
Fri, 11 Nov 2022 00:04:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15IvUAlylHiFuFH1Tx6%2F3Iwba0CVOxTsCd2dqzFsWsagZdoMhH658Bu5uF3jKB3tSZByHiE1KwbkqSVAGuYa3dw6x7Hw5suTcpoRrzYX7trgyZfCJOevnfgDwRdrVFZ6LJo7FfjRc0A48fsk7lw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018498ff8-FRA
expires
Tue, 10 Jan 2023 03:26:09 GMT
2002139194_24252_1667782230.jpg
img.lrgarden.com/feed_pic_2/p600/58/22/
48 KB
48 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/58/22/2002139194_24252_1667782230.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a0cbf8ef2220ce5f03b50666488811c3b118a7b29ef1b06ee28f563cd029b38
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1475719
cf-polished
origSize=51386, status=webp_bigger
content-length
48868
cf-bgj
imgq:100,h2pri
last-modified
Mon, 07 Nov 2022 00:50:30 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3vmJOD4GXQ1Jg9bGCjIbGc8gE0VRuPykHhdlNIBiB0Mb8%2Fhk3FXZnAzB0PrWR51sj6nuT33Ysf9SJQ3NI5CCBYBQ0WkbLzNgLBohl6hvoV%2BvLFiBCmiKOkOviF2oPvGrHPLA7CziWL6U8SyWFU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830184b8ff8-FRA
expires
Fri, 06 Jan 2023 09:27:26 GMT
2002139181_24252_1666655861.jpg
img.lrgarden.com/feed_pic_2/p600/45/53/
21 KB
22 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/45/53/2002139181_24252_1666655861.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3439c58be3e221294edeade9aa3f18982d1aecdeaca41576ccd5e9c51f8d616
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10764
cf-polished
origSize=24996, status=webp_bigger
content-length
22000
cf-bgj
imgq:100,h2pri
last-modified
Mon, 24 Oct 2022 23:57:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVek7oaftH8rBt%2Fo%2FO7FpP%2FKc%2FjQhjr7PjhgG0xU09C4W5Slu7TuGIEGCL%2Fj42H7iXkm0F5vjljdGtGg9cD5s53VUXm4soXJeyZIFVMOnVfFvAiWyX%2BcaNZmJOlbhFysknLhkHwU1sCJLC8UJrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830184c8ff8-FRA
expires
Mon, 23 Jan 2023 08:22:58 GMT
2002139155_24252_1665970758.jpg
img.lrgarden.com/feed_pic_2/p600/19/6/
50 KB
50 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/19/6/2002139155_24252_1665970758.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fe4261bb70be8a59c1f208863c34bb29082f78ab96f81bb7696ee2c72b7954
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1993648
cf-polished
origSize=54464, status=webp_bigger
content-length
51093
cf-bgj
imgq:100,h2pri
last-modified
Mon, 17 Oct 2022 01:39:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hw7CERUGQrJvkzp7orcfXgCk7%2FSE9Gd%2Fpp2x92iUru71HfZMtf54EV3EzI5scvwM8JwCamELaBqxnQdDd6WLHJxFbS9OXRX77xVADhhyN6JqOWVSusYfApCX6%2Bdz6wrWYkmRwlj0ESY%2B%2FGNXV0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830184d8ff8-FRA
expires
Sat, 31 Dec 2022 09:35:26 GMT
2002139092_24252_1664438576.jpg
img.lrgarden.com/feed_pic_2/p600/212/48/
42 KB
42 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/212/48/2002139092_24252_1664438576.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4acff4ef8d3ab6468f4ea7a30988d5a3c06a2947c7de7cb1f366f3a2c167522
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1901222
cf-polished
origSize=44610, status=webp_bigger
content-length
42610
cf-bgj
imgq:100,h2pri
last-modified
Thu, 29 Sep 2022 08:02:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAG1%2FYHN5Dczh5ghGoDaF7p2bNnB0sxICtd%2F1awZsnAN4YeF1QmH7C3Ntk23UY2EV8LSfNDXOrC05N2Vw%2BPXmzsJnWk17BUAbTdrvmt5pgXfrKDp1vMv8AIF0NZlOyslP6OsOrakKy3QBlV9dv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830184f8ff8-FRA
expires
Sun, 01 Jan 2023 11:15:50 GMT
2002139073_24252_1663205809.jpg
img.lrgarden.com/feed_pic_2/p600/193/49/
35 KB
36 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/193/49/2002139073_24252_1663205809.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3204c081baa8c5037a27a2f1b82517e726f1d64923a3498b1799363fd8dbe72a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1262849
cf-polished
origSize=38018, status=webp_bigger
content-length
36120
cf-bgj
imgq:100,h2pri
last-modified
Thu, 15 Sep 2022 01:36:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgCyvS%2BAModh%2FT%2FR1RNZYVuoUX3Ww%2FHW%2BVcRqYh3cg4ohLEdoqO8x2P0V4DLvByiRlGgwJH%2B%2FNJ6YTNK0C%2FXeeTa%2F5vJXWxAFnS7BPvZytMUeH7YtiniBkNekO%2BLFqgQ0k1xItuBWMUf0YMdHKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018518ff8-FRA
expires
Sun, 08 Jan 2023 20:35:12 GMT
2002139070_24252_1663031099.jpg
img.lrgarden.com/feed_pic_2/p600/190/59/
12 KB
13 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/190/59/2002139070_24252_1663031099.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a43c7dbe1ba1ff9d4698bc3fe9e894c59075c0a4dc27ba86522095180fcf5407
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2396564
cf-polished
origSize=14283, status=webp_bigger
content-length
12315
cf-bgj
imgq:100,h2pri
last-modified
Tue, 13 Sep 2022 01:04:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W22K0kVyCxJSrJrarFVrEzQZMPPTWaejhNEevYTNZVS8w9xjzNTcT4jYx6elj2I8lNEM15wPRhSbIcqF4fVMDu8RHdGtJuUO17PEayEQjkwRC2nHkL3CGoy0en%2BPKjxwrhwm1PQ1C3paFV9AYY8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018528ff8-FRA
expires
Mon, 26 Dec 2022 17:40:16 GMT
2002139068_24252_1662617774.jpg
img.lrgarden.com/feed_pic_2/p600/188/46/
22 KB
23 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/188/46/2002139068_24252_1662617774.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc6d8640aabd007b143ea654320b064a6fdeb8ed69808a626d1245a7aa6aeec7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1459196
cf-polished
origSize=24518, status=webp_bigger
content-length
22962
cf-bgj
imgq:100,h2pri
last-modified
Thu, 08 Sep 2022 06:16:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cL9PleU3hOExe5PlbREBDUAhU0GONBizNhr7i%2ByyKVaLKYZ3%2BIW9njsaLVVju1ioiNUE%2FxO3mGNGGUqLkLxqznW1HbH2xoLCbtTfnX4gOewMWghAyqZAzQaDg32cOPwtw0Hu9r8OA7dbqLPN9PY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018538ff8-FRA
expires
Fri, 06 Jan 2023 14:02:49 GMT
2002139048_24252_1662520404.jpg
img.lrgarden.com/feed_pic_2/p600/168/20/
29 KB
30 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/168/20/2002139048_24252_1662520404.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08e765e11da22d3768a7d2d19d5dccbe2072f3d79ee41bab4bd521601bbfa0f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185996
cf-polished
origSize=32072, status=webp_bigger
content-length
29951
cf-bgj
imgq:100,h2pri
last-modified
Wed, 07 Sep 2022 03:13:25 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TN0QQm9wNwmZkqLfas1SqRuQe8mxfqTdjamhPxUbzhgA95ZM%2BbQI95wiKtEncGz%2BaX4cwWgrEm7LupwVQD1bb%2Ff3JiMTFmmSu9XoV413zZZsyPzIGks%2BMblUf1XBkceOpV9FAetUQVPVUWbDVg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018548ff8-FRA
expires
Sat, 21 Jan 2023 07:42:29 GMT
2002138948_24252_1660006290.jpg
img.lrgarden.com/feed_pic_2/p600/68/18/
30 KB
30 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/68/18/2002138948_24252_1660006290.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dd59e2bd6e6dc473d4e0df661276c855fa19e965241e999efa903c96581d161
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1026533
cf-polished
origSize=32018, status=webp_bigger
content-length
30608
cf-bgj
imgq:100,h2pri
last-modified
Tue, 09 Aug 2022 00:51:30 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSosmN3cl%2FsjYtSh%2Fjz74TqKG9d6Lv8kfff7ghnGk7weDR5UFVhHNcmK1LAGyBDDSUzLSCZdBjnmwCB64r9bnSvmq7D7B6p1hatpJykO7vqdWdLyWx7JTPygeoUC4LjsSJgw6n%2BSuSOJzFo6h%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018568ff8-FRA
expires
Wed, 11 Jan 2023 14:13:45 GMT
2002139188_24252_1666926636.jpg
img.lrgarden.com/feed_pic_2/p600/52/44/
32 KB
32 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/52/44/2002139188_24252_1666926636.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf48600ea5d1427fe7bd10d9234731c3f36265f044a9c29ef2ad8f69efbd8b87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
191362
cf-polished
origSize=34203, status=webp_bigger
content-length
32471
cf-bgj
imgq:100,h2pri
last-modified
Fri, 28 Oct 2022 03:10:36 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BYOA8qgnKDqcR9ezLIX%2F1q5syNM8Fv1m70C1VCFKjaV1YvQfiEQr%2FO3YhQT%2F4Oej%2FoOlnF2zef3YBcXt%2BXIE2vgKXuiCTycvzhAAPVDG3XCvW6Ib7Uij6JaCpxu%2BSM8TZMY8g%2BYqjYX8w07d6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e9383018578ff8-FRA
expires
Sat, 21 Jan 2023 06:13:02 GMT
2002139169_24252_1666232423.jpg
img.lrgarden.com/feed_pic_2/p600/33/39/
43 KB
43 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/33/39/2002139169_24252_1666232423.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b391c9b20be2ae5c5386431f8a021c80d8b0eee8048f02b71c06c033fe92f076
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185995
cf-polished
origSize=47197, status=webp_bigger
content-length
43892
cf-bgj
imgq:100,h2pri
last-modified
Thu, 20 Oct 2022 02:20:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwV3fkZJKheJl48lRMF%2FYJ%2Bm6GKKpOlJxxv0%2BW8XxeZaRv4t04mnsi%2FWEOBICITw5JvLZ2yPscvqhX1Tx4vPWGo8WKR9XE7I0ubsgubeU6Ney08Ar6bYacimwnA2usWAPmmSQrNLnKrhg1bbTuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830185a8ff8-FRA
expires
Sat, 21 Jan 2023 07:42:29 GMT
2002139157_24252_1666066845.jpg
img.lrgarden.com/feed_pic_2/p600/21/29/
37 KB
38 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/21/29/2002139157_24252_1666066845.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535ab67187aba8c401c2506c6aa002e66387bad5efc8839e55bb5466e4107a41
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
185995
cf-polished
origSize=40501, status=webp_bigger
content-length
38335
cf-bgj
imgq:100,h2pri
last-modified
Tue, 18 Oct 2022 04:20:45 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXheGYHYNtpj4r7D7y%2BiEc3cNbGtxkGTUpdLg26%2FY1F5aeeHbRlI5EZVk23H8Cm3KJn9PWKK4A5dIMa4I1wELJvjHrMGBaNpz%2FQd%2FWluXmAq0OqFnhTbvPyY7FwfaHR%2BMatsfX8XqGQkP4cZSTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830185c8ff8-FRA
expires
Sat, 21 Jan 2023 07:42:29 GMT
2002139131_24252_1665541449.jpg
img.lrgarden.com/feed_pic_2/p600/251/9/
44 KB
45 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/251/9/2002139131_24252_1665541449.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07093f511458f36f0c0d3422c628cdfb0a6edf449762bf4993b7f9b4c4d60dab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1151791
cf-polished
origSize=48044, status=webp_bigger
content-length
45377
cf-bgj
imgq:100,h2pri
last-modified
Wed, 12 Oct 2022 02:24:09 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cd2CqQkytN8EAYOkr1TJYAf7a%2F1caaMnlyJUodKstHAUk1CWpuLRzLfv540JvTK5xnHH13OW1yEY8nuXDWl%2Fjigq1iVG0GfMF6lcNpXMs3Y%2FYdbiufvh8fZku%2Bkpy4cWeode0JVuLbrW%2FkZbHLo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830185d8ff8-FRA
expires
Tue, 10 Jan 2023 03:26:09 GMT
2002139091_24252_1664437990.jpg
img.lrgarden.com/feed_pic_2/p600/211/38/
21 KB
22 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/211/38/2002139091_24252_1664437990.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3361a64b56f7a5ef3750a563afb7f4412ccd33d1dc6b0e422e5c7b81ff36980
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2015654
cf-polished
origSize=23740, status=webp_bigger
content-length
21824
cf-bgj
imgq:100,h2pri
last-modified
Thu, 29 Sep 2022 07:53:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTnytNlbQN1srykSBLNZ6WhRRSAJ18DNFJW6x1RnqPcHg1I754ddwSg6zu0FIXnIdaMc46lkzILUG%2BMpdmjWaP01n3Q2ZTmFgOC%2F1r9kVTuh2by8h5oMdoz4tnTIhSyBx6DTvRRfIvZJUMtBQgY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830185e8ff8-FRA
expires
Sat, 31 Dec 2022 03:28:40 GMT
2002139089_24252_1664344008.jpg
img.lrgarden.com/feed_pic_2/p600/209/8/
22 KB
22 KB
Image
General
Full URL
https://img.lrgarden.com/feed_pic_2/p600/209/8/2002139089_24252_1664344008.jpg?101
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00548bfe15c85611f90330ee6cfa24cbed01f42e241a63bb26a4f353e3d2352
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
223263
cf-polished
origSize=23666, status=webp_bigger
content-length
22186
cf-bgj
imgq:100,h2pri
last-modified
Wed, 28 Sep 2022 05:46:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJW0iisJe15qPt35svmusxJN%2Bx7%2FvhvdBNC58Q6sGANu5z%2FfTugZG65Klmh0XSzy1sFXLVLeZmTosvF%2FHxhBmVxQKzi8%2Bs%2B1AQX3zMJi9g3ChhLneDF%2FpyFtV5%2Fq3ZIFS0DWGGLQWFvgtdLDZ0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
77e93830185f8ff8-FRA
expires
Fri, 20 Jan 2023 21:21:22 GMT
index.js
www.yyzzbaby.com/files/dist/js/yyzz/
3 KB
1 KB
Script
General
Full URL
https://www.yyzzbaby.com/files/dist/js/yyzz/index.js?v=65
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86da92138feec7e4c98ea16945ee8ab227a04cd3aa0a38fcb1a990777b638e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Mon, 08 Aug 2022 03:21:59 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sp2q%2BDpb%2F11v0U1pKcsKNjpRdkDqWoQq7KU%2FvE5ieAMTUmMTdc58muWBI5xByduTcB7rZvytPCbO46FL5JKQRKVzZOSBaYXbxTyqdJX4bnhppfFV8ct15znWE4aRovkQLsTI0KhC5CsSh9MGd%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
77e9382fabea9a15-FRA
expires
Sat, 24 Dec 2022 13:07:56 GMT
yyzzbaby.js
www.yyzzbaby.com/files/js/
225 B
476 B
Script
General
Full URL
https://www.yyzzbaby.com/files/js/yyzzbaby.js
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b777bbcda5eaa3b5622eca18b80cdd90e68e031fc7dd9837f4feb0088ddf72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 22 Sep 2022 22:43:44 GMT
server
cloudflare
age
345
cf-polished
origSize=259
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwyAkD9V0uQ1jNuQLeJAA98kTzMCLcNIDhIyL7FE6flLhx1II5Suh4F3A8OeI1QsIlNqyWutOUeFEEH9FaluOSjLcYy4%2FrHJ7me5zCYuo022Kl%2FUB1wWDDi87ZtmsuaBJlcp4vGcKZhUpD5Z4uI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=14400
cf-ray
77e9382fbbfb9a15-FRA
expires
Sat, 24 Dec 2022 13:02:11 GMT
protocalCookie.js
www.yyzzbaby.com/files/js/yyzz/
4 KB
2 KB
Script
General
Full URL
https://www.yyzzbaby.com/files/js/yyzz/protocalCookie.js
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b335c5a59830f8cbb2f0e8dd6efa924d8021692eae705ae849149e71557ed44f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Mon, 22 Aug 2022 10:25:04 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4687
etag
W/"63035980-124f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43lWZuVHAYODG1ViEcnNTafQQ16JNRJHvG%2F2dW1mM4A7jW16BAU3YKckAbkmGCf%2FH6Fi%2BpjMcgA2nsaG9qNdlZ0LcbqjfNU86itiY%2Fvsb8E21ACUEY3vooX9d4y2izDQpdZJvoX8So6XGZ5B8OA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e9382fcc369a15-FRA
expires
Sat, 24 Dec 2022 13:07:56 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/1006845/8989/
0
0
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/1006845/8989/pwt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/ats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

vdo.ai.js
a.vdo.ai/core/v-yyzzbaby/
32 KB
6 KB
Script
General
Full URL
https://a.vdo.ai/core/v-yyzzbaby/vdo.ai.js
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
776f17cd31d68310982a0a8fbbf0c1699ee98edeea10428b7fa9a26fe954d208

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
vdo-server
Tag2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 24 Dec 2022 12:05:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WHV5KOZ2pS6k9mq%2BUHOYqz71aNgPzk2kNCnpGy0dSs7AtJqhIwnbM8%2FuJc6cFaqDMvsg6YTTcKoR4FFigTzKllEczXu4lgq8DyD%2BjMBehoUclPp5uBf0xkju4FcE0IQD4N0K8F4kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
24666762 22094017
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=1800
cf-ray
77e938301e282c02-FRA
proximanova-semibold-webfont.woff2
www.yyzzbaby.com/files/fonts/yyzz/
20 KB
21 KB
Font
General
Full URL
https://www.yyzzbaby.com/files/fonts/yyzz/proximanova-semibold-webfont.woff2
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/files/dist/css/yyzz/index.css?v=65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ec2b29096b119e0d33066f109b86bd25438f02717af7003af528941f932b8b2

Request headers

Referer
https://www.yyzzbaby.com/files/dist/css/yyzz/index.css?v=65
Origin
https://www.yyzzbaby.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 29 Jul 2022 03:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVqqKYPHJA5MUAy4s8ks4g%2BTw1Z7lR9Td6NzSRe%2FsWJyRMvOGhwd2WJVcmrA%2F0uHXwMhaTNpmxJ7mUDIbBXUFop8FTQF%2FVZjYqs6PlOjSUWIsyoDYK2iD4QwD3cvEg6%2BFXTbYdVDkLcU%2F5Eo%2BHg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77e9382fcc389a15-FRA
content-length
20648
poynterosdisplay-semibold-webfont.woff2
www.yyzzbaby.com/files/fonts/yyzz/
25 KB
25 KB
Font
General
Full URL
https://www.yyzzbaby.com/files/fonts/yyzz/poynterosdisplay-semibold-webfont.woff2
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/files/dist/css/yyzz/index.css?v=65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9924d42491609faed097bf67ef5d7f62638831061c17d69097a91c4c60088a3

Request headers

Referer
https://www.yyzzbaby.com/files/dist/css/yyzz/index.css?v=65
Origin
https://www.yyzzbaby.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 29 Jul 2022 03:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62e35603-63f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5GTO0me44iuRU28gMUw5jgUDyXZcpU4izfVtu6p%2F%2FaeiLTe3Np0%2BL239NvQO%2BC2IGIsyXc%2BdtZB7GXw%2F%2BfLBWkmw8KiNdiM0y82Gp6uHwEtkrIKQCvn%2FZfHuTRt6fTtXJF9%2BhkXCGdka8uSG9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77e9382fcc399a15-FRA
content-length
25584
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?717591447bd95ee9eb6b80570e688fc0
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/files/js/yyzzbaby.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
374b556b4b1a745a1694a0cb9aae4ce31bf10508f2af944173af7339a47ebcd9
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:56 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
18de14b407220393e198d1cd338255e1
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11260
poynterosdisplay-roman-webfont.woff2
www.yyzzbaby.com/files/fonts/yyzz/
24 KB
24 KB
Font
General
Full URL
https://www.yyzzbaby.com/files/fonts/yyzz/poynterosdisplay-roman-webfont.woff2
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/files/dist/css/yyzz/index.css?v=65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f3a1784f038e4babee51af87e5a377668820cac09f9c994a8c96be1023796f1

Request headers

Referer
https://www.yyzzbaby.com/files/dist/css/yyzz/index.css?v=65
Origin
https://www.yyzzbaby.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 29 Jul 2022 03:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZKWNaX60UZfWQ%2FmvV932Mw4a8gAy3vW%2BhX2T4eay4vu06CMjIJ95Kcb9Q2FXR0EwJ%2FJ%2Bjf316ASDisPgTPCVKXbxw%2BxeJXsMMVA513yk39T9jj%2Fa8FGtxpatiUDm54vLPVRdmqBgqrIk06iSKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77e9382ffc729a15-FRA
content-length
24512
proximanova-regular-webfont.woff2
www.yyzzbaby.com/files/fonts/yyzz/
20 KB
20 KB
Font
General
Full URL
https://www.yyzzbaby.com/files/fonts/yyzz/proximanova-regular-webfont.woff2
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/files/dist/css/yyzz/index.css?v=65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:854 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6319442692dd4fc73547a3c23c0cf533ccffff8e14f9a6743bb3ebddb499313

Request headers

Referer
https://www.yyzzbaby.com/files/dist/css/yyzz/index.css?v=65
Origin
https://www.yyzzbaby.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 29 Jul 2022 03:37:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asiYEjcZx3KbCUc631xwD2CSsmOOQTgaadGSCZ4N1qDDaNamhPmwBya4XdgNSb6f%2B%2BdWhYhTHcpD4T%2BW4JWdXBI7EG7GM8CY%2BZ7cPARod9WlhSXcx%2BL%2ByYgI3a9NZ8m%2Fz2hmpRbMJ4ZvITwDzrE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77e9382ffc739a15-FRA
content-length
20556
truncated
/
273 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
js
www.googletagmanager.com/gtag/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113932176-41
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-yyzzbaby/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e7a4a5ee8eefebadc1a32ddb66d5fa6a97e3b92eb533ff172172f7ca5d9b195
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43576
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Dec 2022 12:07:56 GMT
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-yyzzbaby/vdo.ai.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:56 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
allowed_url.php
targeting.vdo.ai/
19 KB
3 KB
XHR
General
Full URL
https://targeting.vdo.ai/allowed_url.php?type=json&url=yyzzbaby.com&tag=v-yyzzbaby&domain=yyzzbaby.com
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-yyzzbaby/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b45c3eba87d7d61a1e69f064b5534eb02b11db75408ad95b070ad55b3378cdca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OBKMPommE4yXGW4o4gza3oNDXEWwbccmKcRmWr6ryp2PU5O4vUTTqCU%2FpBu0kTEnq2Ob5uJmcLeW5yU658UCwWx3CD%2BidUqe848%2F2Obk9BkmT%2BQrj69igKQ7af02bqdLQre9qh781G9eDqi7T1sI"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
application/json
cf-ray
77e938318dc290ac-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-yyzzbaby/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27666
x-xss-protection
0
server
sffe
etag
"1430 / 455 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Dec 2022 12:07:56 GMT
vdo.min.js
a.vdo.ai/core/dependencies_hbv4_latest/
409 KB
127 KB
Script
General
Full URL
https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-yyzzbaby/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e6d697fe302923a307416328b42656c9fee161661cd6ea5fbc8a5d34a13e022

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 22 Dec 2022 08:33:49 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdJrV1KQLpElAoAli3%2FYMguk1zJwdNGIQNcO1kr3SB5nU%2FyiREX8xjepq%2B%2Fs2OV%2BpzMxlaLvtIzsevvel%2F0z7TzUP0gciGsUaGJAZO6EcI7pp0a3pE6vWS63bN85FOCMzxZ0X9zzgw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-varnish
26511317 30
cf-ray
77e93831b9652c02-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ima3.js
imasdk.googleapis.com/js/sdkloader/
372 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-yyzzbaby/vdo.ai.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Sat, 24 Dec 2022 12:07:56 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 10:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6036
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 24 Dec 2022 12:27:20 GMT
prebid_2022_12_16_11_20_4.js
anymind360.com/js/7735/
347 KB
106 KB
Script
General
Full URL
https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/ats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7f7e482b3ff63b1236b09e88dcca137dda8be0173960109c3ce96ebc19794e18
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 16 Dec 2022 11:20:25 GMT
date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
607646
x-guploader-uploadid
ADPycduHpWdlOvriJTJubZQRZE_Vya_dzidhFCVYzPMUNGH0MGDWdTm4jlYoq7U1YEScv_Id9JGZntnZsDIPaue0L8XHDoE_SsZo
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
107585
x-served-by
cache-tyo11978-TYO, cache-hhn-etou8220082-HHN
last-modified
Fri, 16 Dec 2022 11:20:24 GMT
server
UploadServer
x-timer
S1671883677.632061,VS0,VE1
etag
"5eea37fc0a1d5e8f1f7d87dba7ad53de"
vary
Accept-Encoding
x-goog-generation
1671189624140292
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=og1vyg==, md5=Xuo3/AodXo8ffYfbp61T3g==
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
107585
accept-ranges
bytes
x-cache-hits
29, 1
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ab1b0a057d2bd20012562459bc3bad3b1ca065f4a566cf988fa180ef5f78513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29221
x-jsd-version
1.0.1565
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4526-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-ZZBiAq4leosWkAmBbT+TGz5SwcE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYoqz5qIQ18Ysb3aIaZiCOEeCKTgL7guuiAApUbvxrRnJW0MjfOuxorm%2Fo9U27JCwEevqtD8IJeLOLZh9sRaP3KA3tQ4iF37R3jaJzNTY9%2FA7F9MbcMWVLMOGj8fAamO0ea6lgdRXKtjqwdxzmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77e9383348a99036-FRA
prebid
ib.adnxs.com/ut/v3/
53 B
864 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:56 GMT
AN-X-Request-Uuid
798ee87e-bece-4259-bbfc-ad05b024445c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.yyzzbaby.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
d.vidoomy.com/api/rtbserver/prebid/
0
213 B
XHR
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=45049&adtype=banner&auc=ats-insert_ads-0&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=88a303dceb3aef&schain=%5Bobject%20Object%5D&bidfloor=0&d=yyzzbaby.com&sp=https%253A%252F%252Fwww.yyzzbaby.com%252F&usp=&coppa=false&videoContext=
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.93.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-93-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.yyzzbaby.com
date
Sat, 24 Dec 2022 12:07:56 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/
0
214 B
XHR
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=45050&adtype=banner&auc=ats-insert_ads-1&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=994488549e1ae&schain=%5Bobject%20Object%5D&bidfloor=0&d=yyzzbaby.com&sp=https%253A%252F%252Fwww.yyzzbaby.com%252F&usp=&coppa=false&videoContext=
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.93.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-93-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.yyzzbaby.com
date
Sat, 24 Dec 2022 12:07:56 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/
0
213 B
XHR
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=45051&adtype=banner&auc=ats-insert_ads-2&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=10780b40cce7eea&schain=%5Bobject%20Object%5D&bidfloor=0&d=yyzzbaby.com&sp=https%253A%252F%252Fwww.yyzzbaby.com%252F&usp=&coppa=false&videoContext=
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.93.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-93-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.yyzzbaby.com
date
Sat, 24 Dec 2022 12:07:56 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
/
d.vidoomy.com/api/rtbserver/prebid/
0
213 B
XHR
General
Full URL
https://d.vidoomy.com/api/rtbserver/prebid/?id=45052&adtype=banner&auc=ats-insert_ads-3&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&l=en&dt=1&pid=62196&requestId=114f259546cc4df&schain=%5Bobject%20Object%5D&bidfloor=0&d=yyzzbaby.com&sp=https%253A%252F%252Fwww.yyzzbaby.com%252F&usp=&coppa=false&videoContext=
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.93.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-93-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.yyzzbaby.com
date
Sat, 24 Dec 2022 12:07:56 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
auction
tlx.3lift.com/header/
19 B
573 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.yyzzbaby.com%2F&tmax=2000
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.97.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-97-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
accept-ch
sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
x-auction-status
12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/
16 B
392 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.245.32 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-245-32.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 24 Dec 2022 12:07:56 GMT
prebid
prebid.media.net/rtb/
1 KB
1 KB
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU3VM41V
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fb7ef06a5ab20566b7c26ba27665d2269a3da7bfc37373b39a8c623cf856a78d

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sat, 24 Dec 2022 12:07:56 GMT
cdb
bidder.criteo.com/
0
218 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=21515706694
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.yyzzbaby.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
translator
hbopenbid.pubmatic.com/
0
118 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.yyzzbaby.com
date
Sat, 24 Dec 2022 12:07:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/
0
338 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
338 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
338 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
338 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:55 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
338 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
338 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:55 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
338 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
338 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
338 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/
0
338 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.227 , France, ASN16276 (OVH, FR),
Reverse DNS
ip227.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
prebid.ad.smaato.net/oapi/
0
328 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.229.195.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-195-56.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://www.yyzzbaby.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
e7d57958-c2b1-2438-5952-b08b43a61fc1
prebid
prebid.ad.smaato.net/oapi/
0
329 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.229.195.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-195-56.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://www.yyzzbaby.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
65070682-6913-8358-079a-993026ab03d2
prebid
prebid.ad.smaato.net/oapi/
0
328 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.229.195.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-195-56.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://www.yyzzbaby.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
67babe71-6b53-3c95-31e2-3f6c5fa82f02
prebid
prebid.ad.smaato.net/oapi/
0
328 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.229.195.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-195-56.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://www.yyzzbaby.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
1eeac320-05ef-cebd-5b1b-83f6518146eb
prebid
prebid.ad.smaato.net/oapi/
0
328 B
XHR
General
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.229.195.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-195-56.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
server
SOMA
x-smt-message
GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin
https://www.yyzzbaby.com
access-control-expose-headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials
true
content-length
0
x-smt-sessionid
412fe7b9-5fb5-3b98-a459-4229e3b83c56
fastlane.json
fastlane.rubiconproject.com/a/api/
729 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=451002&zone_id=2630406%3B2630408%3B2630424%3B2630428%3B2680812&size_id=2&alt_size_ids=55%2C221%3B55%3B55%3B55%3B55&rp_schain=1.0,1!anymanager.io,7735,1,,,&rf=https%3A%2F%2Fwww.yyzzbaby.com%2F&tg_i.pbadslot=ats-insert_ads-0%3Bats-insert_ads-1%3Bats-insert_ads-2%3Bats-insert_ads-3%3Bats-overlay_bottom-6&tk_flint=pbjs_lite_v6.29.3&x_source.tid=40c8ed29-e6a2-4db9-8fd9-edeb93461d48%3Bece0790b-0498-41d8-a9a2-e513d61524cf%3Bf3ce83b9-0d7c-4c38-8ec8-3b8a17b4ea58%3B2b01b6dd-4ed1-42b2-b904-75b1e60263e6%3B76db5cf0-105e-49d6-90a6-dc30c27b577f&l_pb_bid_id=54f40d0a51ea09%3B557e676998da91f%3B562aa03f4194334%3B575dd5061224f54%3B5821c33ead6c78a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=5&rand=0.6400266536792585
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fe201906829d5ca22866adc52b47082c334f7d2fcae6348645714d45645fa7ce

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.yyzzbaby.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:56 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
vdo.player.js
a.vdo.ai/core/assets/
651 KB
180 KB
Script
General
Full URL
https://a.vdo.ai/core/assets/vdo.player.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f32b0e530a8ede0753fb1b2a54dba3f8e03edc3dfc1f5f6cbabd9d018c415f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 15:03:31 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gwp04662TnqRofg17ibvNmVaFqBgshDb%2FjPyocyKJOoEWdFCrcD6TASMVRTzMnaeXo4f7PZoaZrL8WTu8JBpyTuB%2FokG09BUyAHfxvef5zJzWSyAg%2B3DytRBpe6rYkYZ7N16xMTxoA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-varnish
26121768 229379
cf-ray
77e93833bd2e90c6-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
rtb_v6.24.1.js
a.vdo.ai/core/assets/
468 KB
130 KB
Script
General
Full URL
https://a.vdo.ai/core/assets/rtb_v6.24.1.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f598127eaff64f97312f924cba7129e164c56b2895371ce39d9db5cecf2b743b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 29 Nov 2022 11:45:25 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlQwqOa8VX%2BKJSrvjGzEgk4LsvqGhbnAKAcyhAOFw8G7Gd54dgS3RR2k6fqfdN9ZmW%2FZRMfE06xv5%2Blrr4PKtMpIEpZScJi%2FUt1wAEr74eRxZWOcBvmY%2Fz%2FoZM5NJ3778%2BQIyRJg5A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-varnish
25708859 262147
cf-ray
77e93833bd3290c6-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
pubads_impl_2022120601.js
securepubads.g.doubleclick.net/gpt/
381 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 12:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345625
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132161
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 09:39:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Dec 2023 12:07:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
315 B
152 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.yyzzbaby.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b50cdb72502d6a6ac4475b1147d4ba2bfdb4e375114fa31245ab1929691d90ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127
x-xss-protection
0
expires
Sat, 24 Dec 2022 12:07:56 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=358926428&t=event&_s=1&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&el=v-yyzzbaby&_u=YEDAAUABCAAAACAAI~&jid=1715781282&gjid=272273350&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&_r=1&gtm=2oubu0&z=1066738917
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=timing&_s=2&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_allowed_url.php&utl=v-yyzzbaby&utt=55&_u=YEDAAUABCAAAACAAI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=1393199119
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33901
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=timing&_s=3&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.min.js&utl=v-yyzzbaby&utt=88&_u=YEDAAUABCAAAACAAI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=964869440
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33901
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=timing&_s=4&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_ima3.js&utl=v-yyzzbaby&utt=286&_u=YEDAAUABCAAAACAAI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=1282531605
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33901
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=pageview&_s=5&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABCAAAACAAI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=1508549269
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33901
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=event&_s=6&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=v-yyzzbaby&_u=YEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=1140785639
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33901
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.yyzzbaby.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.yyzzbaby.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
112 KB
41 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2455065715707127&correlator=2561366522263018&eid=31070872%2C31071222&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=26001828%3A22773855754%2Cz1_dfp_ron_display_companion_b_pre&enc_prev_ius=%2F0%2F1&prev_iu_szs=234x60%7C300x50%7C300x60%7C300x75%7C320x50%7C400x20%7C450x50%7C468x60%7C728x90%7C320x100%7C300x100%7C970x90&ifi=1&adks=847536670&didk=1850812150&sfv=1-0-40&prev_scp=site%3Dyyzzbaby.com&eri=5&cust_params=url%3D%252F%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1671883677069&dlt=1671883676061&idt=978&adxs=120&adys=345&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.yyzzbaby.com%2F&frm=20&vis=1&psz=1360x234&msz=1360x0&fws=0&ohw=0&ga_vid=285876916.1671883677&ga_sid=1671883677&ga_hid=358926428&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
217bf8dfd4bc7f055e294046da98d137fcf0651b36e1b6e88469080b186b8876
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvRuYWckvwCFaEb4AodnT0Gtw&gqi=&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvRuYWckvwCFaEb4AodnT0Gtw&gqi=&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html
date
Sat, 24 Dec 2022 12:07:57 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42197
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3EC8
6 KB
3 KB
Document
General
Full URL
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:57 GMT
expires
Sun, 24 Dec 2023 12:07:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
40 KB
18 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2455065715707127&correlator=1889913127272053&eid=31070872%2C31071222&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=21622890900%3A22823849970%2CSG_yyzzbaby.com_res_article_mid4_300x250%2C336x280%2C970x90%2C728x90&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=728x90%7C970x90&ifi=2&adks=805028667&didk=2825456941&sfv=1-0-40&eri=5&cust_params=url%3D%252F%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1671883677235&dlt=1671883676061&idt=978&adxs=120&adys=6176&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.yyzzbaby.com%2F&frm=20&vis=1&psz=1360x0&msz=728x0&fws=128&ohw=0&ga_vid=285876916.1671883677&ga_sid=1671883677&ga_hid=358926428&ga_fc=true&cbidsp=CuMBCAESDgoIYXBwbmV4dXMQXiACEg4KB3ZpZG9vbXkQhAEgAhIQCgp0cmlwbGVsaWZ0EGkgAhIPCghtZWRpYW5ldBCLAiACEg0KBmNyaXRlbxCZBCACEg8KCHB1Ym1hdGljEIYBIAISFAoNc21hcnRhZHNlcnZlchCpASACEhQKDXNtYXJ0YWRzZXJ2ZXIQqQEgAhINCgZzbWFhdG8QgAEgAhIOCgdydWJpY29uEIUCIAIYAiIkZjNjZTgzYjktMGQ3Yy00YzM4LThlYzgtM2I4YTE3YjRlYTU4KgQIAyAASgBA0A8.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eb488082a08298e66073f680152a04417fdf118c67745c389223142c889a4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
211995
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17912
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
314490
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
38 KB
17 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2455065715707127&correlator=1889913127272053&eid=31070872%2C31071222&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=21622890900%3A22823849970%2CSG_yyzzbaby.com_res_article_mid3_300x250%2C336x280%2C970x90%2C728x90&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=728x90%7C970x90&ifi=3&adks=3364490071&didk=2825456940&sfv=1-0-40&eri=5&cust_params=url%3D%252F%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1671883677239&dlt=1671883676061&idt=978&adxs=120&adys=4282&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.yyzzbaby.com%2F&frm=20&vis=1&psz=1360x0&msz=728x0&fws=128&ohw=0&ga_vid=285876916.1671883677&ga_sid=1671883677&ga_hid=358926428&ga_fc=true&cbidsp=CuMBCAESDgoIYXBwbmV4dXMQXiACEg4KB3ZpZG9vbXkQhAEgAhIQCgp0cmlwbGVsaWZ0EGkgAhIPCghtZWRpYW5ldBCLAiACEg0KBmNyaXRlbxCZBCACEg8KCHB1Ym1hdGljEIYBIAISFAoNc21hcnRhZHNlcnZlchCpASACEhQKDXNtYXJ0YWRzZXJ2ZXIQqQEgAhINCgZzbWFhdG8QgAEgAhIOCgdydWJpY29uEIUCIAIYAiIkZWNlMDc5MGItMDQ5OC00MWQ4LWE5YTItZTUxM2Q2MTUyNGNmKgQIAyAASgBA0A8.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2755f8fb12b0fe84bcdffde2932bb003db9271cccdc97d2b63ba7bc0bac4fb02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
213202
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17268
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
327881
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
41 KB
18 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2455065715707127&correlator=1889913127272053&eid=31070872%2C31071222&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=21622890900%3A22823849970%2CSG_yyzzbaby.com_res_article_mid1_300x250%2C336x280%2C970x90%2C728x90&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=728x90%7C970x90%7C1x1&ifi=4&adks=1444487322&didk=2825456943&sfv=1-0-40&eri=5&cust_params=url%3D%252F%26ref%3Dnull&sc=1&cookie_enabled=1&abxe=1&dt=1671883677241&dlt=1671883676061&idt=978&adxs=120&adys=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.yyzzbaby.com%2F&frm=20&vis=1&psz=1360x0&msz=728x0&fws=128&ohw=0&ga_vid=285876916.1671883677&ga_sid=1671883677&ga_hid=358926428&ga_fc=true&cbidsp=CvEBCAESDgoIYXBwbmV4dXMQXiACEg4KB3ZpZG9vbXkQhAEgAhIQCgp0cmlwbGVsaWZ0EGkgAhIMCgV0ZWFkcxC-ASACEg8KCG1lZGlhbmV0EIsCIAISDQoGY3JpdGVvEJkEIAISDwoIcHVibWF0aWMQhgEgAhIUCg1zbWFydGFkc2VydmVyEKkBIAISFAoNc21hcnRhZHNlcnZlchCpASACEg0KBnNtYWF0bxCAASACEg4KB3J1Ymljb24QhQIgAhgCIiQ0MGM4ZWQyOS1lNmEyLTRkYjktOGZkOS1lZGViOTM0NjFkNDgqBAgDIABKAEDQDw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b409d34b98cd33d26f4cab9115bb8cd21b7a299c6818156160e7782781e99f7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
213196
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18670
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
321289
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe_api
www.youtube.com/
992 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4db351e7b79f5ed215ba61fae34b3eebc733da305e877826b17fc2de3c90cd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 24 Dec 2022 12:07:57 GMT
p.js
reypelis.tv/
547 B
857 B
Script
General
Full URL
https://reypelis.tv/p.js
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3b4ab6b2ab006e1018912fcb7eb99f9afdb18598b71158be4751327e80a8a7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4814
cf-polished
origSize=635
content-encoding
br
cf-bgj
minify
last-modified
Sat, 24 Dec 2022 10:44:48 GMT
server
cloudflare
etag
W/"63a6d820-27b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOX2rlOOOS88U9O9hQ5JlxRbWFWawHcbKfzcG6tGi6waZpEYS5oXDTCOjWP9tDc93nft3h616J2j8nYVIIFTuyxHYzl4DZ1Cd0GMpNZd%2BupWzQPwBm7Z%2FxedSR1uZ3WXAzkVIVKCG0W4Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
77e93838ac9b9010-FRA
expires
Mon, 23 Jan 2023 10:47:43 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=timing&_s=7&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_vdo.player.js&utl=v-yyzzbaby&utt=630&_u=aEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=1784873742
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=timing&_s=8&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_rtb_v6.24.1.js&utl=v-yyzzbaby&utt=643&_u=aEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=23412034
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1648451910386241614604bf3.png
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/thumbnails/
61 KB
61 KB
Image
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/thumbnails/1648451910386241614604bf3.png
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash
c7c138da1fdc59bf23aa67ebdd07bbdee63b5febffff46ceeb908becfde514cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:57 GMT
Last-Modified
Mon, 28 Mar 2022 07:18:31 GMT
Server
nginx/1.20.1
ETag
"62416147-f2c1"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62145
Expires
Sun, 24 Dec 2023 12:07:57 GMT
1648451910386241614604bf3.m3u8
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.m3u8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://www.yyzzbaby.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Sat, 24 Dec 2022 12:07:57 GMT
Expires
Sun, 24 Dec 2023 12:07:57 GMT
Server
nginx/1.20.1
1648451910386241614604bf3.m3u8
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/
49 KB
8 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.m3u8
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash
ea30e5715d94e75c970f174ca4860f103557816e36fe83b24247343404582f27

Request headers

Referer
https://www.yyzzbaby.com/
vdoai
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Jul 2022 00:41:28 GMT
Server
nginx/1.20.1
ETag
W/"62e47e38-c308"
Transfer-Encoding
chunked
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Sun, 24 Dec 2023 12:07:58 GMT
container.html
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A192
6 KB
3 KB
Document
General
Full URL
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:57 GMT
expires
Sun, 24 Dec 2023 12:07:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
3c001efc-5fc6-446e-b2af-d7922adc14ec
https://www.yyzzbaby.com/
5 KB
0
Other
General
Full URL
blob:https://www.yyzzbaby.com/3c001efc-5fc6-446e-b2af-d7922adc14ec
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
5417
Content-Type
application/javascript
bd5e04c2-06c0-4167-b6ef-42ea8dd88adf
https://www.yyzzbaby.com/
75 KB
0
Other
General
Full URL
blob:https://www.yyzzbaby.com/bd5e04c2-06c0-4167-b6ef-42ea8dd88adf
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
77017
Content-Type
application/javascript
dd45a156-081d-44e1-822f-eb4431992636
https://www.yyzzbaby.com/
75 KB
0
Other
General
Full URL
blob:https://www.yyzzbaby.com/dd45a156-081d-44e1-822f-eb4431992636
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
77017
Content-Type
application/javascript
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 30FA
693 KB
222 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
500762
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 18 Dec 2022 17:01:55 GMT
expires
Mon, 18 Dec 2023 17:01:55 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Dec 2022 12:07:57 GMT
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:57 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
logo.svg
a.vdo.ai/core/assets/img/
1 KB
1 KB
Image
General
Full URL
https://a.vdo.ai/core/assets/img/logo.svg
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6803 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 02 Mar 2020 08:12:49 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0ZLTiKqk%2BXEwBeAge6ItjDatevZI%2FSDP6WPzWYAOFg7ZTXGVpFW9YMVz%2FERRk1KoshzUfYSQPcBKpdeMeLj5Wp32BsATz721imAPDPubWmp1wlDWEmmwc6m%2BQZP2QzHegk4deutyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-varnish
25802542 163846
cf-ray
77e93838e97e90c6-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
tag.min.js
inklinkor.com/
73 KB
25 KB
Script
General
Full URL
https://inklinkor.com/tag.min.js
Requested by
Host: reypelis.tv
URL: https://reypelis.tv/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d31d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c53bdf8ce054fec6b12a00b59590cbf4b16db24970dbb3fdb0664ea3d635885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2925
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trace-id
7465fb506b894b0a2e5133190676ed53
pragma
no-cache
last-modified
Fri, 16 Dec 2022 15:53:36 GMT
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTA0d60M%2FdNU9oON7jKQiFhEJbMkTF24kPGD8n91f01ehLFp%2BtSqPoK%2BHWDDrYdNRJuTRmkYbyXR7aEiWuslqfLHHdov2OPTvBfShCtq9cuMYmXI8I5X4sqMDyR%2FKB4Ut0RknsMIE6pxflwU"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
cf-ray
77e9383b1b9a9273-FRA
expires
Sun, 25 Dec 2022 11:19:12 GMT
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:57 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:57 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:57 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin
https://www.yyzzbaby.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:57 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=event&_s=9&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=v-yyzzbaby&_u=aEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=1764962439
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=event&_s=10&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=v-yyzzbaby&_u=aEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=1882976229
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=event&_s=11&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=v-yyzzbaby&_u=aEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=987410094
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33902
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/21149d65/www-widgetapi.vflset/
184 KB
62 KB
Script
General
Full URL
https://www.youtube.com/s/player/21149d65/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c8c4819f65dd12131d77a7b5d4a5ef6ab87a7385ed7aaaab68ebca112c0b1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:10:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
3421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63032
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 24 Dec 2023 11:10:56 GMT
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 17:26:25 GMT
content-encoding
gzip
age
1017692
x-guploader-uploadid
ADPycdvqYWr4XlcgogWQv1CUKqMPpl5vfnpXVcXgwGPC8Zdt9c3EaH1AN9TP9qap5Fs6TeD5UJ3zYNvH-rbYbZWiqGonRQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 12 Dec 2023 17:26:25 GMT
publishertag.ids.js
static.criteo.net/js/ld/
39 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 12:07:57 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12523
x-jsd-version
master
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUNlQsQH8xK%2BPw%2BLxHq%2BnLGnJ5hHm2ibLmVQBZii%2Bb3HV7zHurUoNMThAsdW79ZwBziOouOUYuUZQ0jL2iRn4H%2FfOJiUhqtDn01ISxt1IJ0EYB8hFsNeUAarvIJglyJL1JxQw7RTKTLu88EFGKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77e9383b1ab62bd3-FRA
esp.js
cdn.id5-sync.com/api/1.0/
58 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
YMFZEZYBJKEKRNPV
age
2411
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
77e9383b1bac694c-FRA
x-amz-id-2
rR7sHzWBBNucr3XhEuqI/nIptBfNR4Bk4gz/tZK0aI7ojtEYwwSH/6l9FgWTrmHoO3CAY8xfMq0=
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
32 KB
10 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:30:00 GMT
content-encoding
gzip
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
20278
x-amz-server-side-encryption
AES256
etag
W/"2c5f4a319c3d99310927955777b5abe3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
0SQVLhDWpuN2Qz6bgNNIGEoLmLJ8FVO4-OWb99PDXFZBhFthqR2WWA==
uid2SecureSignal.js
cdn.prod.uidapi.com/
2 KB
2 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:c600:a:e047:752:5701 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 00:57:25 GMT
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Last-Modified
Thu, 22 Dec 2022 00:57:19 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
40232
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
MwIG5rHtlauZyBA7PMEm5sO-kyi_4k9k1zbKliBtZ6RmHVSh29yupg==
container.html
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4ABF
6 KB
3 KB
Document
General
Full URL
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:57 GMT
expires
Sun, 24 Dec 2023 12:07:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=986396097&si=717591447bd95ee9eb6b80570e688fc0&v=1.3.0&lv=1&sn=20293&r=0&ww=1600&u=https%3A%2F%2Fwww.yyzzbaby.com%2F&tt=YYZZ%20Baby
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:57 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
container.html
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1E0B
6 KB
3 KB
Document
General
Full URL
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:57 GMT
expires
Sun, 24 Dec 2023 12:07:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
map
bcp.crwdcntrl.net/6/
60 B
336 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
98b6e4dd8a8673c207030be6e44d440b5794ae8da9c44c58c1cab8ef15e053c1

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
no-cache
x-server
10.45.2.123
access-control-allow-credentials
true
content-length
60
expires
0
/
bedrapiona.com/5/5615127/
0
439 B
XHR
General
Full URL
https://bedrapiona.com/5/5615127/?oo=1&js_build=iclick-v1.464.1
Requested by
Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 3FEE
20 KB
6 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47480
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4775
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 22:56:38 GMT
expires
Sat, 23 Dec 2023 22:56:38 GMT
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame A192
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cj7T_neumY6uPCKG3gAed-5i4C43tz4duocqT7L4QjqTeoKgwEAEg1ICqK2CV4pCCoAegAbKKwaoByAEJqQKJotPDl6yoPuACAKgDAcgDSKoEjgJP0PURYT7pWjd_F0vCNgHHMqs8fmC10XZmuuKzLVFB3dFEYZRXoPTG_g5vuPGyjOm2mGj4UWQCXQHayseleEtHmyL8THWazPjox2umYsSctfiSxbtsCi_5Nc5NfWyRPcDAFKJPiqTtyw5eKJFOkfbXWn9O5VsROGTV36FVmM3ioR0-NCq7cxGk2LCxdSHwEW1hj7AYjMjqAGM44zqfObbv9398tzS52B_QwVxlzI0iB5vkVdp78oMAPxUpN__umhZLA686LFXrSK0i7OXxbjLbDMpks7-L7R41sKP7BOjRV44YZZ2yN3n2sTwmX0WirANCXRK2-njmOJmjuiFTtvGWV8xbERx1k0q_NZsyBfDABNeFzKCiBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe29b7VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOCHIdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTcwOTQ2Nzc3OTgzOTk2MDYYxIsX&sigh=PZI2WiLfFwU&uach_m=[UACH]&cid=CAQSSwDq26N9YLBl0kR1Rb8knyYftDeWIwaQ6ndOziN6FGRBYjoR_sZv-3NSciuU8F-Q-rfXr1Gale6qL6ecsOkVFHQ2lxg5gB83-zu3fBgBIBM&template_id=419
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame A192
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
1337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 11:45:41 GMT
syncframe
gum.criteo.com/ Frame 4C40
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.yyzzbaby.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:57 GMT
server
Kestrel
server-processing-duration-in-ticks
956691
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adview
securepubads.g.doubleclick.net/pagead/ Frame 4ABF
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1oYzneumY5bQEpGdgQfqwbdQuJnzolzpte67-gLAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTA1ODI5MTg1NDQ0Mzg4McgBCeACAKgDAaoEvQJP0DX5DW_uHMH7diBmG4L0_PI8CY2LeaLsZTO872Cb1JTmIhrYRT5lwMCX114TU4yFPpKXlArz5NX9fnLHHxfMAIevUKCruZsOeCItbBuLpSRa2V-C7WOxRVsrEBc8TcInXyXVYriSGFGcn9YkL1vGjrzQ61-_0y3S9Rtw3xbUiGDY1DH_LNBaC69228DxdGadxXCjzArkumNNcKCgPEsRwwXDdeB7ocz8lVLymECwgyCdA4vQGFS9WL71JaM-p1nOIHb3RhqcyXeOtPpKfXmWRL1bcxa_QlX34hKgWOsmUVZptHvsFE74VOs6_MZsZoBecwNfYent1MmgTJGk6af1aDCC8gVJY9WZYjt3Srfn-pM9QvM3ylleT5dvzy1KWrSUowqKz0QAZ71bEwaaj3UMLwo03NcBPp2C0JlKeOAEAYAGuoC_ibzV2tgHoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=iy6bcQH442w&uach_m=[UACH]&cid=CAQSSwDq26N9sRGkwNlQUmxRe-LBiGfX9zBP5FUwZMqGcEJB3SmNmu6S8SxGcUluRTKqxyfsQc7hWgFM93VGxYYsaqQG9zUIkMxIlTzr3hgBIBM&tpd=AGWhJmvxbvwGvXBtp61Gs4XVb-_QCDj1KN-LtYqD-7Hc8vkTx5OFwKlRzzsuxY2Ecio1oMCnFjliIg7lg-03qoC-SRQ-xT3zG9MDmdJlXF2cGJx6yRStVq0YtkEFJa_ftyET3CjAFT8Pic8pQtrv0iK5_1CoXJb4czDcM0Q6e-QinurAInbDEtgJMOL5KnzbXjaZ9llYRZx-Pv5U05IJPCMUbtA5CI-vs58Y8qPUKUh7I3BxqZJoBYNy55JctepzdLR6mVqnOBqk2ARnNrS3Suz24AsQ5khat-3j2UMQ9D10mM7HKv7nl2wdfxd-OPrJg165wGLhvbxMYkZiOxoAQCCFsdIptFcneKX8bKQgeGH0_GSdFXyWZXgHqEApPq-tdgJHgRCxjMk2ZdG0fJSUQ-e2Yev2OOIo4asb8WkPSWH1He9GrFxn42-JcAv6Av-KIkN84Awv6ur1JbqaP_zKIzt_MzDgRUFSsTq76nHwg6HgmuIMRbn4yXXNUavCoVmODm9rYUyocqNEbI08kCLP-sLlxd4OGaDlJUa23KSM5vydhR9WNASczK4RSQcS8I7SbgRT8vlQ3vtgSvgfKWnk0pJtSv6g7QCuTIgOsm5DtFgMQ1W0iv_pOLBqJWTgE50QCBkzKEgxtKpweLBabUYEpbH3kngsAONtIBBQQ6tTDe1--vGKwBMUmXYxxtXEkFatm3Oc2HpzBb-_eOKGxiJNa2LSXfDze0KbEvGCt_F6ziOhOKDdVL6IxaN6vdn0TNirckKmF6sqQDiFXJ9JY4YhT9yzQNfgXA7309LYB-5A8asWe8ZBddzfEwzsEkOWDb2FkvznU45OBWkNGI4z_sa_a0fXM8s9nDHtcmBvNFMy9y0reJY7nyYuxet9jcjZCjPoaCNnu6UB2Schz6ucbz1F1G4XAyeyuRxKIp48nYehdZGsiPwZIYuN7kTHHeeLU72fQ7NIMiH0vlksBhr0D2uYOTtU2RGA852f4AgF1-coHcdq4B8YZFSF4xS-_AMv2oBmx6XnopBc84jJmzm1WUt8a1eplI5X9Agdlx10CQK-C64FNKUAgIeR0woPY_8nc9rB5i6np3uK4ahLRr50wtQ6dU8irW9HIjlP-QvE0W4wfu_zNFp0cymSMG1urAxTWuiFQOnByzGrbRZV0iNU8ghJF0htUNiodonSgFG5slvFRD1GMGVHhobZ4sqzY4BjqhiSePbWNqSBOWwcYCcy23CpRdicsGsXgHXa7qs0Cq3_MfB444_z8a3ZOQUrnoUSQuudQ70_hPjzUOr_SB794vvpoXpGJH8Ypa6okS79cJXpEBXOeOsP7RzTFs2VUbL6yowKidKbqXH77IP4opBJVBt9L-keFKJxDeZqbs3e1z38MXHqDI8a8rc8VpluK4zv3JNxeiN3tYPpN9JycYQCsUxSBEOxKR3CTKoj2VIlx2qObzqO2Gu6GQuzu7qEloVpd8r6dpa8HRWEHCLZgDKepWkGo8U0kAfPVT4baBnJ_af1y52_t5qgpkFQAd0ejh4g8_GqtCWnYCwE95JDQHw10NEsvsemGjPgAU8A9nfwve6ZlLmL7ylCC3eL9rmpLuJJyEeEftbBOSpOag
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame C971
261 B
800 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNWfi4IKCxK1YKT0Ud31dxjMved-EuXNNbb-4oO63TAa7K8xIcfVLr_yWFAVDZ1h-WFpBtsCfepdjuA_QT94TEiCSSl_AeHh5BGfj4Po-6hM9KEMWv_HiV6tFIgn89QXILkj6CvKZwlzifCohXYWuu22cwcFDkxDTFIgeoXc_AACoiCGlx--8ylBzita7N8r58m_UVfk
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:58 GMT
expires
Sat, 24 Dec 2022 12:07:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4ABF
17 KB
12 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9nOEoMWT9ZnwqC5G7uD_dQURrBkHmu5VUeAjVtLsN5i9TSTbvgnUp3gAZ-kyHM3MTcQ2hraq9OAMvQxe5GFXZgE1Op0KXNDidGT85msbOfrreEdfAlRACZTj1STEqsxv-NJIkhdbmtaQ4ccK6P2yL8kIFAm63ScQ6JIRUh5RPNcRIkIU&cry=1&dbm_d=AKAmf-BZwIQK9H3tq0luQkdF1DeRH4WuC29FbdlkJDkD56PJMyS0EwbI1SEtZpz9CRXF_t3o3tg05xlnE-mFwSlSN--WYPX3QTRLWWFKVQyJjqWOqDFdWe4rGhS1HRfrogXvWYoHaOBWyUIX-eBX3sq9KjJiMGXLS6nE-XzHatE-cEUtwf19HN9Rs16X2wVaR8-jUMa97x5V7FDEKoMfqFleWFCdrczhbr0Mt4fhPAk9_on-kSbcF9C12LdN35Uk7tJFQDDioN9T673Nu7c6j3DKoyMFLQ4VokwH9LVnGCAt4uE-32-uwgKfbu48zs3IS2Qjy_yC-29pR8y3JrzKMcSy-PC_DkTM1Of0GI4VXrOzx6r5ki0N2qUNfN4PhM4GaUWawLq5Ir-rkpxC6SCQWpHANsXWadwbkuoJREn3hJPL8so06asF_MHpaJmCWkjAmGmk58x4bdJAaC2fTVdyNpf4SBmqIf7ON4V-WpwsgeTPXZ-6bofv2-NI8y100KXFztsS0HOEtkcbz6_ygJQHP5EuT7Umt8t9oNaIeH6FJULnh3uLRVxrIQcrAFqrsSWXeVUC8CNxRhHMLtUhf_Z5lAw62DZqfMStkW_oMCo4SoYHpVeXExN4dJNO5iZt87emPLOaEpQJZO-bAyAPC45om1h-1emnWP8dhBtncBxuNv6vFTevzZkOjsYDehc8aownqBHeQjRQrIB0AlthxnVlsYSE7PUuZ2mjykLMKH6qLSLWNcnQrb8NMgHtfTLdY8vedxjBrCtVF4FSk1Yd9PBM3TD7cLzXEQNgYlx4lYDaUdzzXzRO1qEvoLOuqWIxXA-sjzYPQPBnr_BPoEgbtxXWdC7RafMM_BNiPIiZT869uRb20JonCJnqBZ3oaeV7XPXTvAlX_HWgEXy5pP-ujcoztTizxvIkvqP106AMj-VjCtcVXsozVMKxKRQA6vtjIOwLv6G4b9s8stJoswVdJyD8B3ZNGOytvaEKW6t3iyIAEqdj7A6X1EOI9CYR4knlV7RYKgh2bIhhGw46HeI56TXADwem8TOQa9RwCBVCTWYbbgXiumW-s0DBYQvGMARTX_J3qBHg0dYD24kHGYoMp8gkCdjJ4d6N_gQjhIWZPfTIYrMTLmMJWj78IcjI1YU-HNkz3yt9k-cCpeBWiVt4-V5I2dXfJsf0z_ycsppjLRzAAUx3bInAwBi6xOiY2Z8D-xtY2fO9QP9DrS5Y5O7y8RvBh1osn2Q-2aVYV88OLbTR8n7mVMmTzupcJ-7-nB9v2SFwNcO9glARXNxQwAk7K4aKZnpy9dz2p2hUcbGtOY8VrD6-hGlWoUczsWBK7pVPFL5N_ZZN7Yhi_HfchfWisgr23vGRkGmBL0cnOTGOvKSFCev6Db55qROs7Daa2aqinGBddXmcAegj54OiNa_bvUv2wQMHFW_7KXNdRXtNEL5ApTIxPaLzay2T9149MUgVbBWFhB5U5bjfWj_fcM7MEsEAfG3UTqm_WSR-RndvrOnqeSPJApN22Q-j1_Ip07a0D5Pm3gy_G-EkE5D5PDv3N9I8DefC-9KMYMighM5-4atca_J7fOuAwCCIWCF9LGwN1xzVvpXylyQaU2l_LimaoSB_JGmly5FJnhD-RglNVGq9N0jqhkgR-6G1uo4gqkDtApYAzTPCj5itKFp5QzZEfTZeC-1L2_XZP0DEpVZKZd7_k8YqPpC0_G3_C2zunZ5GDZmMFAicYpi4uBlrLFoJD9fdtu_v77BuoLpRt9Ss-sQjZYvDeWTCyHr-_Hwinzs1fl98mUOeNOtVdB_WFWmekZIDBxZrM-p6jB7gXXLC7dOvUlVhhM3iWfUnjMpZ-lRw4QJPFJigpUAuehBW3xaGdkf8JDFIb6INUb95P0ry2Hka5IMOfr1WV8Vv0pZKk9iaul5QOCpGnDI62P_O7RwSGgQHoP_2tY5Lt4G9qEAzCfTlzRxPSjPpAdFn6wuzPXbh4DXxis14rD6n2R-IYFuhtW-bM68C989IqyNutceqKmYUEHp_rNTa83ElT72vNpo_fjeOpkszK9PNptdkJMq1MxTVZEeDZWvfzv2_UfEc2BJsAqSoN_5NZAtPFRbn549O8an_CGAY__dIGsP1LEjCTzkzYNQQOVWDl0eSBFSCGpI0xIH540GLjQOLvwrUVzPk6ij4himc7GKU6QKNz9-GFnWdfOAFZOZSzLLuh9whtADQOE36NVc9Z56UamdAekaaV6BlROnIJApibo8Cy6niHtOW2uJfOCpiNASMJMPTKdNQmm4Q1L6uRmxQgEQhLTTF_kDHIhAjHYvjqKrRNTXndAhN5AEOTbrcuVfVv3x2f3VxP03EAdqMFzqsyF3SM7AtoqixtibEoCpQzhJqzAbrlUC7fA7CrWgwwXi23G0ztC-6_ZxIY0EU9QKn7qrxkI07fexvs-ikDQZ7BwFHKnsSZucvCNe_s6bc3YW1sLiDNSTrhQy7PauVPSSzxyQUwO-hDIk8JrtyFvFArLyUAyUD70a8_vy-UkpfNb4dN95Bgsh7xhSFafLKj82pjmqIIJJRzZYq6BCDSAEGGQlp8lw2OFDHbJoMwpsnh2jRnUFdB3FBI9xNay1Yy1thl5kc4F1B8dV-u3X0vnyfFt9jf3m0K6WP40HAQEtu89U39VlZwggXnoqvBN1FG7zmWAcwFyYt0Y9hiyJgjKFihJ0ziBGqQkM2apgYGkb9pBj01AxT-BJwQJAV5eZqng7aFu-zlusJuHxbX53YxLcQDhAktieRevBQYep2rskZIg6nY7WzyIoKIYFJ9SobQWUsYuFkE1jvvzpisdm7nzKukFtuPoBKm7vZpmW79zchQjAMiiwyvluTEfSC0L5PeJbHJO5kIGaMakKzIQaI-khZKHFTWgGvi8vk57GmNZ5uYVbftti-Z3SMYa_DZNJQld_8nh3_6ygNHtbr4hR-y36SJQpCHkVefOxjuGhEbb96awkyvIBYYiKpSV9s_z4oG42Pe4ZWUqDERL-v3UVBH-swrsx8UE1Z4_UGJ3Aqsy-c8xMvvVrTMdsKXu5emgRqAxFFE5EQy9LRAoonkfxZffwPD-Lk3t9tVy1L_pJ8R2XHqjFUS5o7KOAfcUvaMJP9eE3wfNARodadQ26PpKyyCyWZQ-g93Fplp6GJ9CcC8JgBc-UBFvJ3R3Fat6K1p1LK_AId0wPObA_efpwPbR2cE9MXl4fV95cAfTEqRME9wDGOMmNpG1oMgteXfFB8L9U6U4uzliLWl-MvJZ4o6ChGQgacRP-3P8oJHqzyaH7FBKIUJoqgrtP7AZeMqXNOKI1_d7cHZEVSf9802LS28zJ4v6_1dbaX8cBRCO9KmEtkUjEt1FJHqSu6PhfLYGy5DzQmGaCuZ75mIyT3uss2-nu6g4E5BuotsNfAiHt3uljABOzXtxeHsKcCmlzWxZMFbIvCdRJmrxyiUpKACW410tY-gdoQcnei0fMSq7_dVxO9pc228fi8HxA6k3o4Fw8uPHmIKBvbJ98cW52ZMAHMEn1K66PGfvZUHkrlIL7Bwxh63k8b6bL1r_5fBftSYHCVZXR6d504Uew&pr=6:0.426299&cid=CAQSGwDq26N90PkNF97FcfJ6CjVk_SIkaoY56TswqhgBIAo&rfl=1%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17acb3e35c480f440a8da6988c21f764d28514ec8854cb0d15761aa732c032a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12222
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4ABF
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DeLt95HUF438uKm4QOiNIeswyzbhBC-QBLJmaBtCXnojms76HupfYxVgeml6MwJFMvQkvzPaHG8zTpNYm9JTwXvOyrKgXGiP9l5TfdjHkAYkuDhQE
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4ABF
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:58:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
79755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:58:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4ABF
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
1336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 11:45:42 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4ABF
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
186462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 08:20:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4ABF
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 12:07:58 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1E0B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUchQneumY9-pI6Oyx_AP87yUsAmeoaGuXKH56P6fA8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgS_Ak_QO1I4_mwwNJO2-yiyaDxZ0jDJdrFyoePxZ4hw2Xy37uws_145hYWzFlbC7bbp5g51-7cVhW1BjvBy7TXUo3dfx8jR1b8etcCHCU6ltHa_3ZF3hf0k8nVjVbHVlGVm3j8WylqetHRyCZ7MnZCUqFxQHx4WcnY1ri6jPKx_-wJoHRsSCOa6CDLIe1F2uqk6poivNRCscZJmHiDBFXdJUctN8CnSQr9r2n_RjMWr_LFPBqcl1cM1icE96_ndfHpOxbJyCVedclIWYL7Rzu7AyG8shAvY4GX4dtgYNiX7HOVRH5xHqHLM8iDFiMYYtwsU8ls_ql0JFC2nExm8a3fIEoUzkRhxdGz6e-cOuUEW6xU-0zEwuTDfZO8nnCypsL9lYnMmjDKyo7JIYDopx-XbhkuWehDNzdGISQHt8IYyf_zgBAGABo2U-PC826_yOaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=fjr4czam4UY&uach_m=[UACH]&cid=CAQSSwDq26N9-L69xxG7g8-AVzc0W1ZqFBKInyMJSCWlHnQW9cBv_Vi4H88fR0Dq55AEAV8LbWx8ili3cuo1DdASRQmfRPTbGwdCRNPsaxgBIBM
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame F251
261 B
385 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNW6geXJXGwwisV4oLqQkyMzqe4vE7E__FOQELdXbsH402rBgE5S6e8EZ-aL9-9siPCdimlpSbt307oci4vMBSWjt_HHhEvtZPvG5WGcHSL5awtggqhA6kd4da91SippL_TsnJka0XdDoS5bQBWeP06wTgHRw0XsIAFf0w7Ww2dmFF-uPOs
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:58 GMT
expires
Sat, 24 Dec 2022 12:07:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1E0B
17 KB
12 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5b6S_F0iigkQvf04CWegmuD0lubOhGNAHmMK75qVAOXsciy5GuckLYyEldY8OHlViuuZhkyNuUV-b9Yg7HbV09mWHFnHwfe-glOcAFqhqTCkgjGxwZP3vjBVivRWo1fZ0N0ABpJ5Yd3zR--EQ9xtKQGo9yFoZkLUB1YuwAtD4DVI9aGs&cry=1&dbm_d=AKAmf-BTljyhHUxN95hVk4Yu7Hk_6mjb4sznCXSAUFnRadU7veHtwj2GeJN2oNnCLwJQzYJK03peoDzHA6qa40wlovD0KRHVxrLafAME3sGTkE8W2qcW8n4h_4BSLCLjot3JAWrhbq8FVj3--mm6RwHLOzbOWfKVBPgXwr8mCCsMajH_CbLVFnDkl_OLTw0EnA4Rvv8knXlUKNQmjLnIrY81PvCbGVafcjuXFDxj3_BYeOgkAFRgWAoCFBRyG5TKeYUD88hs6c72CDLXBF2rhPqMXxu6Xzk9j6SL_0W79yQqzZ4DkbMp_0MDWh1rvCoxA-DjDlHANm3lCjt-Lbec8fGhTwsmOktlzBiyH6aIgrmj9Pl2Qb90ry20Uyfm1E2JPXFC83H5eh7lJYy79iOgZQLmEsIWa0dHHvoyq9EN0MO0wGU0tq4aQ5tF2Nox7dRGrdZ7E7pD2-QZFvpp604WhAA6AQFw9ZDmyN6r3xMNwLhcJE-COVr1U5f3ghtRLPd4-7F1le3v-QGL7wZx5Pp80g0hryeLiPvF81DHTnsU9-kmGxpAyGXqjO4GPZZk9lZMlbJ-gBIDgMIJ0puJNyNtoBzJtDI-T2YQkU9-YTKyp8CJECGVoi2tYOOR9d9flF9jMGCj9yUzjErJ6qZhawskDj2sPM84Idnhtt_0YvB5RyQeQwnjZ78CTxXti9waQwKYmdiDCO9uh5fbZDHyatDjSC_VEw5hzk2KsB3NNJUGePIDI8FOfiTRxwq2Y-3G3PTHPOCbfBsTfgDDYXY4SeegL9TVgxDp9IYA5wdI-Z8lkd4Ecsb_bEQMiDMtLlptSfTkumGt4cRVCrNBF59b1sOvwqHnf744OY7N6WjTQGEfDZJYyWFwWb9rK2zGUEtPjkq5VIhrSivvQNUbm8CpYoZL4iR_Qtnt9iBZEHgp10Is-t09Ji_XhIj1LiGZQcs-GbdTj0tCe0MKLvL0bhkNkarGg87PAtp9WUCJozkxDZTQkmx_buzglMwfILksQ1xopcX9MAgLf-1oShNTIxCHKVr8FpzuSZUs7Jm6d54znHzkUWZ_ZiKX5WrSmkD8-Ayd44YKrshA_ir-mHCcUoHK7ZJmVSgCSsrQShGJrrRjYK-epmk7LfmPGudX20IOgHZX0GTU__h6fYnTTl96qlVMw1UUmh_J9Ev4-ZX221Z1eneJawCr5RKBvNBj7-6KPFzWJkuRQaIdl3mF6S1a8cff2RsRS5TNBXKMGu2fCZtx8JfHv0CVzJA8p5ykwL3rodmDDXQER0NJQt2y3psh18FO3rBSPUBAOAwRgowEdsMNzl43_9aw4ZX_ZlCTFqpkW3Y4Y15gxn_4YlOQk6Tdlyoh4CDRP764Ao4mvcHbaslGuwmf5TMsqM4jntQCqy4ldS5onvixIN5Y3rJYRf5J5wMyVkp2MugdR9WX_vHDhrN2MTw-mO_RFMbGnwhFAIsjAFiLwnpWz42MvKcYfHtIk1dKhQRbn4kwRy5DLUABIxlEQyxJ_zXJT-5vp2J15u2h_cAv31uxO12wAvwAPIunrngxl34_e7mEw94JzNHcGVVYXGyuzQAq6UmTuqdECbAEAUeb6_rV5_9t-3LRsz1-aH8hx84HT4tMnDDYcOujyJk0q1JasEBGMpinz6sYX_J0Lv7nHcpZWtRjs1nPZ9567EEXTpZAgC2BRN-JKyvLzh-axPMCjipbY-ogMvGtPqmLe9YhO4G5STkhNVEORoRb2vWmGRR_PfXRuOAMVs01ezSg4edtyQaFSai2__oWjtIbA4PFid0gvakwYGIJVULCNUj3xAfhuuncT1yVD-DL5s9WSunPqVGHTtvmJfh7IAIqI_SMO86dPY1bqYGA08dzVkzn-juXbCdVI6mCyGrZZ8i4c6B6yjddlpaD5Y6M4vx-DcnWlI2fWwESDK73Gg3QLocFR2d74-emxkj4lvzV08SELlyRqZXyshupBNr-J2m1onQhyS4tz7jjQpi8WO3ZYKQLspQkoDnsPHTYwu8pfduMot92A_0sjaRHtoGrAFs7Hexxn1ap3z2ruP4rIHhQLZEFmp04VR-DGhXVF4vfRrfQwpa612nCUgwMKAnOF_rmS7wGFKX4ptNDgaSD7lPrUkjknAyLzpKCugeKQCS6y9Qm0ODGtb11dB2rLYDj2FrMP-Q9Lg0RdWdOu2WrFaYuDgZ9pgsDHALRZui8qstM-xR1eHRt_JYq99Coc_mVIxpUy_kiFdbJKbMovZaUQWWKVydq2QqgHiF2wep0sd9FF3ALwtp5C9965S_j6ZjfL3g_RG5Ov_sK-1pYYcWTIrT81bqBFtfEkzEr3wROjkuIc8Ls0M6tXTyE6gEQh6HXTjQVkr_FtyMYl16tSweCtfEMQe4QFPIu63bDRpSfKFi-ZnnohDAiUZVQoi80GmTel2dFL2fQVzSSFAlvsLRZDsI6HD-LBcMRU-KmXwhM4accbMeDTEmVwQeXyiCof8So6lYNtNQHYJxlVRpuWFHXXT3tR3SV9TSbtqlmpWg_zfRypojjtDbfYa-49eiBClkfwj-qu-o4czCaz1i-9BhI_XfL9i8hiwbYDXNcv2XO0Gll6IDDA2VOrN6Bep7AXYgoCKtxkRNxVth-ocm6NjaRoBCqoKSZfoGe8pLwf-OCKVtEJiXxg1R6aeQPJXPcnoYCb-EZs-jZnHIiMqe8kqXbixzx7qLHrvcf8g6gCRgXjh-rFPeyrRHAsAZnmnssJdtxLjrZcRtevEBeBJ4d_fC9xEeBdgLJTDLqSYTiDpyRLT4louJ8UKw3J9HWmmX4Rdg5y0PdINRsaKtFjAHYMkLjFbMOBZ-jyHm5mremYG1qazz_OhJQiOxsQvnMGifkEMi_KE4NHSuAM0WVj0pW00h8GSslKwVQEylHLujtAC_cP8lIMhgo2rHY4E55RvT-P2FDRxW_lRAfCupFf35gFWcZ95aHPoDsP6AQeAxto3n839Eta3pVIsrEWN2cu-hpjcIDjv_MvfQtVEHyw0GFdk93Bh-3ERSzejk02P5ej-VJJhhfcSsJPtAkMpqkZZxmCVgFcNuVjmFQUMc1UU2Ju0py_9kc55Tuimq1_xqzJLn9Cga1XA1MyYy33ydcwWs7EfeQxq64zMxXtmJ1m7AA4iXYza4TnAvfwiZt2O68Dst3n8raDWnH0oDzC0xCYdpPi9TlbLirIQCsf8IA-uXa3W-ZRFyvmDDRkkM1HZeqXvPHC5pgNrUIEvg4mo4zgsz6DTGcwkJrWjbHXNoRpAOSIT2Hx9Vl5sSblcLNtaYGprYI1pFy_ZgBqxkQyMgEXpCiL_ZjFD9vPpzdirZoYl9pXu-BMj1nMO3U6xvIMzPB-DZL05OoQTBfFhCS94MmcjikdXBud-G-W-hjzfcGB-euI5fv6drZqNTwMscWsOeU4dVS-umPkSqS18PN68hxj3Say1B6UuFQfoKwJ3iF0ENivzuqwxUc77AGyEOGIWdUBogg5WbX3Qhw_YawSs6GI5sn1k3POkVpTM8VdEpyvustSd1TjphjPKnSh5H88f90LocZbF_B-bQtpOYjKwObbmNbBFI_CAuVwy_6rtrIRvLdoTcDVnti&pr=13:Y6brnQAAAADNuAmF6qpDhPL3p0qJED2vJz1u7g&cid=CAQSGwDq26N9I0-lRg4NXZ_jqIVX2ZxRroCrwbCbxBgBIAo&rfl=1%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e86a38c11354c3dd3366b7736d6acd5e66fe77bfa57be6272514215ed96763b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12135
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
a4338.casalemedia.com/impression/ Frame 1E0B
43 B
303 B
Image
General
Full URL
https://a4338.casalemedia.com/impression/v1?bidID=b1af1612-806e-4e1f-8d93-1649235463e9&traceID=cejen79oeout2mdufs6g&dspID=85&userID=&cmpro=0&deviceType=2&expiryTime=1671884277&ap=Y6brnQAI1N8IEdkjAAUecwpfy0KI89FNe7EodA&siteID=341462&creativeID=216ed31&pubID=189149&format=banner&channel=site
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.63.50 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E0B
42 B
494 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSh496116B1jArCkHQckK6KyDG0_xK19gnfHLWZ1AmHIzw7F1gKPsuaeQHDIK6uHNAa93LkMVE660ZsUBoeqn_25YLEAWYH_zqUQrO4GD76biNMFo
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1E0B
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:58:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
79755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:58:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1E0B
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
1336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 11:45:42 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1E0B
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
186462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 08:20:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E0B
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 12:07:58 GMT
increment
id5-sync.com/api/esp/
0
325 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.yyzzbaby.com
date
Sat, 24 Dec 2022 12:07:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
container.html
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4189
6 KB
3 KB
Document
General
Full URL
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:57 GMT
expires
Sun, 24 Dec 2023 12:07:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.yyzzbaby.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.yyzzbaby.com%2F&rid=esp&cc=1
85 B
103 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.yyzzbaby.com%2F&rid=esp&cc=1
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
f83b8d317eb315f598ede73d8ea5919666d323942f6bbcd0d1ece63bbd899363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-yFVFu4FuJ6Y2hsVinF3Vf1FvhE4"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.yyzzbaby.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 24 Dec 2022 12:07:58 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.yyzzbaby.com
location
/esp?url=https%3A%2F%2Fwww.yyzzbaby.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sid
mug.criteo.com/ Frame 4C40
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=yyzzbaby.com&sn=ChromeSyncframe&so=0&topUrl=www.yyzzbaby.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=xH0hJ3x0M1dGekF6SVdrQ0FZWWg0OWJpenk1MDFGQzh3b1NCemVzeDZ4Q1FDOTVzRm9ITTZPbDFOTGNtRk9sSHpFbDNTZlZDa2pORGRXeld4WTlBaEhuNkpaTDM5eFQ1c2U0OW9oRTFGWEszaUVMZzBZQnBkRFFTRmdqWV...
425 B
650 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=xH0hJ3x0M1dGekF6SVdrQ0FZWWg0OWJpenk1MDFGQzh3b1NCemVzeDZ4Q1FDOTVzRm9ITTZPbDFOTGNtRk9sSHpFbDNTZlZDa2pORGRXeld4WTlBaEhuNkpaTDM5eFQ1c2U0OW9oRTFGWEszaUVMZzBZQnBkRFFTRmdqWVU2aERxVzFyTW5idmQ4Y1NPbEkrS24wT1VBN3BNSEx5eVR6YWw0TkQ3dTZxWExwU3MvZ3dFUkIxWlExNkN4NU4rVEN0aCtKS3ljU3FzTVk1eUR0S2NnVjQzSFA0TFAwc2JFMUZadDVyd3FKSnYxWnpQZ29LeTA5cERNMnAyV2xCRXowQWpLZ2NPZTM1ODVwY1dwSGRPU0N1OGNRdXMyZz09fA&cppv=2
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
99bba4a59cda8325295ef7b7c6d963654b38a4ae035bfeba1db07410d0085773
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:57 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2832690
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=xH0hJ3x0M1dGekF6SVdrQ0FZWWg0OWJpenk1MDFGQzh3b1NCemVzeDZ4Q1FDOTVzRm9ITTZPbDFOTGNtRk9sSHpFbDNTZlZDa2pORGRXeld4WTlBaEhuNkpaTDM5eFQ1c2U0OW9oRTFGWEszaUVMZzBZQnBkRFFTRmdqWVU2aERxVzFyTW5idmQ4Y1NPbEkrS24wT1VBN3BNSEx5eVR6YWw0TkQ3dTZxWExwU3MvZ3dFUkIxWlExNkN4NU4rVEN0aCtKS3ljU3FzTVk1eUR0S2NnVjQzSFA0TFAwc2JFMUZadDVyd3FKSnYxWnpQZ29LeTA5cERNMnAyV2xCRXowQWpLZ2NPZTM1ODVwY1dwSGRPU0N1OGNRdXMyZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
462946
content-length
0
expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 4189
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CM6auneumY9ydL9Cwx_AP05eHoAHukrWTXL-ihcfkBcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgS-Ak_QvT-_bQ6wReGI8uVBc6ZwvYha9EJmMAGVimkIPo8l_E_WHsBjpZ5nUjU-AUr1PQTA_X-L_-dr_kzu5kPUMzR3RKHaZmMDRbHHoIg1DlfNI7irn0IGQGFFdJaWk0BOzkGo4qEuEtisVOHPQZd1A3kvPWojf4Ybg4S9kPFZSVzBz2Y4Jlt-j8Zd1hLoQGXBh3dAluVdwg7cyfOb_2bGdU-7ZA2I6mFGPdIyY3tkA-ulGozSqPRRynlqEqpmCmtUebflj23obTTdM8hJNUrrdYKZGhPWk5bTApK3PrpgogoJreEON1mon353hXvmL1LkkeliO0qm8EBUVdhqzzZq2K0Iq8NvQd5YTSsRah2Dwahe02i3WyN6RwR3fXc1FsHwr4Z3uLHJ6p7d0QI6ESrbonVsDFVDqYp1V9mTJ81nqOAEAYAG0OXZlJmt5ajZAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=AQsi-QjVSkI&uach_m=[UACH]&cid=CAQSSwDq26N9kQDZZ97GNZEUPFq5W-Da7d3dPYXltqrJvMFwN8etMs6Wj2OMtmywL9ugyHTDK1NtMhm33fsYDgRFfg-6rQLJEIPo7zm-TBgBIBM
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ttj
ib.3lift.com/ Frame 4189
4 KB
2 KB
Script
General
Full URL
https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-28.fra60.r.cloudfront.net
Software
/
Resource Hash
d05a47071f5b2ac2126e07bf7a15783be0352bc951138afadb839ca98be00ee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
218
etag
"e172245a648144726a3fc351f30b85358a7602b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
content-length
2163
x-amz-cf-id
rx-heniDqrPMVJYBfXUHIt8NzcgrKY9BVGeVBT5FO-gfTg56w_aVYQ==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4189
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:58:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
79755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:58:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4189
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
1336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 11:45:42 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4189
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
186462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 08:20:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4189
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 12:07:58 GMT
notify
tlx.3lift.com/s2s/ Frame 4189
37 B
183 B
Image
General
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=Y6brnQALztwIEdhQAAHL00hl4eTAuGYNVdkViw&ts=1671883677&aid=45304938713870492186720&ec=5989_90590_452993925&n=GgDyAskBCAASFzQ1MzA0OTM4NzEzODcwNDkyMTg2NzIwGAAgASjlLjDewwVAAUgAUABgCmgAcJzYHJABAJgBAKgBALgBCsABOMgBRvABAPgBRoACOJECAAAAAAAA8D%2BZAlK4HoXrUcg%2FqAIAsAIAyAIE2AIA8QJmZmZmZmbmP%2FgChS%2BAA9gFiANakAMAmAMAoAMAuAP5TcgDANIDCTQ1Mjk5MzkyNdoDCTUxNTg1ODI5N%2BADz9evLOkDAAAAAAAAAADwA0b5AwAAAAAAAAAA%2BAIFiAMAkgMEYzYyN5gDAKAD0bYCqAMA
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.97.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-97-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 4189
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=45304938713870492186720
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/
653 KB
653 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash
702b1af26958fe0b2bfb3689d1438a9846209bb76343049a48f6a92b691a6b30

Request headers

Referer
https://www.yyzzbaby.com/
vdoai
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-668527

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Last-Modified
Sat, 30 Jul 2022 00:41:28 GMT
Server
nginx/1.20.1
ETag
"62e47e38-13305090"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 0-668527/321933456
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
668528
Expires
Sun, 24 Dec 2023 12:07:58 GMT
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://www.yyzzbaby.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Sat, 24 Dec 2022 12:07:58 GMT
Expires
Sun, 24 Dec 2023 12:07:58 GMT
Server
nginx/1.20.1
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3FEE
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:12:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
82537
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 24 Dec 2022 13:12:21 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3FEE
34 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
58492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 24 Dec 2022 19:53:06 GMT
120fb889c9d3d02c8d3dd0555cf62ab3.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 3FEE
104 KB
30 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 03:17:25 GMT
age
31833
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30375
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 03:17:25 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D168
143 B
227 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:27 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A192
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:58:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
79755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:58:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A192
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
1336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 11:45:42 GMT
m
ad.yieldlab.net/ Frame C971
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENNE5AvKIBysh8sBz1l4kpQ&google_cver=1
0
525 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENNE5AvKIBysh8sBz1l4kpQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNWfi4IKCxK1YKT0Ud31dxjMved-EuXNNbb-4oO63TAa7K8xIcfVLr_yWFAVDZ1h-WFpBtsCfepdjuA_QT94TEiCSSl_AeHh5BGfj4Po-6hM9KEMWv_HiV6tFIgn89QXILkj6CvKZwlzifCohXYWuu22cwcFDkxDTFIgeoXc_AACoiCGlx--8ylBzita7N8r58m_UVfk
Protocol
HTTP/1.1
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Fri, 23 Dec 2022 12:07:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESENNE5AvKIBysh8sBz1l4kpQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame C971
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESECMTGvQvtK2WEfoN86oVxMI&google_cver=1&adform_v=1
43 B
163 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESECMTGvQvtK2WEfoN86oVxMI&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNWfi4IKCxK1YKT0Ud31dxjMved-EuXNNbb-4oO63TAa7K8xIcfVLr_yWFAVDZ1h-WFpBtsCfepdjuA_QT94TEiCSSl_AeHh5BGfj4Po-6hM9KEMWv_HiV6tFIgn89QXILkj6CvKZwlzifCohXYWuu22cwcFDkxDTFIgeoXc_AACoiCGlx--8ylBzita7N8r58m_UVfk
Protocol
H2
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
last-modified
Mon, 14 Nov 2022 09:52:50 GMT
server
nginx
accept-ranges
bytes
etag
"63720ff2-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESECMTGvQvtK2WEfoN86oVxMI&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
ad.yieldlab.net/ Frame F251
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEBF3mM1ujAfDxbDSLZ1uVRM&google_cver=1
0
525 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEBF3mM1ujAfDxbDSLZ1uVRM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNW6geXJXGwwisV4oLqQkyMzqe4vE7E__FOQELdXbsH402rBgE5S6e8EZ-aL9-9siPCdimlpSbt307oci4vMBSWjt_HHhEvtZPvG5WGcHSL5awtggqhA6kd4da91SippL_TsnJka0XdDoS5bQBWeP06wTgHRw0XsIAFf0w7Ww2dmFF-uPOs
Protocol
HTTP/1.1
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Fri, 23 Dec 2022 12:07:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEBF3mM1ujAfDxbDSLZ1uVRM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame F251
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMid7a0TfhBosrJBS8-D8B0&google_cver=1&adform_v=1
43 B
162 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMid7a0TfhBosrJBS8-D8B0&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNW6geXJXGwwisV4oLqQkyMzqe4vE7E__FOQELdXbsH402rBgE5S6e8EZ-aL9-9siPCdimlpSbt307oci4vMBSWjt_HHhEvtZPvG5WGcHSL5awtggqhA6kd4da91SippL_TsnJka0XdDoS5bQBWeP06wTgHRw0XsIAFf0w7Ww2dmFF-uPOs
Protocol
H2
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
last-modified
Mon, 14 Nov 2022 09:52:50 GMT
server
nginx
accept-ranges
bytes
etag
"63720ff2-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMid7a0TfhBosrJBS8-D8B0&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4ABF
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9nOEoMWT9ZnwqC5G7uD_dQURrBkHmu5VUeAjVtLsN5i9TSTbvgnUp3gAZ-kyHM3MTcQ2hraq9OAMvQxe5GFXZgE1Op0KXNDidGT85msbOfrreEdfAlRACZTj1STEqsxv-NJIkhdbmtaQ4ccK6P2yL8kIFAm63ScQ6JIRUh5RPNcRIkIU&cry=1&dbm_d=AKAmf-BZwIQK9H3tq0luQkdF1DeRH4WuC29FbdlkJDkD56PJMyS0EwbI1SEtZpz9CRXF_t3o3tg05xlnE-mFwSlSN--WYPX3QTRLWWFKVQyJjqWOqDFdWe4rGhS1HRfrogXvWYoHaOBWyUIX-eBX3sq9KjJiMGXLS6nE-XzHatE-cEUtwf19HN9Rs16X2wVaR8-jUMa97x5V7FDEKoMfqFleWFCdrczhbr0Mt4fhPAk9_on-kSbcF9C12LdN35Uk7tJFQDDioN9T673Nu7c6j3DKoyMFLQ4VokwH9LVnGCAt4uE-32-uwgKfbu48zs3IS2Qjy_yC-29pR8y3JrzKMcSy-PC_DkTM1Of0GI4VXrOzx6r5ki0N2qUNfN4PhM4GaUWawLq5Ir-rkpxC6SCQWpHANsXWadwbkuoJREn3hJPL8so06asF_MHpaJmCWkjAmGmk58x4bdJAaC2fTVdyNpf4SBmqIf7ON4V-WpwsgeTPXZ-6bofv2-NI8y100KXFztsS0HOEtkcbz6_ygJQHP5EuT7Umt8t9oNaIeH6FJULnh3uLRVxrIQcrAFqrsSWXeVUC8CNxRhHMLtUhf_Z5lAw62DZqfMStkW_oMCo4SoYHpVeXExN4dJNO5iZt87emPLOaEpQJZO-bAyAPC45om1h-1emnWP8dhBtncBxuNv6vFTevzZkOjsYDehc8aownqBHeQjRQrIB0AlthxnVlsYSE7PUuZ2mjykLMKH6qLSLWNcnQrb8NMgHtfTLdY8vedxjBrCtVF4FSk1Yd9PBM3TD7cLzXEQNgYlx4lYDaUdzzXzRO1qEvoLOuqWIxXA-sjzYPQPBnr_BPoEgbtxXWdC7RafMM_BNiPIiZT869uRb20JonCJnqBZ3oaeV7XPXTvAlX_HWgEXy5pP-ujcoztTizxvIkvqP106AMj-VjCtcVXsozVMKxKRQA6vtjIOwLv6G4b9s8stJoswVdJyD8B3ZNGOytvaEKW6t3iyIAEqdj7A6X1EOI9CYR4knlV7RYKgh2bIhhGw46HeI56TXADwem8TOQa9RwCBVCTWYbbgXiumW-s0DBYQvGMARTX_J3qBHg0dYD24kHGYoMp8gkCdjJ4d6N_gQjhIWZPfTIYrMTLmMJWj78IcjI1YU-HNkz3yt9k-cCpeBWiVt4-V5I2dXfJsf0z_ycsppjLRzAAUx3bInAwBi6xOiY2Z8D-xtY2fO9QP9DrS5Y5O7y8RvBh1osn2Q-2aVYV88OLbTR8n7mVMmTzupcJ-7-nB9v2SFwNcO9glARXNxQwAk7K4aKZnpy9dz2p2hUcbGtOY8VrD6-hGlWoUczsWBK7pVPFL5N_ZZN7Yhi_HfchfWisgr23vGRkGmBL0cnOTGOvKSFCev6Db55qROs7Daa2aqinGBddXmcAegj54OiNa_bvUv2wQMHFW_7KXNdRXtNEL5ApTIxPaLzay2T9149MUgVbBWFhB5U5bjfWj_fcM7MEsEAfG3UTqm_WSR-RndvrOnqeSPJApN22Q-j1_Ip07a0D5Pm3gy_G-EkE5D5PDv3N9I8DefC-9KMYMighM5-4atca_J7fOuAwCCIWCF9LGwN1xzVvpXylyQaU2l_LimaoSB_JGmly5FJnhD-RglNVGq9N0jqhkgR-6G1uo4gqkDtApYAzTPCj5itKFp5QzZEfTZeC-1L2_XZP0DEpVZKZd7_k8YqPpC0_G3_C2zunZ5GDZmMFAicYpi4uBlrLFoJD9fdtu_v77BuoLpRt9Ss-sQjZYvDeWTCyHr-_Hwinzs1fl98mUOeNOtVdB_WFWmekZIDBxZrM-p6jB7gXXLC7dOvUlVhhM3iWfUnjMpZ-lRw4QJPFJigpUAuehBW3xaGdkf8JDFIb6INUb95P0ry2Hka5IMOfr1WV8Vv0pZKk9iaul5QOCpGnDI62P_O7RwSGgQHoP_2tY5Lt4G9qEAzCfTlzRxPSjPpAdFn6wuzPXbh4DXxis14rD6n2R-IYFuhtW-bM68C989IqyNutceqKmYUEHp_rNTa83ElT72vNpo_fjeOpkszK9PNptdkJMq1MxTVZEeDZWvfzv2_UfEc2BJsAqSoN_5NZAtPFRbn549O8an_CGAY__dIGsP1LEjCTzkzYNQQOVWDl0eSBFSCGpI0xIH540GLjQOLvwrUVzPk6ij4himc7GKU6QKNz9-GFnWdfOAFZOZSzLLuh9whtADQOE36NVc9Z56UamdAekaaV6BlROnIJApibo8Cy6niHtOW2uJfOCpiNASMJMPTKdNQmm4Q1L6uRmxQgEQhLTTF_kDHIhAjHYvjqKrRNTXndAhN5AEOTbrcuVfVv3x2f3VxP03EAdqMFzqsyF3SM7AtoqixtibEoCpQzhJqzAbrlUC7fA7CrWgwwXi23G0ztC-6_ZxIY0EU9QKn7qrxkI07fexvs-ikDQZ7BwFHKnsSZucvCNe_s6bc3YW1sLiDNSTrhQy7PauVPSSzxyQUwO-hDIk8JrtyFvFArLyUAyUD70a8_vy-UkpfNb4dN95Bgsh7xhSFafLKj82pjmqIIJJRzZYq6BCDSAEGGQlp8lw2OFDHbJoMwpsnh2jRnUFdB3FBI9xNay1Yy1thl5kc4F1B8dV-u3X0vnyfFt9jf3m0K6WP40HAQEtu89U39VlZwggXnoqvBN1FG7zmWAcwFyYt0Y9hiyJgjKFihJ0ziBGqQkM2apgYGkb9pBj01AxT-BJwQJAV5eZqng7aFu-zlusJuHxbX53YxLcQDhAktieRevBQYep2rskZIg6nY7WzyIoKIYFJ9SobQWUsYuFkE1jvvzpisdm7nzKukFtuPoBKm7vZpmW79zchQjAMiiwyvluTEfSC0L5PeJbHJO5kIGaMakKzIQaI-khZKHFTWgGvi8vk57GmNZ5uYVbftti-Z3SMYa_DZNJQld_8nh3_6ygNHtbr4hR-y36SJQpCHkVefOxjuGhEbb96awkyvIBYYiKpSV9s_z4oG42Pe4ZWUqDERL-v3UVBH-swrsx8UE1Z4_UGJ3Aqsy-c8xMvvVrTMdsKXu5emgRqAxFFE5EQy9LRAoonkfxZffwPD-Lk3t9tVy1L_pJ8R2XHqjFUS5o7KOAfcUvaMJP9eE3wfNARodadQ26PpKyyCyWZQ-g93Fplp6GJ9CcC8JgBc-UBFvJ3R3Fat6K1p1LK_AId0wPObA_efpwPbR2cE9MXl4fV95cAfTEqRME9wDGOMmNpG1oMgteXfFB8L9U6U4uzliLWl-MvJZ4o6ChGQgacRP-3P8oJHqzyaH7FBKIUJoqgrtP7AZeMqXNOKI1_d7cHZEVSf9802LS28zJ4v6_1dbaX8cBRCO9KmEtkUjEt1FJHqSu6PhfLYGy5DzQmGaCuZ75mIyT3uss2-nu6g4E5BuotsNfAiHt3uljABOzXtxeHsKcCmlzWxZMFbIvCdRJmrxyiUpKACW410tY-gdoQcnei0fMSq7_dVxO9pc228fi8HxA6k3o4Fw8uPHmIKBvbJ98cW52ZMAHMEn1K66PGfvZUHkrlIL7Bwxh63k8b6bL1r_5fBftSYHCVZXR6d504Uew&pr=6:0.426299&cid=CAQSGwDq26N90PkNF97FcfJ6CjVk_SIkaoY56TswqhgBIAo&rfl=1%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 11:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:46:28 GMT
/
servedby.flashtalking.com/imp/2/195196;6882479;201;js;RecognifiedDE;PBRecognifiedCCCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOCulturalExplorerTSADASPD/ Frame 4ABF
1 KB
1013 B
Script
General
Full URL
https://servedby.flashtalking.com/imp/2/195196;6882479;201;js;RecognifiedDE;PBRecognifiedCCCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOCulturalExplorerTSADASPD/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=www.yyzzbaby.com&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.yyzzbaby.com%2F&gdpr=&gdpr_consent=&cachebuster=572249.2376969124
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.57.2 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-57-2.deploy.static.akamaitechnologies.com
Software
prod-xre-app16.frk11 /
Resource Hash
9847db39a8a4a7cf193c8941e5eeaa5c5f575fdbdabfb1a0ef369f10cdf59354
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app16.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
639
Expires
Sat, 24 Dec 2022 12:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1E0B
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5b6S_F0iigkQvf04CWegmuD0lubOhGNAHmMK75qVAOXsciy5GuckLYyEldY8OHlViuuZhkyNuUV-b9Yg7HbV09mWHFnHwfe-glOcAFqhqTCkgjGxwZP3vjBVivRWo1fZ0N0ABpJ5Yd3zR--EQ9xtKQGo9yFoZkLUB1YuwAtD4DVI9aGs&cry=1&dbm_d=AKAmf-BTljyhHUxN95hVk4Yu7Hk_6mjb4sznCXSAUFnRadU7veHtwj2GeJN2oNnCLwJQzYJK03peoDzHA6qa40wlovD0KRHVxrLafAME3sGTkE8W2qcW8n4h_4BSLCLjot3JAWrhbq8FVj3--mm6RwHLOzbOWfKVBPgXwr8mCCsMajH_CbLVFnDkl_OLTw0EnA4Rvv8knXlUKNQmjLnIrY81PvCbGVafcjuXFDxj3_BYeOgkAFRgWAoCFBRyG5TKeYUD88hs6c72CDLXBF2rhPqMXxu6Xzk9j6SL_0W79yQqzZ4DkbMp_0MDWh1rvCoxA-DjDlHANm3lCjt-Lbec8fGhTwsmOktlzBiyH6aIgrmj9Pl2Qb90ry20Uyfm1E2JPXFC83H5eh7lJYy79iOgZQLmEsIWa0dHHvoyq9EN0MO0wGU0tq4aQ5tF2Nox7dRGrdZ7E7pD2-QZFvpp604WhAA6AQFw9ZDmyN6r3xMNwLhcJE-COVr1U5f3ghtRLPd4-7F1le3v-QGL7wZx5Pp80g0hryeLiPvF81DHTnsU9-kmGxpAyGXqjO4GPZZk9lZMlbJ-gBIDgMIJ0puJNyNtoBzJtDI-T2YQkU9-YTKyp8CJECGVoi2tYOOR9d9flF9jMGCj9yUzjErJ6qZhawskDj2sPM84Idnhtt_0YvB5RyQeQwnjZ78CTxXti9waQwKYmdiDCO9uh5fbZDHyatDjSC_VEw5hzk2KsB3NNJUGePIDI8FOfiTRxwq2Y-3G3PTHPOCbfBsTfgDDYXY4SeegL9TVgxDp9IYA5wdI-Z8lkd4Ecsb_bEQMiDMtLlptSfTkumGt4cRVCrNBF59b1sOvwqHnf744OY7N6WjTQGEfDZJYyWFwWb9rK2zGUEtPjkq5VIhrSivvQNUbm8CpYoZL4iR_Qtnt9iBZEHgp10Is-t09Ji_XhIj1LiGZQcs-GbdTj0tCe0MKLvL0bhkNkarGg87PAtp9WUCJozkxDZTQkmx_buzglMwfILksQ1xopcX9MAgLf-1oShNTIxCHKVr8FpzuSZUs7Jm6d54znHzkUWZ_ZiKX5WrSmkD8-Ayd44YKrshA_ir-mHCcUoHK7ZJmVSgCSsrQShGJrrRjYK-epmk7LfmPGudX20IOgHZX0GTU__h6fYnTTl96qlVMw1UUmh_J9Ev4-ZX221Z1eneJawCr5RKBvNBj7-6KPFzWJkuRQaIdl3mF6S1a8cff2RsRS5TNBXKMGu2fCZtx8JfHv0CVzJA8p5ykwL3rodmDDXQER0NJQt2y3psh18FO3rBSPUBAOAwRgowEdsMNzl43_9aw4ZX_ZlCTFqpkW3Y4Y15gxn_4YlOQk6Tdlyoh4CDRP764Ao4mvcHbaslGuwmf5TMsqM4jntQCqy4ldS5onvixIN5Y3rJYRf5J5wMyVkp2MugdR9WX_vHDhrN2MTw-mO_RFMbGnwhFAIsjAFiLwnpWz42MvKcYfHtIk1dKhQRbn4kwRy5DLUABIxlEQyxJ_zXJT-5vp2J15u2h_cAv31uxO12wAvwAPIunrngxl34_e7mEw94JzNHcGVVYXGyuzQAq6UmTuqdECbAEAUeb6_rV5_9t-3LRsz1-aH8hx84HT4tMnDDYcOujyJk0q1JasEBGMpinz6sYX_J0Lv7nHcpZWtRjs1nPZ9567EEXTpZAgC2BRN-JKyvLzh-axPMCjipbY-ogMvGtPqmLe9YhO4G5STkhNVEORoRb2vWmGRR_PfXRuOAMVs01ezSg4edtyQaFSai2__oWjtIbA4PFid0gvakwYGIJVULCNUj3xAfhuuncT1yVD-DL5s9WSunPqVGHTtvmJfh7IAIqI_SMO86dPY1bqYGA08dzVkzn-juXbCdVI6mCyGrZZ8i4c6B6yjddlpaD5Y6M4vx-DcnWlI2fWwESDK73Gg3QLocFR2d74-emxkj4lvzV08SELlyRqZXyshupBNr-J2m1onQhyS4tz7jjQpi8WO3ZYKQLspQkoDnsPHTYwu8pfduMot92A_0sjaRHtoGrAFs7Hexxn1ap3z2ruP4rIHhQLZEFmp04VR-DGhXVF4vfRrfQwpa612nCUgwMKAnOF_rmS7wGFKX4ptNDgaSD7lPrUkjknAyLzpKCugeKQCS6y9Qm0ODGtb11dB2rLYDj2FrMP-Q9Lg0RdWdOu2WrFaYuDgZ9pgsDHALRZui8qstM-xR1eHRt_JYq99Coc_mVIxpUy_kiFdbJKbMovZaUQWWKVydq2QqgHiF2wep0sd9FF3ALwtp5C9965S_j6ZjfL3g_RG5Ov_sK-1pYYcWTIrT81bqBFtfEkzEr3wROjkuIc8Ls0M6tXTyE6gEQh6HXTjQVkr_FtyMYl16tSweCtfEMQe4QFPIu63bDRpSfKFi-ZnnohDAiUZVQoi80GmTel2dFL2fQVzSSFAlvsLRZDsI6HD-LBcMRU-KmXwhM4accbMeDTEmVwQeXyiCof8So6lYNtNQHYJxlVRpuWFHXXT3tR3SV9TSbtqlmpWg_zfRypojjtDbfYa-49eiBClkfwj-qu-o4czCaz1i-9BhI_XfL9i8hiwbYDXNcv2XO0Gll6IDDA2VOrN6Bep7AXYgoCKtxkRNxVth-ocm6NjaRoBCqoKSZfoGe8pLwf-OCKVtEJiXxg1R6aeQPJXPcnoYCb-EZs-jZnHIiMqe8kqXbixzx7qLHrvcf8g6gCRgXjh-rFPeyrRHAsAZnmnssJdtxLjrZcRtevEBeBJ4d_fC9xEeBdgLJTDLqSYTiDpyRLT4louJ8UKw3J9HWmmX4Rdg5y0PdINRsaKtFjAHYMkLjFbMOBZ-jyHm5mremYG1qazz_OhJQiOxsQvnMGifkEMi_KE4NHSuAM0WVj0pW00h8GSslKwVQEylHLujtAC_cP8lIMhgo2rHY4E55RvT-P2FDRxW_lRAfCupFf35gFWcZ95aHPoDsP6AQeAxto3n839Eta3pVIsrEWN2cu-hpjcIDjv_MvfQtVEHyw0GFdk93Bh-3ERSzejk02P5ej-VJJhhfcSsJPtAkMpqkZZxmCVgFcNuVjmFQUMc1UU2Ju0py_9kc55Tuimq1_xqzJLn9Cga1XA1MyYy33ydcwWs7EfeQxq64zMxXtmJ1m7AA4iXYza4TnAvfwiZt2O68Dst3n8raDWnH0oDzC0xCYdpPi9TlbLirIQCsf8IA-uXa3W-ZRFyvmDDRkkM1HZeqXvPHC5pgNrUIEvg4mo4zgsz6DTGcwkJrWjbHXNoRpAOSIT2Hx9Vl5sSblcLNtaYGprYI1pFy_ZgBqxkQyMgEXpCiL_ZjFD9vPpzdirZoYl9pXu-BMj1nMO3U6xvIMzPB-DZL05OoQTBfFhCS94MmcjikdXBud-G-W-hjzfcGB-euI5fv6drZqNTwMscWsOeU4dVS-umPkSqS18PN68hxj3Say1B6UuFQfoKwJ3iF0ENivzuqwxUc77AGyEOGIWdUBogg5WbX3Qhw_YawSs6GI5sn1k3POkVpTM8VdEpyvustSd1TjphjPKnSh5H88f90LocZbF_B-bQtpOYjKwObbmNbBFI_CAuVwy_6rtrIRvLdoTcDVnti&pr=13:Y6brnQAAAADNuAmF6qpDhPL3p0qJED2vJz1u7g&cid=CAQSGwDq26N9I0-lRg4NXZ_jqIVX2ZxRroCrwbCbxBgBIAo&rfl=1%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 11:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:46:28 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.yyzzbaby.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.yyzzbaby.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
37 KB
17 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2455065715707127&correlator=1889913127272053&eid=31070872%2C31071222&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=21622890900%3A22823849970%2CSG_yyzzbaby.com_pc_article_anchor_970x90%2C728x90&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=728x90%7C970x90&ifi=5&adks=390099101&didk=590274415&sfv=1-0-40&eri=5&cust_params=url%3D%252F%26ref%3Dnull&sc=1&cookie=ID%3D063d8549da2ec36e%3AT%3D1671883677%3AS%3DALNI_Mah_MM0gB9B42eIIS4Z9oVuKH1ZCw&gpic=UID%3D00000b97ec4af742%3AT%3D1671883677%3ART%3D1671883677%3AS%3DALNI_MazEHmG0MMzfNW-fCupP09-h2jL2A&abxe=1&dt=1671883678286&dlt=1671883676061&idt=978&adxs=0&adys=4&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.yyzzbaby.com%2F&frm=20&vis=1&psz=1600x-1&msz=728x-1&fws=128&ohw=0&ga_vid=285876916.1671883677&ga_sid=1671883677&ga_hid=358926428&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYvr-hoNQwSABSAghkEhkKCnB1YmNpZC5vcmcY0MKhoNQwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGL6_oaDUMEgAUgIIZBIUCgVvcGVueBi-v6Gg1DBIAFICCGQSGQoKdWlkYXBpLmNvbRi-v6Gg1DBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPbCoaDUMEgAUgIIag..&cbidsp=CrABCAESDgoIYXBwbmV4dXMQXiACEg0KBmNyaXRlbxCZBCACEg8KCHB1Ym1hdGljEIYBIAISFAoNc21hcnRhZHNlcnZlchCpASACEhQKDXNtYXJ0YWRzZXJ2ZXIQqQEgAhINCgZzbWFhdG8QgAEgAhIOCgdydWJpY29uEIUCIAIYAiIkNzZkYjVjZjAtMTA1ZS00OWQ2LTkwYTYtZGMzMGMyN2I1NzdmKgQIAyAASgBA0A8.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14f01a2aacbbf6e8a1c478b6ec257753335ebafc85e9648bc98e4aa8fd182150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
211995
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17441
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
314490
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
57 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2455065715707127&correlator=1889913127272053&eid=31070872%2C31071222&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fifs&iu_parts=26001828%3A22773855754%2Cz1_dfp_ron_display_companion_b_pre&enc_prev_ius=%2F0%2F1&prev_iu_szs=234x60%7C300x50%7C300x60%7C300x75%7C320x50%7C400x20%7C450x50%7C468x60%7C728x90%7C320x100%7C300x100%7C970x90&ifi=6&adks=847536670&didk=1850812150&sfv=1-0-40&ris=1&rcs=1&prev_scp=site%3Dyyzzbaby.com&eri=5&cust_params=url%3D%252F%26ref%3Dnull&sc=1&cookie=ID%3D063d8549da2ec36e%3AT%3D1671883677%3AS%3DALNI_Mah_MM0gB9B42eIIS4Z9oVuKH1ZCw&gpic=UID%3D00000b97ec4af742%3AT%3D1671883677%3ART%3D1671883677%3AS%3DALNI_MazEHmG0MMzfNW-fCupP09-h2jL2A&abxe=1&dt=1671883678289&dlt=1671883676061&idt=978&adxs=436&adys=572&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.yyzzbaby.com%2F&frm=20&vis=1&psz=1360x562&msz=728x90&fws=0&ohw=0&ga_vid=285876916.1671883677&ga_sid=1671883677&ga_hid=358926428&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYvr-hoNQwSABSAghkEhkKCnB1YmNpZC5vcmcY0MKhoNQwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGL6_oaDUMEgAUgIIZBIUCgVvcGVueBi-v6Gg1DBIAFICCGQSGQoKdWlkYXBpLmNvbRi-v6Gg1DBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPbCoaDUMEgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a8101f11114ca87d824533fb4736871a34d4987a07e9c327c6365e3fed667e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.yyzzbaby.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle.js
ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/ Frame 4189
170 KB
54 KB
Script
General
Full URL
https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-28.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 15:41:41 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 15:38:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1369578
etag
"dc17b3dc9f345ba38045deae8cd83a33"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
55196
x-amz-cf-id
h7LJuLC9w2-bJB2OeFtxYbmK2-8nq444hfrkES8-1SumbpHUJYxosg==
/
servedby.flashtalking.com/imp/2/195196;6882479;201;js;RecognifiedDE;PBRecognifiedCCCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOCulturalExplorerTSADASPD/ Frame 1E0B
1 KB
1014 B
Script
General
Full URL
https://servedby.flashtalking.com/imp/2/195196;6882479;201;js;RecognifiedDE;PBRecognifiedCCCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOCulturalExplorerTSADASPD/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=www.yyzzbaby.com&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.yyzzbaby.com%2F&gdpr=&gdpr_consent=&cachebuster=582153.1840354899
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.57.2 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-57-2.deploy.static.akamaitechnologies.com
Software
prod-xre-app9.frk11 /
Resource Hash
9c0bb96e373b6b52fc25ec3cf9688542c2a2e28b96abcdb174e3d9b3b9a1b737
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app9.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
641
Expires
Sat, 24 Dec 2022 12:07:58 GMT
j-6882479-4082875.js
cdn.flashtalking.com/xre/688/6882479/4082875/js/ Frame 4ABF
86 KB
22 KB
Script
General
Full URL
https://cdn.flashtalking.com/xre/688/6882479/4082875/js/j-6882479-4082875.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/195196;6882479;201;js;RecognifiedDE;PBRecognifiedCCCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOCulturalExplorerTSADASPD/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=www.yyzzbaby.com&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.yyzzbaby.com%2F&gdpr=&gdpr_consent=&cachebuster=572249.2376969124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
24290643ea43476bfa1726627006849784d64855ad9aaa0ab8d71126f3e1fdf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
519C302MT4JP1840
Connection
Keep-Alive
Content-Length
21349
x-amz-id-2
PzAngNj+sej2trA2HjGV6WsWkaOCYLoX/YI8/Oi0vansF1fISTJ+ABsCTje9uH5HpVH+S6mi8zg=
Last-Modified
Wed, 26 Oct 2022 11:21:21 GMT
ETag
"1666783281"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671883678.dop002.am5.t,1671883678.cds220.am5.shn,1671883678.dop002.am5.t,1671883678.cds321.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
si
googleads.g.doubleclick.net/pagead/drt/ Frame D168
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:58 GMT
expires
Sat, 24 Dec 2022 12:07:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A192
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 12:07:58 GMT
truncated
/ Frame A192
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e1be6d7aa07838a3596867380fb111875bc6e1be4fe1862d6563446748d87bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4189
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
576203c50b573fb2c705bfe9f0789e676d66d0d597cb11ea0c7ac4bdba4845d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
r
eb2.3lift.com/ Frame 4189
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=45304938713870492186720&rev=2369ca4&pr=can%27t%2520access%2520top%2520document&bc=0.07&bmid=5989&biid=6021&sid=90590&brid=470044&adid=452993925&crid=93055951&ts=1671883677&bcud=70&ss=5&caid=0&unid=0&domain=232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.yyzzbaby.com%252F&rr=creative&fid=10&rb=0&g=0&cb=75633
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame 4681
26 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 4189
3 KB
3 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-28.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 08:16:07 GMT
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
445912
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3125
x-amz-cf-id
22cwmJDnSZ7JsUZHavyTziFlhP6LWgfJb1e_e0KJ_jH0-kfDYgHD-w==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 4189
3 KB
4 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-28.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 07:10:32 GMT
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
449885
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3518
x-amz-cf-id
I9WbYUbUaiLdUgYafeEKAS_wbPScWMzJ22QESO8DfG5FJucSYpaB1Q==
ctar
eb2.3lift.com/ Frame 4189
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=45304938713870492186720&rev=2369ca4&cta_render_method=1&cta_render_text=&cb=31080
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 16B9
261 B
122 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNUXUgpWdAY5nJ2OyJ_oCNnq5wmY2exGQ1W1e_Hz225RP6yUW6-MEaMv-0q6vTTK7ATMxb4-jvxr0Ce-TICYa8iatazLqWXqc3i6JP9bTN2cs7v_M50n4DrJDeOqFHFoqLBCx_aIOayqh9aRldwBB-PRS8uZOOlYmf3LE9sbdIHxkjbnveg
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D590
17 KB
12 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6ZLEkDsC5uHMamJgyN-8ZQgB6hUI0NvcEFk1swd3e9AIYZn_VX_JC5QTL52u7w2hvfSLgXu_AxA0b3-kpgMOKc9zyZZH0jtCWI84-2iMsfdzJzBfGDX0aog0_GU94VOMjptPFwDBHr98sQ7we1vpNP9N5nqTXwmvtcSIRqgKt7Ea2Dak&cry=1&dbm_d=AKAmf-Bz35HnbD6COWeFMquv3p7CRy0nnona1xopPnOD1P45E81r7YxZ3puTK0QLhgJ26K_8udukYExAK3rzLk-vJCYed4ir3lSzPRFiygTNDUwUwTEjln8Y_U4bGlFB-dV6moKnebicRN9r9h38GuS17jI8mm04CV4VZ1rsin6pq6uNNww5fzkNWK9d06CgpcTGRaUBOQkY5oiaMMwxOlzBMnw88znnmCt-pVs6u-btbZBgCHEqRXB-C7FktyllwGTBZ19iQX3F7z_-F9k74WF1UeIFEdNOACy6AgXSZw_spioZm2zux1L8m-Kp0coawalBiYPwtEuaEVvWenmLlkHR41fYKLWGew6pI8j96VhzDxkQQt-KDajYuxAiaEIDiWSCOd3r0frZjtvzIxg7Ca54Bc_9gU8sYzWyfNAVds3oRrqiZjWkQ6aY3L-aG7XYCAAUl6mjMz9-QF1pnvRY0H6nFn5LH7lJ3AOLSiZ133nTLSwrwCi-CH-T90KG3-U8Feqt-nr61ALQvmZri9UocLCnWCZiNHmvxE7WaXeq6DpiZhJDFKEfMoVcdhN0UXc1h9c3ZST240EN7LZOtGntk1dQN5EXFYuJANwa1G8VuPG8HvRpHS6Aoi-4KD8OaSd_KzqlZF8kvMNs2COwl9kb0bJSv7PMlJ0osz9y27VBwgryItdwAZ2ZpyrtvR783ilapr8oXHrPjlcgspO2r4skCzZ1pmCkiLAzx2eAqM-69LPxYhAP5nHhk27F2c_EbSzBjW-G1RnYriIJ-CHKnzzuMpBO21sqcnszcv1urW8DypX2xkuzdmDkcs3S_Czc9Yrg8LH_RnwpUxlo1AW8beFwcsdkS7L5eRcJwOMi29S51D_WdrcOc5ujaHb8smrJorrPORa9AspDUePB7DXO0j5HlEzfrIMAi-bHXVeT7-leKgo8oGiiTtHsPY36RCJppgUYRkKb1zp_zSIkwx75z_BIGGK1KeHdtam6sQjuYFwb_8ZmX98piUzBxasuiyWno0deCAz8DV8CgfdiQc3g5e-BDC5S_Djj1cBm53Zeofip_g0aJ-FQleC0xWMJmUEcaUY6hAXsnIZZOzXUc67dhwbVoGF6j8tePGUz48X9bupNPIbegOEOSJaEkbpstbAhENz2mVPg4Kbd9PxZD6tWH8sujjKHee0fYPAuQILRqjPfbF9Re_ItYfj_j7AKVWAiYjwQ51xnKodinvolt3Elr5pLfOS51P0SnAl-IYzxsXREJzMDMvT2B24zw2HPObyJzGjkk8bhSsOeCn20pZGXomV4J4t2ErKXC9TBIwp7aoCUtutaLrJqT7kdlQ1EMDy42w0HBNRfikfFqfHAeMUosMSVxZ6byHPz2VReMCCqsQCUOcANtbLBFiA9ZrfCQWusSS6dJzGfwPhoUmHqYDD35Y7IzH-1HjAZZViQ5w2xJ-HABsyUWAeKUqABBchzC_DM2Y6SUcNjrILuPEM9wJ40Updu0N-Z37lL2Y1TMVxPs9sX36s6-ENccs6rT8YKX9aq8P-mMLj7DOMPQ6GRAHCCMnVVafTFOQnQNKswfXZqQTlZxlMS9LnpdtyzCCd4rTXyixAoI3P28CHOf5NBN9f2YlcrlSxqgjNlHo5sRltMIA2QzJfGFmddxTBuTHp6sr7TtqZOIyU0XQiWQADtfPjNASGSlqbOulIyX-fb9NuOPNigiBRSOWVSt_WWfE4x7vrUuJdu5OIq6DmGxoSz6bblhgMq-tWtJ9p9uRZ8iTAgl02eg8xxxJ4vliXxjLA8ktjbUhWFmL1lkVC39zEEzXHlnWddFLX419pouDOlcGQGlBWU_AMmoOVPnXM4zJW3A-wxeytkgqMgNlqeHdnG5TwR4-BgOi1YmMC7dYYsJFFTuetNSIUzJFio2sfZweUldm9y2BlkTA1JYRJ2BSmteJ9BBe3TNsl-JZMQ7ttcy5HuC1IjudWDQo5dGz1zuTh10NSEDJWVv74ZT1tHx3LkU2wQL7uwGaUVyioXzuCVf_X5v2tivBMGMegYOE6nwBPemOm_cOIRBBe03HuyfebQTgPuC5R02CdyGFie7wp3_49rk8WFwIBEtGi-upRZXLZr2qAwkicPEvPi0RCCl4l5OONXQA3k3zcT75NU-YAT-_ScpVuWCmnjsTngu0Q1CQFGIEf9JYYY7jY4yVbIwAB7d6DSO6uU1dG7d9VUScTccdH5BBDR7hiwvy8szNaywZMMEonuNLmcUCnslroT1iNDkGw6EsM92XP9F5C4rDTCdTKgmADyxUZj4xInGO1oVmusaui4HaEjtiei1q50TwlUaVKOQ_pSjRMlJLKW4TR8Q91a2ciDDTiBTIK0aTzPral9ZqQGZFmmvYv0gj-d6Y5QeNlxNljRqhUUsit9DFozK22bbwq1kegPCEHM_yhr5ao75OIi0Jfbe3pONo12GC2a5naynUPiulLVBevoenDX1kGLgUIC3A93ch7AdJAW6YcyKTgln5rClpFzgYV0a7Z7Ll2dgeLQ4ZhDHXflyBiLyjiHOrK39hrec9SwNaMNhKTWKNz5QXJDlfbYx6V69WM1Wd7drQr1MfR1lXAbkiszv5aTY6urPuRJrLeoXIaEnTkwlN_MnZUvEJllcfVC6Wnf89__bbpBVnoObzhuIjaj_sXQ0kdlt9WzsT2YQ_3qudSRz9p8FK1LxOU_6Z7JepkZBlkGWKi_B_3OSw2eI6AGdx92Teg5YMPQ3CcZL1vhkC5i8TQystDU3jOPrZ_WkCtP_6AjJut0xUaeXDAN_WMIIxkF5hmhAHbedEdBIpsqEXRpypKmLkja2699Ge4op2k2uxffNyKxIbnqvzRjEZ1DlOwHIFy7RNIRGMlI4G9hjTT6AIUMl1iLEZkxmj0hMUL2CMdYUSO76kjhpxLWePITHcn0jODgVgSKgx42lvRhnqWkKewai8h_zvsf2rTeLowuOfKPsmfoPC7NsvyIsngSYPrAw4DnTQxMkgnNgpMEOjYaiLf_88_VBmYU0hOdbZ_x6jfpeBQU9xVX9vjZktvBR1U1DgeVvbNQwmIQRR3G5_-7LfCtjRfgLjJ7NboLR2CoubrU9x1c8N3iN9xGT9juwIM-URC7ktqywuqcFQZIyYhk5F-i7w6t89QiU8PXJ8dGH38f_kBCdPivfBzYM-iAgLlneY3vz7wZ_Wofmrq3cBpn0JKLDH_YAdHLgWZ8aob11DlQg73uN24Edu1dPm3TqyOFsDiE8bjPkqB_-hWtNDg4n51FXt1dQYv6YOfOmnt4aBjXDb1n9H5yyLNDmtEHBXd-txT_QfZGgA23ywgODoyIqExkU4EXiNfvbMRQqSfRuSBppsj-z403X_JshnQ1IWASw6ZJt7Nf_AvehKBUxzGletejDu3pDY-z-zprw2kxTfgrGW55rpGvmcXxsAyoVZXYOQp5Nrlyzl44tZOsH3D27rXMPwmQpI84DDTiJIK3SssZzV7l2hwn9qa8cNKI80XN2l66cIS_VDzdXBZRuMRRid14K3E4MerE-etu6zB_0_zNHtn_nTqmzk0kNFRcB4LL6Q6RfTx0OpDPjUyzYZtiB9XZ1E14u8tF3biWxIMA&pr=96:0.07&cid=CAQSGwDq26N9DAWeBsibWYRpyS54r2mJwXti1_AzmRgBIAo&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83768c7f0d6eb72f1cb72d0a5d1f9ae35d315c79c16e3dece2db317497c3bb49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12160
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D590
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DKcUKSs5PFIAhNx9BtgC4q_dam6JmBmimdciAhO_m4OFhK-gsS_VMJWQaqkWzKRNGpPhfPGtoS1G2GCasywJiMp7mUmHWfbjVmfyb1W0po8rGbSuY
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aop
eb2.3lift.com/ Frame 4189
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=45304938713870492186720&rev=2369ca4&pr=can%27t%2520access%2520top%2520document&bc=0.07&bmid=5989&biid=6021&sid=90590&brid=470044&adid=452993925&crid=93055951&ts=1671883677&bcud=70&ss=5&caid=0&unid=0&domain=232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.yyzzbaby.com%252F&rr=creative&fid=10&rb=0&g=0&cb=70300
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
moatad.js
z.moatads.com/triplelift879988051105/ Frame 4189
319 KB
108 KB
Script
General
Full URL
https://z.moatads.com/triplelift879988051105/moatad.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-133.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fdd88d8f9b0e927dddc8f28d03d72cf29f41abf5e3ca3cb7f40902904754e1c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 17:33:00 GMT
server
AmazonS3
x-amz-request-id
6QT6BQJYS7DKPPS3
etag
"c6a8f0d27b34e978dc7dd009e038e3ff"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=50150
accept-ranges
bytes
content-length
110563
x-amz-id-2
qWabodk6N7jUh+lLEEmQJ4kw9JKrtwrCnuUo/hnPfe+td7curWz671IK8hkG5UGxygq0Eo8s3hk=
tpvpx
eb2.3lift.com/ Frame 4189
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/tpvpx?inv_code=adasia_allpublishers_display&aid=45304938713870492186720&rev=2369ca4&pid=39761&unid=0&vid=1&sr=10&cb=16024
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
j-6882479-4082875.js
cdn.flashtalking.com/xre/688/6882479/4082875/js/ Frame 1E0B
86 KB
22 KB
Script
General
Full URL
https://cdn.flashtalking.com/xre/688/6882479/4082875/js/j-6882479-4082875.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/195196;6882479;201;js;RecognifiedDE;PBRecognifiedCCCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOCulturalExplorerTSADASPD/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=www.yyzzbaby.com&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.yyzzbaby.com%2F&gdpr=&gdpr_consent=&cachebuster=582153.1840354899
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
24290643ea43476bfa1726627006849784d64855ad9aaa0ab8d71126f3e1fdf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
519C302MT4JP1840
Connection
Keep-Alive
Content-Length
21349
x-amz-id-2
PzAngNj+sej2trA2HjGV6WsWkaOCYLoX/YI8/Oi0vansF1fISTJ+ABsCTje9uH5HpVH+S6mi8zg=
Last-Modified
Wed, 26 Oct 2022 11:21:21 GMT
ETag
"1666783281"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671883678.dop125.am5.t,1671883678.cds239.am5.shn,1671883678.dop125.am5.t,1671883678.cds321.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
css
fonts.googleapis.com/ Frame 3FEE
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 11:10:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 12:07:58 GMT
7296e22ca20ac6472628647a52a912af.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 3FEE
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/7296e22ca20ac6472628647a52a912af.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 23 Dec 2022 15:18:04 GMT
x-content-type-options
nosniff
age
74994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8880
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 15:18:04 GMT
0eeebe2aab7fa2fb99c2a447383fb9a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 3FEE
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/0eeebe2aab7fa2fb99c2a447383fb9a6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 23 Dec 2022 14:44:18 GMT
x-content-type-options
nosniff
age
77020
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 19:23:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 14:44:18 GMT
undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 3FEE
0
0

Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F11B
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
174082
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 11:46:36 GMT
expires
Fri, 22 Dec 2023 11:46:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F16F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
174082
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 11:46:36 GMT
expires
Fri, 22 Dec 2023 11:46:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame DF6F
0
176 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 24 Dec 2022 12:07:58 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame F11B
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 10:51:16 GMT
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame F16F
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 10:51:16 GMT
main.html
cdn.flashtalking.com/170119/4082875/ Frame C53D
5 KB
2 KB
Document
General
Full URL
https://cdn.flashtalking.com/170119/4082875/main.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/688/6882479/4082875/js/j-6882479-4082875.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
404e8cfc4fc8d0f06b1f744aa470d001d26f2daaca3a9a9b1072f509f09557f6

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1200
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1245
Content-Type
text/html
Date
Sat, 24 Dec 2022 12:07:58 GMT
ETag
"1666279717"
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
X-HW
1671883678.dop125.am5.t,1671883678.cds239.am5.shn,1671883678.dop125.am5.t,1671883678.cds265.am5.pr
x-amz-id-2
ulgMNODlL09oBXq+P5WG5g7RN0hkt+UIa0fHlrOSXeiLfepccU0K1NlOVwomJKldvKMx2QzCZvc=
x-amz-request-id
TBAVW95DGW0ME6NE
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame 1E0B
17 KB
6 KB
Script
General
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/688/6882479/4082875/js/j-6882479-4082875.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
5JEN1G2HHBZAFAX9
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
7o83El6FaoLMYk+ZUIWjObz6Hlgy0W9+sXyvvHp4lTH6ulOYBpDzHQG61cLfMwd9u32n1LWywzY=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop002.am5.t,1671883678.cds220.am5.shn,1671883678.dop002.am5.t,1671883678.cds223.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=41735
Accept-Ranges
bytes
ai.aspx
m.exactag.com/ Frame 1E0B
60 B
60 B
Image
General
Full URL
https://m.exactag.com/ai.aspx?extProvId=57&extProvApi=128875&extPu=15874&extLi=195196&extPm=6882479&extCr=4082875&rnd=925078420
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Sa, 24 Dez 2022 12:07:58 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
977
Expires
Mon, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1E0B
Redirect Chain
  • https://red.vtracy.de/img.tr?tr_adid=k195196_s15874_p6882479_c4082875&tr_div=ftdiv6882479&tr_sync=true&tr_mid=5471457E13125D&gdpr_consent=&gdpr=&tr_uid1=FT&&t=878005206
  • https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-25bc84e2-726b-4108-98f2-63755cb83e60&adid=k195196_s15874_p6882479_c4082875&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=fal...
  • https://red.vtracy.de/tr_cm?v3=vi-25bc84e2-726b-4108-98f2-63755cb83e60&adid=k195196_s15874_p6882479_c4082875&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1671883678581&tamgdpr=&tam...
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fred.vtracy.de%2Ftr_aa%3Fv3%3Dvi-25bc84e2-726b-4108-98f2-63755cb83e60%26adid%3Dk195196_s15874_p6882479_c4082875%26userId%3D%25%25COOKIE...
  • https://red.vtracy.de/tr_aa?v3=vi-25bc84e2-726b-4108-98f2-63755cb83e60&adid=k195196_s15874_p6882479_c4082875&userId=7180685719748933776&tr_timestamp=1671883678809&tr_run=false&tr_ttd=true&tamgdpr=&...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25bc84e2-726b-4108-98f2-63755cb83e60&gdpr=&gdpr_consent=&request_uid=Y6brngYv7y4zRL23E44s5AAAAIA
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25bc84e2-726b-4108-98f2-63755cb83e60&gdpr=&gdpr_consent=&request_uid=Y6brngYv7y4zRL23E44s5AAAAIA
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Server
Apache
Vary
negotiate
Content-Type
text/html; charset=UTF-8
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25bc84e2-726b-4108-98f2-63755cb83e60&gdpr=&gdpr_consent=&request_uid=Y6brngYv7y4zRL23E44s5AAAAIA
TCN
choice
Connection
keep-alive
Content-Location
tr_aa.tr
Content-Length
0
main.html
cdn.flashtalking.com/170119/4082875/ Frame 6AC3
5 KB
2 KB
Document
General
Full URL
https://cdn.flashtalking.com/170119/4082875/main.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/688/6882479/4082875/js/j-6882479-4082875.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
404e8cfc4fc8d0f06b1f744aa470d001d26f2daaca3a9a9b1072f509f09557f6

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1200
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1245
Content-Type
text/html
Date
Sat, 24 Dec 2022 12:07:58 GMT
ETag
"1666279717"
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
X-HW
1671883678.dop002.am5.t,1671883678.cds220.am5.shn,1671883678.dop002.am5.t,1671883678.cds265.am5.pr
x-amz-id-2
ulgMNODlL09oBXq+P5WG5g7RN0hkt+UIa0fHlrOSXeiLfepccU0K1NlOVwomJKldvKMx2QzCZvc=
x-amz-request-id
TBAVW95DGW0ME6NE
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame 4ABF
17 KB
6 KB
Script
General
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/688/6882479/4082875/js/j-6882479-4082875.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
5JEN1G2HHBZAFAX9
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
7o83El6FaoLMYk+ZUIWjObz6Hlgy0W9+sXyvvHp4lTH6ulOYBpDzHQG61cLfMwd9u32n1LWywzY=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop152.am5.shc,1671883678.dop152.am5.t,1671883678.cds223.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=41735
Accept-Ranges
bytes
ai.aspx
m.exactag.com/ Frame 4ABF
43 B
1 KB
Image
General
Full URL
https://m.exactag.com/ai.aspx?extProvId=57&extProvApi=128875&extPu=15874&extLi=195196&extPm=6882479&extCr=4082875&rnd=934659695
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Sat, 24 Dec 2022 12:07:58 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Sa, 24 Dez 2022 12:07:58 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
977
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 4ABF
Redirect Chain
  • https://red.vtracy.de/img.tr?tr_adid=k195196_s15874_p6882479_c4082875&tr_div=ftdiv6882479&tr_sync=true&tr_mid=54719E56D09C10&gdpr_consent=&gdpr=&tr_uid1=FT&&t=270578767
  • https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-91ae40c2-72ce-4a83-9346-af7741764818&adid=k195196_s15874_p6882479_c4082875&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=fal...
  • https://red.vtracy.de/tr_cm?v3=vi-91ae40c2-72ce-4a83-9346-af7741764818&adid=k195196_s15874_p6882479_c4082875&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1671883678580&tamgdpr=&tam...
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fred.vtracy.de%2Ftr_aa%3Fv3%3Dvi-91ae40c2-72ce-4a83-9346-af7741764818%26adid%3Dk195196_s15874_p6882479_c4082875%26userId%3D%25%25COOKIE...
  • https://red.vtracy.de/tr_aa?v3=vi-91ae40c2-72ce-4a83-9346-af7741764818&adid=k195196_s15874_p6882479_c4082875&userId=7180685719751489690&tr_timestamp=1671883678809&tr_run=false&tr_ttd=true&tamgdpr=&...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-91ae40c2-72ce-4a83-9346-af7741764818&gdpr=&gdpr_consent=&request_uid=Y6brnn3qUHDHmqeNYlWn1wAAAAc
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-91ae40c2-72ce-4a83-9346-af7741764818&gdpr=&gdpr_consent=&request_uid=Y6brnn3qUHDHmqeNYlWn1wAAAAc
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Server
Apache
Vary
negotiate
Content-Type
text/html; charset=UTF-8
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-91ae40c2-72ce-4a83-9346-af7741764818&gdpr=&gdpr_consent=&request_uid=Y6brnn3qUHDHmqeNYlWn1wAAAAc
TCN
choice
Connection
keep-alive
Content-Location
tr_aa.tr
Content-Length
0
usermatch
ssum-sec.casalemedia.com/ Frame 6813
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e802d6d22630534638a9dea69680e613749c3fd9ba8e43d03ff573122e1fb6a4

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e9383f9a472bac-FRA
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 12:07:58 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wH4IGQD0wsOYKg%2Bj1%2F4LjlOyAgRgUDNJjy4YWjGt3mlXCNbACWjcz6RPk0MY%2FP1QHgGNwQPB%2F0mJSlzaMnBTGnHYwSnIVMShvyrZXyaDp%2F827qe4qRxdgOc7CV9xTE4kjOPcppadoHgayA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e9383f58385c1a-FRA
content-length
0
date
Sat, 24 Dec 2022 12:07:58 GMT
expires
0
location
/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Bs68SN6nllF4d8gxHhAciR2OkFaR6AZcTQVvCBtKUQ6un2gnuXOO%2F%2BoqjVXde7GWtTOvmf%2FwAENbc50j7UuROo1EE9XV6U0GogEqtDzFE31GCenYW%2FOeanPlsHh7QpbDDlhnybn5u11nw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame 1E0B
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1616a86a0e40e78fe8337e37e8857cdcbd5904d9db0bd407aa7cf68a24940e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
showad.js
ads.pubmatic.com/AdServer/js/ Frame BF6D
38 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=86431
content-encoding
gzip
content-length
13968
content-type
text/html
date
Sat, 24 Dec 2022 12:07:58 GMT
expires
Sun, 25 Dec 2022 12:08:29 GMT
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
m
ad.yieldlab.net/ Frame 16B9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEBF3mM1ujAfDxbDSLZ1uVRM&google_cver=1
0
525 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEBF3mM1ujAfDxbDSLZ1uVRM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNUXUgpWdAY5nJ2OyJ_oCNnq5wmY2exGQ1W1e_Hz225RP6yUW6-MEaMv-0q6vTTK7ATMxb4-jvxr0Ce-TICYa8iatazLqWXqc3i6JP9bTN2cs7v_M50n4DrJDeOqFHFoqLBCx_aIOayqh9aRldwBB-PRS8uZOOlYmf3LE9sbdIHxkjbnveg
Protocol
HTTP/1.1
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Fri, 23 Dec 2022 12:07:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEBF3mM1ujAfDxbDSLZ1uVRM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 16B9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMid7a0TfhBosrJBS8-D8B0&google_cver=1&adform_v=1
43 B
162 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMid7a0TfhBosrJBS8-D8B0&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYhceA2AEwAQ&v=APEucNUXUgpWdAY5nJ2OyJ_oCNnq5wmY2exGQ1W1e_Hz225RP6yUW6-MEaMv-0q6vTTK7ATMxb4-jvxr0Ce-TICYa8iatazLqWXqc3i6JP9bTN2cs7v_M50n4DrJDeOqFHFoqLBCx_aIOayqh9aRldwBB-PRS8uZOOlYmf3LE9sbdIHxkjbnveg
Protocol
H2
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
last-modified
Mon, 14 Nov 2022 09:52:50 GMT
server
nginx
accept-ranges
bytes
etag
"63720ff2-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEMid7a0TfhBosrJBS8-D8B0&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 4ABF
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e6de88fab8d42c6d2cd1463bdfc7c04ea208984c2bd4001da3a567c169cb1ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
n.js
geo.moatads.com/ Frame 4189
84 B
258 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&ol=275522191&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiIrBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-9G8YTaADD%2Bh2gA%3D%3D&sc=1&os=1-AA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRIPLELIFT1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.yyzzbaby.com&lp=https%3A%2F%2Fwww.yyzzbaby.com&t=1671883678573&de=316409543895&m=0&ar=67fa5e2a4e8-clean&iw=b667516&q=2&cb=0&ym=0&cu=1671883678573&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=7207%3A39761%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A45304938713870492186720%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=5989&zMoatOrigSlicer2=470044&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fwww.yyzzbaby.com%2F&id=0&ii=3&bo=5989&bd=yyzzbaby.com&gw=triplelift879988051105&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A403&jm=-1&fs=201243&na=897234427&cs=0&ord=1671883678573&jv=59214373&callback=DOMlessLLDcallback_82630932
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/triplelift879988051105/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.244.204 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-244-204.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
9ed516ef3950eb7cbfa73503874351e8d279279bb013cb6f6e2bda637ead7cbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"50565e5e7c36eb94c78fb84dd6848fe0dd881165"
content-length
84
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame 4189
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRIPLELIFT1&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.yyzzbaby.com&lp=https%3A%2F%2Fwww.yyzzbaby.com&t=1671883678573&de=316409543895&m=0&ar=67fa5e2a4e8-clean&iw=b667516&q=3&cb=0&ym=0&cu=1671883678573&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=7207%3A39761%3Aundefined%3A10&zMoatTactic=undefined&zMoatPixelParams=aid%3A45304938713870492186720%3Bsr%3A10%3Buid%3A0%3B&zMoatOrigSlicer1=5989&zMoatOrigSlicer2=470044&zMoatJS=-&zGSRC=1&gu=https%3A%2F%2Fwww.yyzzbaby.com%2F&id=0&ii=3&bo=5989&bd=yyzzbaby.com&gw=triplelift879988051105&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A403&jm=-1&fs=201243&na=480251906&cs=0
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 24 Dec 2022 12:07:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D590
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6ZLEkDsC5uHMamJgyN-8ZQgB6hUI0NvcEFk1swd3e9AIYZn_VX_JC5QTL52u7w2hvfSLgXu_AxA0b3-kpgMOKc9zyZZH0jtCWI84-2iMsfdzJzBfGDX0aog0_GU94VOMjptPFwDBHr98sQ7we1vpNP9N5nqTXwmvtcSIRqgKt7Ea2Dak&cry=1&dbm_d=AKAmf-Bz35HnbD6COWeFMquv3p7CRy0nnona1xopPnOD1P45E81r7YxZ3puTK0QLhgJ26K_8udukYExAK3rzLk-vJCYed4ir3lSzPRFiygTNDUwUwTEjln8Y_U4bGlFB-dV6moKnebicRN9r9h38GuS17jI8mm04CV4VZ1rsin6pq6uNNww5fzkNWK9d06CgpcTGRaUBOQkY5oiaMMwxOlzBMnw88znnmCt-pVs6u-btbZBgCHEqRXB-C7FktyllwGTBZ19iQX3F7z_-F9k74WF1UeIFEdNOACy6AgXSZw_spioZm2zux1L8m-Kp0coawalBiYPwtEuaEVvWenmLlkHR41fYKLWGew6pI8j96VhzDxkQQt-KDajYuxAiaEIDiWSCOd3r0frZjtvzIxg7Ca54Bc_9gU8sYzWyfNAVds3oRrqiZjWkQ6aY3L-aG7XYCAAUl6mjMz9-QF1pnvRY0H6nFn5LH7lJ3AOLSiZ133nTLSwrwCi-CH-T90KG3-U8Feqt-nr61ALQvmZri9UocLCnWCZiNHmvxE7WaXeq6DpiZhJDFKEfMoVcdhN0UXc1h9c3ZST240EN7LZOtGntk1dQN5EXFYuJANwa1G8VuPG8HvRpHS6Aoi-4KD8OaSd_KzqlZF8kvMNs2COwl9kb0bJSv7PMlJ0osz9y27VBwgryItdwAZ2ZpyrtvR783ilapr8oXHrPjlcgspO2r4skCzZ1pmCkiLAzx2eAqM-69LPxYhAP5nHhk27F2c_EbSzBjW-G1RnYriIJ-CHKnzzuMpBO21sqcnszcv1urW8DypX2xkuzdmDkcs3S_Czc9Yrg8LH_RnwpUxlo1AW8beFwcsdkS7L5eRcJwOMi29S51D_WdrcOc5ujaHb8smrJorrPORa9AspDUePB7DXO0j5HlEzfrIMAi-bHXVeT7-leKgo8oGiiTtHsPY36RCJppgUYRkKb1zp_zSIkwx75z_BIGGK1KeHdtam6sQjuYFwb_8ZmX98piUzBxasuiyWno0deCAz8DV8CgfdiQc3g5e-BDC5S_Djj1cBm53Zeofip_g0aJ-FQleC0xWMJmUEcaUY6hAXsnIZZOzXUc67dhwbVoGF6j8tePGUz48X9bupNPIbegOEOSJaEkbpstbAhENz2mVPg4Kbd9PxZD6tWH8sujjKHee0fYPAuQILRqjPfbF9Re_ItYfj_j7AKVWAiYjwQ51xnKodinvolt3Elr5pLfOS51P0SnAl-IYzxsXREJzMDMvT2B24zw2HPObyJzGjkk8bhSsOeCn20pZGXomV4J4t2ErKXC9TBIwp7aoCUtutaLrJqT7kdlQ1EMDy42w0HBNRfikfFqfHAeMUosMSVxZ6byHPz2VReMCCqsQCUOcANtbLBFiA9ZrfCQWusSS6dJzGfwPhoUmHqYDD35Y7IzH-1HjAZZViQ5w2xJ-HABsyUWAeKUqABBchzC_DM2Y6SUcNjrILuPEM9wJ40Updu0N-Z37lL2Y1TMVxPs9sX36s6-ENccs6rT8YKX9aq8P-mMLj7DOMPQ6GRAHCCMnVVafTFOQnQNKswfXZqQTlZxlMS9LnpdtyzCCd4rTXyixAoI3P28CHOf5NBN9f2YlcrlSxqgjNlHo5sRltMIA2QzJfGFmddxTBuTHp6sr7TtqZOIyU0XQiWQADtfPjNASGSlqbOulIyX-fb9NuOPNigiBRSOWVSt_WWfE4x7vrUuJdu5OIq6DmGxoSz6bblhgMq-tWtJ9p9uRZ8iTAgl02eg8xxxJ4vliXxjLA8ktjbUhWFmL1lkVC39zEEzXHlnWddFLX419pouDOlcGQGlBWU_AMmoOVPnXM4zJW3A-wxeytkgqMgNlqeHdnG5TwR4-BgOi1YmMC7dYYsJFFTuetNSIUzJFio2sfZweUldm9y2BlkTA1JYRJ2BSmteJ9BBe3TNsl-JZMQ7ttcy5HuC1IjudWDQo5dGz1zuTh10NSEDJWVv74ZT1tHx3LkU2wQL7uwGaUVyioXzuCVf_X5v2tivBMGMegYOE6nwBPemOm_cOIRBBe03HuyfebQTgPuC5R02CdyGFie7wp3_49rk8WFwIBEtGi-upRZXLZr2qAwkicPEvPi0RCCl4l5OONXQA3k3zcT75NU-YAT-_ScpVuWCmnjsTngu0Q1CQFGIEf9JYYY7jY4yVbIwAB7d6DSO6uU1dG7d9VUScTccdH5BBDR7hiwvy8szNaywZMMEonuNLmcUCnslroT1iNDkGw6EsM92XP9F5C4rDTCdTKgmADyxUZj4xInGO1oVmusaui4HaEjtiei1q50TwlUaVKOQ_pSjRMlJLKW4TR8Q91a2ciDDTiBTIK0aTzPral9ZqQGZFmmvYv0gj-d6Y5QeNlxNljRqhUUsit9DFozK22bbwq1kegPCEHM_yhr5ao75OIi0Jfbe3pONo12GC2a5naynUPiulLVBevoenDX1kGLgUIC3A93ch7AdJAW6YcyKTgln5rClpFzgYV0a7Z7Ll2dgeLQ4ZhDHXflyBiLyjiHOrK39hrec9SwNaMNhKTWKNz5QXJDlfbYx6V69WM1Wd7drQr1MfR1lXAbkiszv5aTY6urPuRJrLeoXIaEnTkwlN_MnZUvEJllcfVC6Wnf89__bbpBVnoObzhuIjaj_sXQ0kdlt9WzsT2YQ_3qudSRz9p8FK1LxOU_6Z7JepkZBlkGWKi_B_3OSw2eI6AGdx92Teg5YMPQ3CcZL1vhkC5i8TQystDU3jOPrZ_WkCtP_6AjJut0xUaeXDAN_WMIIxkF5hmhAHbedEdBIpsqEXRpypKmLkja2699Ge4op2k2uxffNyKxIbnqvzRjEZ1DlOwHIFy7RNIRGMlI4G9hjTT6AIUMl1iLEZkxmj0hMUL2CMdYUSO76kjhpxLWePITHcn0jODgVgSKgx42lvRhnqWkKewai8h_zvsf2rTeLowuOfKPsmfoPC7NsvyIsngSYPrAw4DnTQxMkgnNgpMEOjYaiLf_88_VBmYU0hOdbZ_x6jfpeBQU9xVX9vjZktvBR1U1DgeVvbNQwmIQRR3G5_-7LfCtjRfgLjJ7NboLR2CoubrU9x1c8N3iN9xGT9juwIM-URC7ktqywuqcFQZIyYhk5F-i7w6t89QiU8PXJ8dGH38f_kBCdPivfBzYM-iAgLlneY3vz7wZ_Wofmrq3cBpn0JKLDH_YAdHLgWZ8aob11DlQg73uN24Edu1dPm3TqyOFsDiE8bjPkqB_-hWtNDg4n51FXt1dQYv6YOfOmnt4aBjXDb1n9H5yyLNDmtEHBXd-txT_QfZGgA23ywgODoyIqExkU4EXiNfvbMRQqSfRuSBppsj-z403X_JshnQ1IWASw6ZJt7Nf_AvehKBUxzGletejDu3pDY-z-zprw2kxTfgrGW55rpGvmcXxsAyoVZXYOQp5Nrlyzl44tZOsH3D27rXMPwmQpI84DDTiJIK3SssZzV7l2hwn9qa8cNKI80XN2l66cIS_VDzdXBZRuMRRid14K3E4MerE-etu6zB_0_zNHtn_nTqmzk0kNFRcB4LL6Q6RfTx0OpDPjUyzYZtiB9XZ1E14u8tF3biWxIMA&pr=96:0.07&cid=CAQSGwDq26N9DAWeBsibWYRpyS54r2mJwXti1_AzmRgBIAo&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 12:07:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D590
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6ZLEkDsC5uHMamJgyN-8ZQgB6hUI0NvcEFk1swd3e9AIYZn_VX_JC5QTL52u7w2hvfSLgXu_AxA0b3-kpgMOKc9zyZZH0jtCWI84-2iMsfdzJzBfGDX0aog0_GU94VOMjptPFwDBHr98sQ7we1vpNP9N5nqTXwmvtcSIRqgKt7Ea2Dak&cry=1&dbm_d=AKAmf-Bz35HnbD6COWeFMquv3p7CRy0nnona1xopPnOD1P45E81r7YxZ3puTK0QLhgJ26K_8udukYExAK3rzLk-vJCYed4ir3lSzPRFiygTNDUwUwTEjln8Y_U4bGlFB-dV6moKnebicRN9r9h38GuS17jI8mm04CV4VZ1rsin6pq6uNNww5fzkNWK9d06CgpcTGRaUBOQkY5oiaMMwxOlzBMnw88znnmCt-pVs6u-btbZBgCHEqRXB-C7FktyllwGTBZ19iQX3F7z_-F9k74WF1UeIFEdNOACy6AgXSZw_spioZm2zux1L8m-Kp0coawalBiYPwtEuaEVvWenmLlkHR41fYKLWGew6pI8j96VhzDxkQQt-KDajYuxAiaEIDiWSCOd3r0frZjtvzIxg7Ca54Bc_9gU8sYzWyfNAVds3oRrqiZjWkQ6aY3L-aG7XYCAAUl6mjMz9-QF1pnvRY0H6nFn5LH7lJ3AOLSiZ133nTLSwrwCi-CH-T90KG3-U8Feqt-nr61ALQvmZri9UocLCnWCZiNHmvxE7WaXeq6DpiZhJDFKEfMoVcdhN0UXc1h9c3ZST240EN7LZOtGntk1dQN5EXFYuJANwa1G8VuPG8HvRpHS6Aoi-4KD8OaSd_KzqlZF8kvMNs2COwl9kb0bJSv7PMlJ0osz9y27VBwgryItdwAZ2ZpyrtvR783ilapr8oXHrPjlcgspO2r4skCzZ1pmCkiLAzx2eAqM-69LPxYhAP5nHhk27F2c_EbSzBjW-G1RnYriIJ-CHKnzzuMpBO21sqcnszcv1urW8DypX2xkuzdmDkcs3S_Czc9Yrg8LH_RnwpUxlo1AW8beFwcsdkS7L5eRcJwOMi29S51D_WdrcOc5ujaHb8smrJorrPORa9AspDUePB7DXO0j5HlEzfrIMAi-bHXVeT7-leKgo8oGiiTtHsPY36RCJppgUYRkKb1zp_zSIkwx75z_BIGGK1KeHdtam6sQjuYFwb_8ZmX98piUzBxasuiyWno0deCAz8DV8CgfdiQc3g5e-BDC5S_Djj1cBm53Zeofip_g0aJ-FQleC0xWMJmUEcaUY6hAXsnIZZOzXUc67dhwbVoGF6j8tePGUz48X9bupNPIbegOEOSJaEkbpstbAhENz2mVPg4Kbd9PxZD6tWH8sujjKHee0fYPAuQILRqjPfbF9Re_ItYfj_j7AKVWAiYjwQ51xnKodinvolt3Elr5pLfOS51P0SnAl-IYzxsXREJzMDMvT2B24zw2HPObyJzGjkk8bhSsOeCn20pZGXomV4J4t2ErKXC9TBIwp7aoCUtutaLrJqT7kdlQ1EMDy42w0HBNRfikfFqfHAeMUosMSVxZ6byHPz2VReMCCqsQCUOcANtbLBFiA9ZrfCQWusSS6dJzGfwPhoUmHqYDD35Y7IzH-1HjAZZViQ5w2xJ-HABsyUWAeKUqABBchzC_DM2Y6SUcNjrILuPEM9wJ40Updu0N-Z37lL2Y1TMVxPs9sX36s6-ENccs6rT8YKX9aq8P-mMLj7DOMPQ6GRAHCCMnVVafTFOQnQNKswfXZqQTlZxlMS9LnpdtyzCCd4rTXyixAoI3P28CHOf5NBN9f2YlcrlSxqgjNlHo5sRltMIA2QzJfGFmddxTBuTHp6sr7TtqZOIyU0XQiWQADtfPjNASGSlqbOulIyX-fb9NuOPNigiBRSOWVSt_WWfE4x7vrUuJdu5OIq6DmGxoSz6bblhgMq-tWtJ9p9uRZ8iTAgl02eg8xxxJ4vliXxjLA8ktjbUhWFmL1lkVC39zEEzXHlnWddFLX419pouDOlcGQGlBWU_AMmoOVPnXM4zJW3A-wxeytkgqMgNlqeHdnG5TwR4-BgOi1YmMC7dYYsJFFTuetNSIUzJFio2sfZweUldm9y2BlkTA1JYRJ2BSmteJ9BBe3TNsl-JZMQ7ttcy5HuC1IjudWDQo5dGz1zuTh10NSEDJWVv74ZT1tHx3LkU2wQL7uwGaUVyioXzuCVf_X5v2tivBMGMegYOE6nwBPemOm_cOIRBBe03HuyfebQTgPuC5R02CdyGFie7wp3_49rk8WFwIBEtGi-upRZXLZr2qAwkicPEvPi0RCCl4l5OONXQA3k3zcT75NU-YAT-_ScpVuWCmnjsTngu0Q1CQFGIEf9JYYY7jY4yVbIwAB7d6DSO6uU1dG7d9VUScTccdH5BBDR7hiwvy8szNaywZMMEonuNLmcUCnslroT1iNDkGw6EsM92XP9F5C4rDTCdTKgmADyxUZj4xInGO1oVmusaui4HaEjtiei1q50TwlUaVKOQ_pSjRMlJLKW4TR8Q91a2ciDDTiBTIK0aTzPral9ZqQGZFmmvYv0gj-d6Y5QeNlxNljRqhUUsit9DFozK22bbwq1kegPCEHM_yhr5ao75OIi0Jfbe3pONo12GC2a5naynUPiulLVBevoenDX1kGLgUIC3A93ch7AdJAW6YcyKTgln5rClpFzgYV0a7Z7Ll2dgeLQ4ZhDHXflyBiLyjiHOrK39hrec9SwNaMNhKTWKNz5QXJDlfbYx6V69WM1Wd7drQr1MfR1lXAbkiszv5aTY6urPuRJrLeoXIaEnTkwlN_MnZUvEJllcfVC6Wnf89__bbpBVnoObzhuIjaj_sXQ0kdlt9WzsT2YQ_3qudSRz9p8FK1LxOU_6Z7JepkZBlkGWKi_B_3OSw2eI6AGdx92Teg5YMPQ3CcZL1vhkC5i8TQystDU3jOPrZ_WkCtP_6AjJut0xUaeXDAN_WMIIxkF5hmhAHbedEdBIpsqEXRpypKmLkja2699Ge4op2k2uxffNyKxIbnqvzRjEZ1DlOwHIFy7RNIRGMlI4G9hjTT6AIUMl1iLEZkxmj0hMUL2CMdYUSO76kjhpxLWePITHcn0jODgVgSKgx42lvRhnqWkKewai8h_zvsf2rTeLowuOfKPsmfoPC7NsvyIsngSYPrAw4DnTQxMkgnNgpMEOjYaiLf_88_VBmYU0hOdbZ_x6jfpeBQU9xVX9vjZktvBR1U1DgeVvbNQwmIQRR3G5_-7LfCtjRfgLjJ7NboLR2CoubrU9x1c8N3iN9xGT9juwIM-URC7ktqywuqcFQZIyYhk5F-i7w6t89QiU8PXJ8dGH38f_kBCdPivfBzYM-iAgLlneY3vz7wZ_Wofmrq3cBpn0JKLDH_YAdHLgWZ8aob11DlQg73uN24Edu1dPm3TqyOFsDiE8bjPkqB_-hWtNDg4n51FXt1dQYv6YOfOmnt4aBjXDb1n9H5yyLNDmtEHBXd-txT_QfZGgA23ywgODoyIqExkU4EXiNfvbMRQqSfRuSBppsj-z403X_JshnQ1IWASw6ZJt7Nf_AvehKBUxzGletejDu3pDY-z-zprw2kxTfgrGW55rpGvmcXxsAyoVZXYOQp5Nrlyzl44tZOsH3D27rXMPwmQpI84DDTiJIK3SssZzV7l2hwn9qa8cNKI80XN2l66cIS_VDzdXBZRuMRRid14K3E4MerE-etu6zB_0_zNHtn_nTqmzk0kNFRcB4LL6Q6RfTx0OpDPjUyzYZtiB9XZ1E14u8tF3biWxIMA&pr=96:0.07&cid=CAQSGwDq26N9DAWeBsibWYRpyS54r2mJwXti1_AzmRgBIAo&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 11:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:46:28 GMT
/
servedby.flashtalking.com/imp/2/195196;6882479;201;js;RecognifiedDE;PBRecognifiedCCCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOCulturalExplorerTSADASPD/ Frame D590
1 KB
1 KB
Script
General
Full URL
https://servedby.flashtalking.com/imp/2/195196;6882479;201;js;RecognifiedDE;PBRecognifiedCCCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOCulturalExplorerTSADASPD/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2F232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&gdpr=&gdpr_consent=&cachebuster=714810.3130742693
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.57.2 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-57-2.deploy.static.akamaitechnologies.com
Software
prod-xre-app17.frk11 /
Resource Hash
af13a30138885d11d6115eefb7429a65d839e96d829f90dde42a37ef9ef0a0d6
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app17.frk11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
681
Expires
Sat, 24 Dec 2022 12:07:58 GMT
container.html
232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7939
6 KB
3 KB
Document
General
Full URL
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:57 GMT
expires
Sun, 24 Dec 2023 12:07:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
style.css
cdn.flashtalking.com/170119/4082875/css/ Frame C53D
4 KB
2 KB
Stylesheet
General
Full URL
https://cdn.flashtalking.com/170119/4082875/css/style.css
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
80cfb7e3c871391d862a62cbe884e880054d4eec2a1a9d0584780f71843f61f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
FXMPG4BQQZ7JNZZF
Connection
Keep-Alive
Content-Length
864
x-amz-id-2
BmbxRMk2dQWzhV5IvJjhm4eoQWFZdVuhI0cIDiS0I0rUZzms6n2JwFRqFbBV4QLvo5pKX6bq9/Y=
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
X-HW
1671883678.dop002.am5.t,1671883678.cds220.am5.shn,1671883678.dop002.am5.t,1671883678.cds215.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
gsap.min.js
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame C53D
56 KB
23 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
732117ac92a33b760d9290a33f1541762ee9449dc417ea249b5a0df50738ad16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
AA01DDC7316F7209
Connection
Keep-Alive
Content-Length
22785
x-amz-id-2
AvPbRwuVUg4hJEjjFkOdOz7NjiZ1xJ0F9BiTtj4tVg+tyr8St6jsN+62bFzUdWbW1xHFZ8TQbuI=
Last-Modified
Tue, 28 Jan 2020 18:56:48 GMT
ETag
"1580237808"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop125.am5.t,1671883678.cds239.am5.shn,1671883678.dop125.am5.t,1671883678.cds254.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=38252
Accept-Ranges
bytes
EasePack.min.js
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame C53D
2 KB
2 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/EasePack.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
06a7a4aaf7d24fe25c456fd70efb10c13a63b0dc9563de6f9278e57ffeaf1549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
7S4G9S6S5G2W8GEP
Connection
Keep-Alive
Content-Length
1370
x-amz-id-2
sfZ1/1iZqI6ukiEP2rg/P7JJytFNCQbtYRQZw1WaH3tqZL1m97sku50ooRgLqoW+bqCvBd8vo8A=
Last-Modified
Tue, 28 Jan 2020 18:56:48 GMT
ETag
"1580237808"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop152.am5.shc,1671883678.dop152.am5.t,1671883678.cds249.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=82769
Accept-Ranges
bytes
TextPlugin.min.js
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame C53D
10 KB
4 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/TextPlugin.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
896065599d162442f45106ffece970d68db172c0b8f671c4cf3c4560ba381525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
F5D31112306F2A8E
Connection
Keep-Alive
Content-Length
3468
x-amz-id-2
HvE1OCie6biGKU+rp2kjn2NadRkFdmnkwa6KkLdMcW4+fq1pxA6uQjVDVD+X90fKJiDyaJjm9Qc=
Last-Modified
Tue, 28 Jan 2020 18:56:48 GMT
ETag
"1580237808"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop208.am5.shc,1671883678.dop208.am5.t,1671883678.cds146.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=62742
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame C53D
89 KB
29 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
3TC54RGTGMJKGKK8
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
RWhAnhQx5Zmf8utwYsel6rgNDpZgqGkC66Isg/cnNdEq/+ZAHac70lO4wfpY19J+4rFiafM4b6s=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop208.am5.shc,1671883678.dop208.am5.t,1671883678.cds233.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=7882
Accept-Ranges
bytes
style.css
cdn.flashtalking.com/170119/4082875/css/ Frame 6AC3
4 KB
1 KB
Stylesheet
General
Full URL
https://cdn.flashtalking.com/170119/4082875/css/style.css
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
80cfb7e3c871391d862a62cbe884e880054d4eec2a1a9d0584780f71843f61f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
FXMPG4BQQZ7JNZZF
Connection
Keep-Alive
Content-Length
864
x-amz-id-2
BmbxRMk2dQWzhV5IvJjhm4eoQWFZdVuhI0cIDiS0I0rUZzms6n2JwFRqFbBV4QLvo5pKX6bq9/Y=
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
X-HW
1671883678.dop152.am5.shc,1671883678.dop152.am5.t,1671883678.cds215.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
gsap.min.js
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame 6AC3
56 KB
23 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
732117ac92a33b760d9290a33f1541762ee9449dc417ea249b5a0df50738ad16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
AA01DDC7316F7209
Connection
Keep-Alive
Content-Length
22785
x-amz-id-2
AvPbRwuVUg4hJEjjFkOdOz7NjiZ1xJ0F9BiTtj4tVg+tyr8St6jsN+62bFzUdWbW1xHFZ8TQbuI=
Last-Modified
Tue, 28 Jan 2020 18:56:48 GMT
ETag
"1580237808"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop125.am5.t,1671883678.cds239.am5.shn,1671883678.dop125.am5.t,1671883678.cds254.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=38252
Accept-Ranges
bytes
EasePack.min.js
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame 6AC3
2 KB
2 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/EasePack.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
06a7a4aaf7d24fe25c456fd70efb10c13a63b0dc9563de6f9278e57ffeaf1549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
7S4G9S6S5G2W8GEP
Connection
Keep-Alive
Content-Length
1370
x-amz-id-2
sfZ1/1iZqI6ukiEP2rg/P7JJytFNCQbtYRQZw1WaH3tqZL1m97sku50ooRgLqoW+bqCvBd8vo8A=
Last-Modified
Tue, 28 Jan 2020 18:56:48 GMT
ETag
"1580237808"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop018.am5.shc,1671883678.dop018.am5.t,1671883678.cds249.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=82769
Accept-Ranges
bytes
TextPlugin.min.js
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame 6AC3
10 KB
4 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/TextPlugin.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
896065599d162442f45106ffece970d68db172c0b8f671c4cf3c4560ba381525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
F5D31112306F2A8E
Connection
Keep-Alive
Content-Length
3468
x-amz-id-2
HvE1OCie6biGKU+rp2kjn2NadRkFdmnkwa6KkLdMcW4+fq1pxA6uQjVDVD+X90fKJiDyaJjm9Qc=
Last-Modified
Tue, 28 Jan 2020 18:56:48 GMT
ETag
"1580237808"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop125.am5.t,1671883678.cds239.am5.shn,1671883678.dop125.am5.t,1671883678.cds146.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=62742
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 6AC3
89 KB
29 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
3TC54RGTGMJKGKK8
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
RWhAnhQx5Zmf8utwYsel6rgNDpZgqGkC66Isg/cnNdEq/+ZAHac70lO4wfpY19J+4rFiafM4b6s=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop018.am5.shc,1671883678.dop018.am5.t,1671883678.cds233.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=7882
Accept-Ranges
bytes
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=event&_s=12&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_mcm&el=v-yyzzbaby&_u=aEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=1592101290
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33903
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.yyzzbaby.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.yyzzbaby.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame BF6D
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47767798&p=157267&s=550805&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=10&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:57 GMT
content-length
0
/
ad-events.flashtalking.com/state/6882479;4082875;0;271;C5994A71-C967-E820-38A1-82F5F66F93B8/ Frame 1E0B
0
67 B
Image
General
Full URL
https://ad-events.flashtalking.com/state/6882479;4082875;0;271;C5994A71-C967-E820-38A1-82F5F66F93B8/?cachebuster=780847915
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.112.146 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-112-146.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame 1E0B
1 B
377 B
Image
General
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?224808575-6882479;4082875;0-304-0-5471457E13125D-93532993
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 12:07:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A192
0
0

amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame FA87
221 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
296966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FA87
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
296966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FA87
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
296966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-carousel-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FA87
33 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-carousel-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2cef147f59ba3c90ea2d5a2d4897f9c126b5d71b472d5625cd484fa232ef0c1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
296966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10090
x-xss-protection
0
server
sffe
etag
"e045a48636d92551"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FA87
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
296966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FA87
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:38:32 GMT
age
296966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 01:38:32 GMT
amp-gwd-animation-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame FA87
6 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-gwd-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79e86049a33a4706f4e46501c1268f61536aa9ed3943113c308076b2403c53f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Dec 2022 20:55:44 GMT
age
227535
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2457
x-xss-protection
0
server
sffe
etag
"d4430c48bac670ef"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Dec 2023 20:55:44 GMT
truncated
/ Frame FA87
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a22c68c3919bc17cc40d16b4f03777eb997258ad0a2c6040099978451a5110ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA87
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 09:39:53 GMT
x-content-type-options
nosniff
server
cafe
age
8885
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 25 Dec 2022 09:39:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA87
295 B
325 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:35:33 GMT
x-content-type-options
nosniff
server
cafe
age
55945
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 24 Dec 2022 20:35:33 GMT
l
www.google.com/ads/measurement/ Frame FA87
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwGjSHxEsWq5V-d2Ti1AW-f4LqHkuh2Mbm8pGZggAIk6o9aL9Rwj1M9lCkFGhwaMMqwWLdSFwCa0jA289JkW06pFrbmw
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame FA87
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CA7jFnuumY_m6Fs7ox_AP8Oa1wAOH15yLbr7z_MmKDdqE2r_AGxABINSAqitgleKQgqAHoAHxgPiFA8gBCakCbH_dryPQsT7gAgCoAwHIAwiqBIcCT9BVtsoLOWzocf1czdx1vquS64SSIBC4ASvGQMDSFio3D4DBF52yRsLog1o0GVtg5UnNJpvvxx4D2YdEj5ygkJEPz7QyOCnL_SIX3fibOIlYPtpZGnai9H19lgJSK75p2gydYA7IgYZX8uXn5JaAibGaxsYHvbhvbtP5Brf7OP62H1eyefMQEvm5u8Ch4-51DI7Ra42SbmwAj_GGh1MDcmeFdhxwOw9Yld00P03bULmBLAEnc7zQyFzz5l9bvfQrAQoV8draXNUdWac6YBIseVmkvZOGJxYFOdmaEV2FCfSgmAoKjoBONTCnAqQfMlDNjjawl6II0wa4tykOhYYypfjRceWFL4jABO_DyaSZA-AEAZIFBAgEGAGSBQQIBRgEoAYugAf3_od6qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQxdMq0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwrQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzA5NDY3Nzc5ODM5OTYwNhjEixc&sigh=I4zEINTrKvk&uach_m=[UACH]&cid=CAQSOwDq26N9aBKJT-3W-4dN2qDrfJtMWoj_O6e8u-qOLOlkeeNq2fCmnCAX7KndpQztnQ7UmpOGm1e_O2dLGAEgEw&template_id=419
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ERKENNEN_GER_BUTTON.svg
tpc.googlesyndication.com/sadbundle/9027138811292010428/ Frame FA87
5 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9027138811292010428/ERKENNEN_GER_BUTTON.svg
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ce04a60c063696e0d0f34ecc37268c375958e42be80902801c798311fd9fd34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 04:10:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
547030
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1560
x-xss-protection
0
last-modified
Fri, 31 Jul 2020 09:30:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 18 Dec 2023 04:10:48 GMT
ERKENNEN_GER_L.svg
tpc.googlesyndication.com/sadbundle/9027138811292010428/ Frame FA87
13 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9027138811292010428/ERKENNEN_GER_L.svg
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56b3114e86007b6bd1f03f16a0e8783792d324cd4b3fb6905f8c00b21f1faa93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 08:12:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3631
x-xss-protection
0
last-modified
Fri, 31 Jul 2020 09:30:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 08:12:11 GMT
lead_info_logo.svg
tpc.googlesyndication.com/sadbundle/9027138811292010428/ Frame FA87
4 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9027138811292010428/lead_info_logo.svg
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
312f9a35c3e594216f8ee311d915c5342c50246d4c82eeb62012ca3e1b389eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435338
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1710
x-xss-protection
0
last-modified
Fri, 31 Jul 2020 09:30:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 11:12:20 GMT
mockup-90.png
tpc.googlesyndication.com/sadbundle/9027138811292010428/ Frame FA87
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9027138811292010428/mockup-90.png
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77820b3fdeb559c7105dc2ea853a959b6452edbb8ee77f840cf9b422215f245c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:12:21 GMT
x-content-type-options
nosniff
age
435337
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12854
x-xss-protection
0
last-modified
Fri, 31 Jul 2020 09:30:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 11:12:21 GMT
ERKENNEN_GER_SUB_S.svg
tpc.googlesyndication.com/sadbundle/9027138811292010428/ Frame FA87
7 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/9027138811292010428/ERKENNEN_GER_SUB_S.svg
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66c6a65b77e9a8ba512aa82b3d1f541c10f951539fd72099b10ea52be3892534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 11:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435337
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2391
x-xss-protection
0
last-modified
Fri, 31 Jul 2020 09:30:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 11:12:21 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6813
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6813
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6brngDy3T.SrBxh72BEjQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1&google_hm=2
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6813
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6brngDy3T-SrBxh72BEjQAAFA0AAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6813
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y6brngDy3T-SrBxh72BEjQAAFA0AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y6brngDy3T-SrBxh72BEjQAAFA0AAAAB&dcc=t
43 B
568 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y6brngDy3T-SrBxh72BEjQAAFA0AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BH6PPWQC2795AZQWZBMA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8APPR92RQX88KFVN52RA
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y6brngDy3T-SrBxh72BEjQAAFA0AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6813
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=989163a6-eba0-4900-882f-4601cb76453c&gdpr=1&gdpr_consent=
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=989163a6-eba0-4900-882f-4601cb76453c&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x1 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=989163a6-eba0-4900-882f-4601cb76453c&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 12:07:58 GMT
crum
dsum-sec.casalemedia.com/ Frame 6813
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jOCuwdkt1P93jM5&gdpr=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jOCuwdkt1P93jM5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/4da9b91#4da9b91e1fcbbaec3beafc6ce8a7393d26d4f693 i-0e252bea97934d44f@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jOCuwdkt1P93jM5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 6813
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.135.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-135-253.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
no_match_opted_out
um.simpli.fi/ Frame 6813
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B
Image
General
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H2
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 12:07:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sat, 24 Dec 2022 12:07:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/no_match_opted_out
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Dec 2022 12:07:58 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6813
43 B
352 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Y6brngDy3T-SrBxh72BEjQAAFA0AAAAB=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
413
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
77e938411c29bbe3-FRA
content-length
43
expires
Sat, 24 Dec 2022 16:07:58 GMT
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
publishertag.prebid.123.js
static.criteo.net/js/ld/
87 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 12:07:58 GMT
/
ad-events.flashtalking.com/state/6882479;4082875;0;271;51651F52-BE6E-CDFC-979E-C07F72588059/ Frame 4ABF
0
66 B
Image
General
Full URL
https://ad-events.flashtalking.com/state/6882479;4082875;0;271;51651F52-BE6E-CDFC-979E-C07F72588059/?cachebuster=568463594
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.112.146 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-112-146.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame 4ABF
1 B
377 B
Image
General
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?224808575-6882479;4082875;0-304-0-54719E56D09C10-261505143
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:58 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 12:07:58 GMT
ev3
eb2.3lift.com/ Frame 4189
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ev3?vid=1&aid=45304938713870492186720&sr=10&uid=0&type=mi&ord=1671883678573
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame 7939
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVdy_nuumY6XDFZbigAfOjoqgDu6StZNcv6KFx-QFwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBKcCT9BMOTobK6hjiVbaei4zByCtI9S89usO3MDcCqSWkxtwapml_3JPqNaYU-JdR5F9XogY3DkX_jGWBHZZWgF71t6JyD80pgERH7WoEmYVFXQPH6u6dQPCXHFAvTffv8IfnNNxWx0OVMj0E_YtDuKChA856xdWqXyGMmpp5MV3qGNSIsSeVC_GyTLPq_mWUldwNz1vAfER5VMf3UnqqkhEZsdNMHiH_dLtxbZNXvqXRC47NHdapK_oGHZUiGjkXQQJHKJ9U8qVjNkMAJC-RUObDSx8wffqqioujyatFWLvWr5U8d85KhbRd2k5AujTpT2y1dMz9aH_6Piw-IS1W2DlYYEOAXuV-g-bFJnfR78LT8Mc1f1LQ9YRG4YWBZ-CXIEanMcJuU4TXeAEAYAGr5aU-JvbhIbbAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=Nbr_vrNlUTQ&uach_m=[UACH]&cid=CAQSOwDq26N9lXHuK1J-EFmWYsHGPVZTjStJart2Jz7Z-PvOsrLAbII2bbhufr1Qko13G_dSTENIqXPFjmuSGAEgEw
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

ttj
ib.3lift.com/ Frame 7939
4 KB
2 KB
Script
General
Full URL
https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-28.fra60.r.cloudfront.net
Software
/
Resource Hash
d05a47071f5b2ac2126e07bf7a15783be0352bc951138afadb839ca98be00ee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
218
etag
"e172245a648144726a3fc351f30b85358a7602b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
content-length
2163
x-amz-cf-id
gBnQSM_MEQlTiYq6mxFkCFW49jkMWP3ONEQY5nBaJDj_P4oIR8b_1g==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7939
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:58:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
79755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:58:43 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7939
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
1336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 07 Jan 2023 11:45:42 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7939
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
186462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 08:20:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7939
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 12:07:58 GMT
notify
tlx.3lift.com/s2s/ Frame 7939
37 B
183 B
Image
General
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=Y6brngAFYaUK4DEWAAKHTilMVqwrjNgngttkrQ&ts=1671883678&aid=3704257862038289135010&ec=5989_106025_421730024&n=GgDyAskBCAASFjM3MDQyNTc4NjIwMzgyODkxMzUwMTAYACABKOUuMKm8BkABSABQAGAKaABwrbgekAEAmAEAqAEAuAEKwAEoyAEx8AEA%2BAExgAIokQIAAAAAAADwP5kCUrgehetRyD%2BoAgCwAgDIAgTYAgDxAmZmZmZmZuY%2F%2BAKFL4AD2AWIA1qQAwCYAwCgAwC4A6fGAsgDANIDCTQyMTczMDAyNNoDCTYxNjI5NzgxNeAD4LaxDOkDAAAAAAAAAADwAzH5AwAAAAAAAAAA%2BAIFiAMAkgMEYzYyN5gDAKAD0bYCqAMA
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.97.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-97-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 7939
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=3704257862038289135010
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel.gif
px.moatads.com/ Frame 4189
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2F232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com%2F%2Fsafeframe%2F1-0-40%2Fhtml%2F-&i=TRIPLELIFT1&ol=275522191&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiIrBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-9G8YTaADD%2Bh2gA%3D%3D&sc=1&os=1-AA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.yyzzbaby.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.yyzzbaby.com&lp=https%3A%2F%2Fwww.yyzzbaby.com&t=1671883678573&de=316409543895&cu=1671883678573&m=70&ar=67fa5e2a4e8-clean&iw=b667516&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A403&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=50&cd=0&ah=50&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=7207%3A39761%3Aundefined%3A10&bo=5989&bd=yyzzbaby.com&gw=triplelift879988051105&zMoatOrigSlicer1=5989&zMoatOrigSlicer2=470044&zMoatTactic=undefined&zMoatPixelParams=aid%3A45304938713870492186720%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=2&jm=-1&tc=0&fs=201243&na=1014858276&cs=0
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 24 Dec 2022 12:07:58 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 30FA
85 KB
18 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2C22773855754%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_yyzzbaby_v_pre_1&description_url=https%3A%2F%2Fwww.yyzzbaby.com%2F&tfcd=0&npa=0&correlator=1010941608838671&vpos=preroll&sz=800x450%7C640x360%7C635x357%7C444x250%7C400x300%7C1x1&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.yyzzbaby.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26rubicon_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=4074809206&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Fwww.yyzzbaby.com%2Fd873ed38-2b3a-4dd4-8694-c2485b475164&sid=D03397DF-95F2-41EA-81C3-4D335F81B679&a3p=EhwKDWNyd2RjbnRybC5uZXQYvr-hoNQwSABSAghkEhkKCnB1YmNpZC5vcmcY0MKhoNQwSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGL6_oaDUMEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2liM0ZqYUZJeFkwOVNZVk53Y1VZNE1EZ3hUVWwwZHowOUluMD0YjsahoNQwSAASGQoKdWlkYXBpLmNvbRi-v6Gg1DBIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPbCoaDUMEgAUgIIag..&nel=0&eid=44748969%2C44750824%2C44765701%2C44768716&dlt=1671883676061&idt=2074&dt=1671883678861&cookie=ID%3D063d8549da2ec36e%3AT%3D1671883677%3AS%3DALNI_Mah_MM0gB9B42eIIS4Z9oVuKH1ZCw&gpic=UID%3D00000b97ec4af742%3AT%3D1671883677%3ART%3D1671883677%3AS%3DALNI_MazEHmG0MMzfNW-fCupP09-h2jL2A&scor=793300566850206&ged=ve4_td3_tt1_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
390ecb6c9f6f98cdbef1b99cfab9bfc10223a8ed125b81e4d4cdc64838c61013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17601
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
j-6882479-4082875.js
cdn.flashtalking.com/xre/688/6882479/4082875/js/ Frame D590
86 KB
22 KB
Script
General
Full URL
https://cdn.flashtalking.com/xre/688/6882479/4082875/js/j-6882479-4082875.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/2/195196;6882479;201;js;RecognifiedDE;PBRecognifiedCCCHDISPLAYFMSuperbannerSZ728x90VLRTCPCMOCulturalExplorerTSADASPD/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2F232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&gdpr=&gdpr_consent=&cachebuster=714810.3130742693
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
24290643ea43476bfa1726627006849784d64855ad9aaa0ab8d71126f3e1fdf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Content-Encoding
gzip
x-amz-request-id
519C302MT4JP1840
Connection
Keep-Alive
Content-Length
21349
x-amz-id-2
PzAngNj+sej2trA2HjGV6WsWkaOCYLoX/YI8/Oi0vansF1fISTJ+ABsCTje9uH5HpVH+S6mi8zg=
Last-Modified
Wed, 26 Oct 2022 11:21:21 GMT
ETag
"1666783281"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-HW
1671883678.dop152.am5.shc,1671883678.dop152.am5.t,1671883678.cds321.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8328
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
174082
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 11:46:36 GMT
expires
Fri, 22 Dec 2023 11:46:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hg1.jpg
cdn.flashtalking.com/170119/4082875/images/ Frame C53D
52 KB
53 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/hg1.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
eb72b1d68afdbb0f6ba7c0c429624dc01a3017b94fd25de34362ad297dd73f6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
N32V0KW1X64N2XG5
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1671883678.dop152.am5.shc,1671883678.dop152.am5.t,1671883678.cds324.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
53211
x-amz-id-2
ZX1ykZkS3+03BZjc1gSGQBClAUrcFFApLnziTPbFTXf2kO9xegtr+1iUnA8M8yKusZQyyFlDNI0=
hg2.jpg
cdn.flashtalking.com/170119/4082875/images/ Frame C53D
50 KB
51 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/hg2.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
307cc96dc20a8c27c9a8798f07a45e9009dca9a309a852c3e4c7e114f4c1ec7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
ZK4Y2AFWVVFAMJ6S
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1671883678.dop002.am5.t,1671883678.cds220.am5.shn,1671883678.dop002.am5.t,1671883678.cds250.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
51428
x-amz-id-2
cNc/hRz2bDWRXQgbgjagfjYdoZM6MagBBdFTb12hFla7wT7XDTEca7H/AvmAgIs64YY/FSzOtYg=
hg3.jpg
cdn.flashtalking.com/170119/4082875/images/ Frame C53D
25 KB
25 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/hg3.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
532db41f5a1087c4787573a9e0605a5981d001eb412aec57cbe7113f8b334eb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32XQNNSY95RM735
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1671883678.dop018.am5.shc,1671883678.dop018.am5.t,1671883678.cds116.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25444
x-amz-id-2
WB0Y0o9lPlH5yo0UWkHGeI8QKnqB7QtnhHP+8MWG81FJ+CtrsiULsgQLl0toEd3Ch1f6D6vbE6I=
logo.svg
cdn.flashtalking.com/170119/4082875/images/ Frame C53D
7 KB
8 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/logo.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
6654a63b00bdd0bf9d5826c7ab72a84f9e5647ecd6c2ace67503456319b1838e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32H03HAT2T4T05W
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop125.am5.t,1671883678.cds239.am5.shn,1671883678.dop125.am5.t,1671883679.cds316.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7500
x-amz-id-2
LvPFG+SknzoB995udj3UO+1GiXn2+iHU5yiVR/j7Ok60HkSdxAZBSFsLxhH9vOUcX1/UWjWteiU=
copyphase1.svg
cdn.flashtalking.com/170119/4082875/images/ Frame C53D
3 KB
3 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/copyphase1.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2854ee6c8bcefae5af92a25ec828db621fe0994f01e1afa0c3240c9cd8c2b53f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
N32YXZKXCWEA2A3V
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop208.am5.shc,1671883678.dop208.am5.t,1671883678.cds115.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2914
x-amz-id-2
18zU6u4ujWtPluuB2qx9mqTsT0UTODlpeqa7w5eVMmKfPzAWKOTBnT0iQQ9bD5Ky6mvZV/Tf6tU=
copyphase2.svg
cdn.flashtalking.com/170119/4082875/images/ Frame C53D
3 KB
3 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/copyphase2.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2f542e969c79b4ae3e03954481a961001a66096a6ca43ba4df2af140ce99bef0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:58 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
NE7017MK038ADE1B
ETag
"1666279716"
Surrogate-Control
max-age=1200;hw-h2proxy
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.cdn4-pxy016-ams02.am5.evs,1671883678.cds146.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Length
2604
x-amz-id-2
Cv7oxzPPQjnMN+GDBokhUB9Ot6Q31+c9q608Kl7Dr2BTXGOyMVsYLMnYCaTjTN8b2P4/fCNDrXo=
copyphase3.svg
cdn.flashtalking.com/170119/4082875/images/ Frame C53D
13 KB
13 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/copyphase3.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a82bf22c844d10d55df025c24025bf464dc175da5f439fa0411cb10e953c4e8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
N32TN2YRC2CBRDA6
ETag
"1666279716"
Surrogate-Control
max-age=1200;hw-h2proxy
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883679.cdn4-pxy016-ams02.am5.evs,1671883679.cds015.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Length
12861
x-amz-id-2
+Vkn9Vn9Bx0cBzwtwXy3K+qFq94CQW7puzmruE2tAbrZnaK5kRnRpgfXuMr/+8ro30i9lllsAjE=
cta.svg
cdn.flashtalking.com/170119/4082875/images/ Frame C53D
5 KB
6 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/cta.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5f188bd596926e30a865819ba8e19e526f0c4ad77babe539688b7bb905b8faed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
EVVGPQ5JZSPC4BVE
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop002.am5.t,1671883678.cds220.am5.shn,1671883679.dop002.am5.t,1671883679.cds007.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5238
x-amz-id-2
Ra8UwOE7AFJKz9vVEK65GWVymrNr+lcfA/OWNRO+xQxFAlOpA4uyDOVQoGtN16/YQTocqTsEKTI=
pb.svg
cdn.flashtalking.com/170119/4082875/images/ Frame C53D
3 KB
4 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/pb.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9bc037bd21b64c738431daeb5b7657d4f87039a1fa5dfffb5b7ffaa8c2e5ae31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32KE2X900ZCB1AF
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop152.am5.shc,1671883679.dop152.am5.t,1671883679.cds246.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3496
x-amz-id-2
U0cDamzb1FmsjAy1CZkumGxApAfgAAgxocUAChkd8Mm3loLQmbcfl9kfZArUOKFvoCgJMfg7Ris=
tag.svg
cdn.flashtalking.com/170119/4082875/images/ Frame C53D
16 KB
17 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/tag.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f9299e6a9b1a3106e1489f974221459cf31a78258192b00cf9653f6a9df4b290

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32ST5HPE2A5T1YW
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop018.am5.shc,1671883679.dop018.am5.t,1671883679.cds153.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16547
x-amz-id-2
Ox/FC1/gd1MnjfxIpCj9Cu/V3wk4Rhft0VyBla5ZOT3G/mqQxsYsMw5LuuDOZlLz2OeZ/A4G2Vs=
bundle.js
ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/ Frame 7939
170 KB
54 KB
Script
General
Full URL
https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-28.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 15:41:41 GMT
content-encoding
gzip
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 15:38:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1369578
etag
"dc17b3dc9f345ba38045deae8cd83a33"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
55196
x-amz-cf-id
DHUfbJ8wWtmo2D-jEjUaSsLL7ZTO5SO_ff1K7_WXVw_dcophJ16u_g==
hg1.jpg
cdn.flashtalking.com/170119/4082875/images/ Frame 6AC3
52 KB
53 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/hg1.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
eb72b1d68afdbb0f6ba7c0c429624dc01a3017b94fd25de34362ad297dd73f6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
N32V0KW1X64N2XG5
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1671883678.dop152.am5.shc,1671883679.dop152.am5.t,1671883679.cds324.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1199
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
53211
x-amz-id-2
ZX1ykZkS3+03BZjc1gSGQBClAUrcFFApLnziTPbFTXf2kO9xegtr+1iUnA8M8yKusZQyyFlDNI0=
hg2.jpg
cdn.flashtalking.com/170119/4082875/images/ Frame 6AC3
50 KB
51 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/hg2.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
307cc96dc20a8c27c9a8798f07a45e9009dca9a309a852c3e4c7e114f4c1ec7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
ZK4Y2AFWVVFAMJ6S
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1671883678.dop125.am5.t,1671883678.cds239.am5.shn,1671883679.dop125.am5.t,1671883679.cds250.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1199
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
51428
x-amz-id-2
cNc/hRz2bDWRXQgbgjagfjYdoZM6MagBBdFTb12hFla7wT7XDTEca7H/AvmAgIs64YY/FSzOtYg=
hg3.jpg
cdn.flashtalking.com/170119/4082875/images/ Frame 6AC3
25 KB
25 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/hg3.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
532db41f5a1087c4787573a9e0605a5981d001eb412aec57cbe7113f8b334eb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32XQNNSY95RM735
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1671883678.dop208.am5.shc,1671883679.dop208.am5.t,1671883679.cds116.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1199
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25444
x-amz-id-2
WB0Y0o9lPlH5yo0UWkHGeI8QKnqB7QtnhHP+8MWG81FJ+CtrsiULsgQLl0toEd3Ch1f6D6vbE6I=
logo.svg
cdn.flashtalking.com/170119/4082875/images/ Frame 6AC3
7 KB
8 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/logo.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
6654a63b00bdd0bf9d5826c7ab72a84f9e5647ecd6c2ace67503456319b1838e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32H03HAT2T4T05W
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop018.am5.shc,1671883679.dop018.am5.t,1671883679.cds316.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7500
x-amz-id-2
LvPFG+SknzoB995udj3UO+1GiXn2+iHU5yiVR/j7Ok60HkSdxAZBSFsLxhH9vOUcX1/UWjWteiU=
copyphase1.svg
cdn.flashtalking.com/170119/4082875/images/ Frame 6AC3
3 KB
3 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/copyphase1.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2854ee6c8bcefae5af92a25ec828db621fe0994f01e1afa0c3240c9cd8c2b53f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
N32YXZKXCWEA2A3V
ETag
"1666279716"
Surrogate-Control
max-age=1200;hw-h2proxy
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883679.cdn4-pxy016-ams02.am5.evs,1671883679.cds115.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1199
Accept-Ranges
bytes
Content-Length
2914
x-amz-id-2
18zU6u4ujWtPluuB2qx9mqTsT0UTODlpeqa7w5eVMmKfPzAWKOTBnT0iQQ9bD5Ky6mvZV/Tf6tU=
copyphase2.svg
cdn.flashtalking.com/170119/4082875/images/ Frame 6AC3
3 KB
3 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/copyphase2.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2f542e969c79b4ae3e03954481a961001a66096a6ca43ba4df2af140ce99bef0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
NE7017MK038ADE1B
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop002.am5.t,1671883678.cds220.am5.shn,1671883679.dop002.am5.t,1671883679.cds146.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1199
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2604
x-amz-id-2
Cv7oxzPPQjnMN+GDBokhUB9Ot6Q31+c9q608Kl7Dr2BTXGOyMVsYLMnYCaTjTN8b2P4/fCNDrXo=
copyphase3.svg
cdn.flashtalking.com/170119/4082875/images/ Frame 6AC3
13 KB
13 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/copyphase3.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a82bf22c844d10d55df025c24025bf464dc175da5f439fa0411cb10e953c4e8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
NE7E3X0W84N1AJ9A
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop208.am5.shc,1671883679.dop208.am5.t,1671883679.cds246.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12861
x-amz-id-2
jZVwik50Q8mDuF/ecfprtpC0XWTX+qrpkM3BZa2FATTwgYt7tylrF9QlzzL0tm5AaPsYmhxMYWY=
cta.svg
cdn.flashtalking.com/170119/4082875/images/ Frame 6AC3
5 KB
6 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/cta.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5f188bd596926e30a865819ba8e19e526f0c4ad77babe539688b7bb905b8faed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
EVVGPQ5JZSPC4BVE
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop125.am5.t,1671883678.cds239.am5.shn,1671883679.dop125.am5.t,1671883679.cds007.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5238
x-amz-id-2
Ra8UwOE7AFJKz9vVEK65GWVymrNr+lcfA/OWNRO+xQxFAlOpA4uyDOVQoGtN16/YQTocqTsEKTI=
pb.svg
cdn.flashtalking.com/170119/4082875/images/ Frame 6AC3
3 KB
4 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/pb.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9bc037bd21b64c738431daeb5b7657d4f87039a1fa5dfffb5b7ffaa8c2e5ae31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32KE2X900ZCB1AF
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop125.am5.t,1671883678.cds239.am5.shn,1671883679.dop125.am5.t,1671883679.cds246.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3496
x-amz-id-2
U0cDamzb1FmsjAy1CZkumGxApAfgAAgxocUAChkd8Mm3loLQmbcfl9kfZArUOKFvoCgJMfg7Ris=
tag.svg
cdn.flashtalking.com/170119/4082875/images/ Frame 6AC3
16 KB
17 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/tag.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f9299e6a9b1a3106e1489f974221459cf31a78258192b00cf9653f6a9df4b290

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32ST5HPE2A5T1YW
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop152.am5.shc,1671883679.dop152.am5.t,1671883679.cds153.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16547
x-amz-id-2
Ox/FC1/gd1MnjfxIpCj9Cu/V3wk4Rhft0VyBla5ZOT3G/mqQxsYsMw5LuuDOZlLz2OeZ/A4G2Vs=
manifest.js
cdn.flashtalking.com/170119/4082875/ Frame C53D
113 B
813 B
Script
General
Full URL
https://cdn.flashtalking.com/170119/4082875/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0f16f24b66ab2f8d364f360596dd838468383673c7d67a7cb8c0886b121d7f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
x-amz-request-id
NE7AT32XDVTC4TFW
Surrogate-Control
max-age=1200;hw-h2proxy
Content-Length
126
x-amz-id-2
mZhehMUbRwe8KeRgakegP5eTX1wNttjNnDET8JaE8aUfhdwPx5Fmyo/jXD8Y5GS0B07DtpZ8r3I=
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671883679.cdn4-pxy016-ams02.am5.evs,1671883679.cds205.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6F4A
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67429
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 17:24:09 GMT
etag
48472445140208031
expires
Sat, 24 Dec 2022 17:24:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.html
cdn.flashtalking.com/170119/4082875/ Frame E9C2
5 KB
2 KB
Document
General
Full URL
https://cdn.flashtalking.com/170119/4082875/main.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/688/6882479/4082875/js/j-6882479-4082875.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
404e8cfc4fc8d0f06b1f744aa470d001d26f2daaca3a9a9b1072f509f09557f6

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1200
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1245
Content-Type
text/html
Date
Sat, 24 Dec 2022 12:07:58 GMT
ETag
"1666279717"
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
X-HW
1671883678.dop208.am5.shc,1671883678.dop208.am5.t,1671883678.cds265.am5.c
x-amz-id-2
ulgMNODlL09oBXq+P5WG5g7RN0hkt+UIa0fHlrOSXeiLfepccU0K1NlOVwomJKldvKMx2QzCZvc=
x-amz-request-id
TBAVW95DGW0ME6NE
ftpagefold_v4.7.2.js
cdn.flashtalking.com/pageFold/ Frame D590
17 KB
6 KB
Script
General
Full URL
https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/688/6882479/4082875/js/j-6882479-4082875.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
x-amz-request-id
5JEN1G2HHBZAFAX9
Connection
Keep-Alive
Content-Length
5535
x-amz-id-2
7o83El6FaoLMYk+ZUIWjObz6Hlgy0W9+sXyvvHp4lTH6ulOYBpDzHQG61cLfMwd9u32n1LWywzY=
Last-Modified
Fri, 04 Nov 2022 15:59:45 GMT
ETag
"1667577585"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop152.am5.shc,1671883679.dop152.am5.t,1671883679.cds223.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=41734
Accept-Ranges
bytes
ai.aspx
m.exactag.com/ Frame D590
60 B
60 B
Image
General
Full URL
https://m.exactag.com/ai.aspx?extProvId=57&extProvApi=128875&extPu=15874&extLi=195196&extPm=6882479&extCr=4082875&rnd=455485935
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:57 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Sa, 24 Dez 2022 12:07:58 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
977
Expires
Mon, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame D590
Redirect Chain
  • https://red.vtracy.de/img.tr?tr_adid=k195196_s15874_p6882479_c4082875&tr_div=ftdiv6882479&tr_sync=true&tr_mid=5471A0FFDE97AD&gdpr_consent=&gdpr=&tr_uid1=FT&&t=210139801
  • https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-25bc84e2-726b-4108-98f2-63755cb83e60&adid=k195196_s15874_p6882479_c4082875&tr_aa=false&tr_ttd=true&tr_run=false&tr_adf=fa...
  • https://red.vtracy.de/tr_cm?v3=vi-25bc84e2-726b-4108-98f2-63755cb83e60&adid=k195196_s15874_p6882479_c4082875&tr_aa=false&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1671883678960&tamgdpr=&ta...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25bc84e2-726b-4108-98f2-63755cb83e60&gdpr=&gdpr_consent=&request_uid=Y6brnsS-PvxS91DEnXqFUQAAAIY
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25bc84e2-726b-4108-98f2-63755cb83e60&gdpr=&gdpr_consent=&request_uid=Y6brnsS-PvxS91DEnXqFUQAAAIY
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Server
Apache
Vary
negotiate
Content-Type
text/html; charset=UTF-8
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25bc84e2-726b-4108-98f2-63755cb83e60&gdpr=&gdpr_consent=&request_uid=Y6brnsS-PvxS91DEnXqFUQAAAIY
TCN
choice
Connection
keep-alive
Content-Location
tr_cm.tr
Content-Length
0
manifest.js
cdn.flashtalking.com/170119/4082875/ Frame 6AC3
113 B
806 B
Script
General
Full URL
https://cdn.flashtalking.com/170119/4082875/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0f16f24b66ab2f8d364f360596dd838468383673c7d67a7cb8c0886b121d7f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
x-amz-request-id
NE7AT32XDVTC4TFW
Connection
Keep-Alive
Content-Length
126
x-amz-id-2
mZhehMUbRwe8KeRgakegP5eTX1wNttjNnDET8JaE8aUfhdwPx5Fmyo/jXD8Y5GS0B07DtpZ8r3I=
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop018.am5.shc,1671883679.dop018.am5.t,1671883679.cds205.am5.pr
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
truncated
/ Frame 7939
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
495449ef2972a1894abb489bedb06ea9f4de2a9236fa1eaee0beeb59be588607

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
r
eb2.3lift.com/ Frame 7939
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=3704257862038289135010&rev=2369ca4&pr=can%27t%2520access%2520top%2520document&bc=0.049&bmid=5989&biid=6021&sid=106025&brid=498733&adid=421730024&crid=25975648&ts=1671883678&bcud=49&ss=5&caid=0&unid=0&domain=232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.yyzzbaby.com%252F&rr=creative&fid=10&rb=0&g=0&cb=64854
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 7939
3 KB
3 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-28.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 08:16:07 GMT
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
445913
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3125
x-amz-cf-id
pU5fLEy1F_H3Sh2Wbx2LvwrdgENPV8ZdQmwHFM0BmvwZsvG1PjJD2w==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 7939
3 KB
4 KB
Image
General
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-28.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 07:10:32 GMT
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
449886
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
accept-ranges
bytes
content-length
3518
x-amz-cf-id
AtIN6dm-dv4CqDMhr2uaOXCPaM8K0oBcX6LYN9QE02PxGLnpi5iuUA==
truncated
/ Frame 6E8B
26 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
ctar
eb2.3lift.com/ Frame 7939
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ctar?inv_code=adasia_allpublishers_display&aid=3704257862038289135010&rev=2369ca4&cta_render_method=1&cta_render_text=&cb=77759
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame B616
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCENfq76UCGOitjMkBMAE&v=APEucNUEROQUdfZSN0VLUz8Z2hkld0Oix6hfUSAvWZSNHW1yEEGgXZiQjAgt2-PitmdXebpm6RC7JlwP0NqEuQNnutsFnmKNutPTkgYzLYhENuwl2grgOFyN42U0zJafIvYPxn-Kprzm3vIfWkba4hRc5nRSzZWSCcfcDJoIj5hRpkA6KG-90gE
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 38F8
69 KB
33 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASBSsVeo9S0OUJc7C0HcXrvz0YiBhlPsQTbRPQy088VIBJtrK-cJg6DrQmhnZUp8dW70oUPNb8ekSd8QWsTvTcxj_-OHkT012mV7bke_DpajXUAuWTiwSD78Ku7pv7hsELlgaKyHx9IZJDcMsrwt9q3M8AfaQrc94DIo5EYrTQPIpe3Do&cry=1&dbm_d=AKAmf-Df4Nv-t3-9brDwd-_O6fK08Z8lNjFal4ruvg4nysjWPEOLBsxz8l9kmCkJdjhyMUW4j0B_ep30xb030qClCKPI3rnbnNQ4wwVr9MPaFm2g_rPSQhwFbq1RuDRJDKg_2G56sxg8HZZu1TDYbKj2Jz_2KBbKvj8muEWFOm8dswjOKj9qpI44Npom7HamOX1LjSEflrb_vvvYDtMO7qG8Qw716_T6PgvwC2N-R8WeHb6R9D_8yb9LuPji18xjvmIJRACmRZ5Zf1DMBmFyvrOoG2_xuW2vKFD47ui9yGgShs1Uw5ulTQusAeXHMd9J4M5TAQ5DrXdpl6GHTeRHVY0KL9U7MgEowmUSEfr9xYUVDkueOI6C2drm8o84rExoIZQrz3G_XzTuRAipiHiN6Yj1yCsVVW1ESbO-Vubd3uDl_nFjtC8yiYdBZ1oFTokKNlfcOzCfh0n3g3kh6yVo1y7eLGhhKPbRDqRkGgH8COfPqsSojUgAL62gLMC59Li1faft4sIdDZdzzOShvqzUmszgo5uW2Bf6kfWhYAW3JZwPBlPQdIKtEzmNG9BYlpcUd-3R52SdvLno4WeE307j2pn3RMB1rJl8enYhJLmI34Pvk61YbXjYLmbRM5JXgFGZLnAD6WX8aMtpd14CTUOZXFvmkKmDqr8pbX3juVGft4rHKNsXjpBaT3YKaq4KvXPxi-Q1T-lotJHNdcnYRBaqDGBMbCu_U795N__VC0RMAxpjWt0fNTAxKBGmOQhwL1l6zCluQhvYenmN17b332__D9iGK5IX51aOddIBFDROvqcV7Y4XpAAtNNtMFm5ITKr5o0FnL82zUjLUWEdI8sab26Z-ODUSL-AzlnzDto9fam5Go_9zAG_bPYFiGWp4GmYhLRVE4kRHYiwr5F6cEy7YEwgAJpRR-A_ttI0yc3-W1ACpdgS9ec943shp8k8Ksf_2j4-mQMMfOgB2sRk_8DNSll46K5BuB2e70T3wITwty3hk-OeBobWUzraGXkiapUj__qTOSmQP6jU-tVWvvXEL1NVMzioqZU6kbttuREfNaD1bcF4cFpHgbiZGctqbz35g4JB-_zwkfGeU7MfjDeftL-Zpb8pPFcEjr0wZcwnaxfqEBbs7GjVPrgvUJ6w7JFfSEpeD2EWQdZPrdTude8SJARCsvotjIzRUaCvYhe2q0eXDCbjAj2yelxcGcfFxdsLlvfYsfZbfYEFdxZrAG3ocBlcVZ5EvBnh6dFWifkyZfN6tfErUtzX_Ks9kmE1ZqfJ-3AVqNbN6YT1CedhGhBJ0b1cCmbXrc-Qsw701Xud2ayxpWrNLA_mYXN_AAYFG64rPgViwr7CHldJEtF9tXhZa6GSMAmFewepDD9nNCrDEsByYy1uh-67hcO78QSyG7kf163V8QYvPldhZDLCbKwR7bbOoHhsNz73_ytdd04OoeykEZ_HVHWo5chuA0HHVG-uhTupmuHorvxlHM3kplgEmf46-5GBFhmy8gB9U-ncLNVQDCLVBvoj1hlk8nPj9XCxjfZDKKpt2GtFSGC30L9tSrbJq0nFQG4mkUNeNeSqs6WbJJhq5RTk32ru7khW4qXRIubc3HMgekk8lvJgYqdrVYTmOvS6FmWrNX76BeXNeGCrDQxLfH7e5WAxx-JkfhOE2oO-ILw0fv_kzCIHg4nSoeMT-IbO8pTLJ4RcHRcJTJp4PZl8uhGWzPzR8hie0oOfGJAVtqIZZt9MGBByGpLK98qdhtWpXyqAWRd69X6U_5Rtx1szGcHXkr9Zx2CpR2gLL6Op6UGojfLqDXjk77VatwSpd6Qd99Zb8ccdbORoU65A50-0qRP0zmBu1k-KqTYbBrfUdkVrkNvWKerMxl6LqIkga1DgytKVqqclVS8g4m-BvlQfv3oRqqz59cK_GjidysENjICakVXC5QI6owx4AV3s1L71MhRnaunH5bK2FU5UxaQVAL5RF_DdXqTXhEM8bTkiapxXoYMl_wbHB3Kw28SOdmx654ioyEbUzAe5Nip9I1H5ufvxiZFu4c0wNg0AgJUTsspWNsaJY7wwBLZQyC1sH2VVde6ReN7nDS8fLu5kq-NGiDdstODHQA1WC7-UVjA14Ry157f-sHTTKczWVj2QVx00S3wRpo9Ga1O50vjtUGik2hpqLLlm7ot7w0-pa-R8BaCuQ5TfsIr72U8NzTbfPKRi6Z4Bo6NOG3uM1_m6kF97X_JGE5FaTVWyNp4wE-eCMuIOMo6mSEcrKNENIpifhBV5bOQ23cVX-16R7ByGvmNAFg9CdBWYyhOAQtey8BOGfs2pJh4EB5WLlpBGJgQn-c_Aql6PEJEdFe8MuQ1irIX2xtizfsRFhLZVWWRSALqxEzu8zxFqkUTX047W8Jnz97OPSiNgFy4jcWX5Unv8YAfdwOwPDbpLF9Z19f48JCrsXu1TCwa-rASfEdeUWC5AqJH0e-7pkfgRwrn-SESKQI_fiKfgTUK2RtxUWGw31wnjeSwUxUH9jW-g5vExwH0TTriUVqJ2gWyPKRYpXquSLZOxZJQWQrD4L8IUDGOIXok6IwP53u1_G4SyDdNZhC_UOo0Riagke-wSdLDT2EtBRYHRLIuoD7ABPWXIGkLlZoiHWZxycHKxOz42ssQUsVzlfJqkLcV1FXdGyI_16nIXxctGdMrQXQnprIkD-X8RUoObJUtKnsYtBhgCYHGigvuqB9aFyqByxeES0hqJRKnDJC2_P50_c-HMilcM7MeGIlN103-O_Jx1Mo9a_gS_7j7MHb_WeRuTU_kURklthHvo4h0NLY94adX_jPmGKutvZRbWcl6iYcUDGPEiTo7Ke_2U3BaJIDoIM7wftVk7GkXKfJSmLqbIb1xbU1pMviwRBlf1dQN49RkQr1OsgxD9OtGpLJf3BIe8hxu3y38IpQhGXumgT9WHf5ym0XjeWonqyrG2H-WeD6ZQYbpfPCNeBuRNkaonxyskJISpNU-ukAYcHZE9wgBX9YLJnapwv6XGsK-1zcNf8MdjL3LISZLwqj7WYjIugBzYaLxR3CM0XjI0-coHYrMGGmDXC1RbHipKB2apOTwDb7T-fHuSgk2lrAKye4z6KJ0v4Cuii5L4pQXNOqh1tDNq75_AjIhqV90qfPI_Ze12qe3eA1w3gEOEG-iFLRYCgCz_iB6GKJEcVLSXJVShhP7dZFaco8vSb1pVgrPAneeRYYUFod2s_FHnoj3cWAkUOrfLzVkYqC3-y8zEnLqIJzs09GRUR7nM-rspTxgaEw7dkOfURsMym90wt6vRKKl20OHGDOSdj2DKNtOkENclmsfYqzHeSCsTH2SgqBvDRHtPRe4aOrHRWthX2FT9mWM8uQR0crUnKf-0dOVr-2y9YAQh8B5gYc2DqBCJdbRK0vqAMPW5pDp929hhcFy9GGvSymwIKAP28ppuMhGrL2irkC6NewiOEZ22swygnw7ttEIFKxQ_G&pr=96:0.049&cid=CAQSGwDq26N9IcOpei8rPIuEIdDTMTKsU9TEpYz01BgBIAo&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dadasia_allpublishers_display%26aid%3D3704257862038289135010%26rev%3D2369ca4%26pr%3DY6brngAFYaUK4DEWAAKHTilMVqwrjNgngttkrQ%26bc%3D0.049%26bmid%3D5989%26biid%3D6021%26sid%3D106025%26brid%3D498733%26adid%3D421730024%26crid%3D25975648%26ts%3D1671883678%26bcud%3D49%26ss%3D5%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D89170%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd59f0124fee43d4bff324feab47b2a40065aff5a924a18891a709c61de660df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33928
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38F8
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AijzCTqTLy0rRh8IKIgG3_RuIib5cpBJSMt7Ao5InAmChNMIOgO2rDTXbCKB0WKqpVroSZPDFYUhFfttRscCWLzIbV6GYeA0UKYCOMZk-4B9WKqBQ
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aop
eb2.3lift.com/ Frame 7939
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=3704257862038289135010&rev=2369ca4&pr=can%27t%2520access%2520top%2520document&bc=0.049&bmid=5989&biid=6021&sid=106025&brid=498733&adid=421730024&crid=25975648&ts=1671883678&bcud=49&ss=5&caid=0&unid=0&domain=232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com&ref=https%253A%252F%252Fwww.yyzzbaby.com%252F&rr=creative&fid=10&rb=0&g=0&cb=54147
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
ev1
eb2.3lift.com/ Frame 7939
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ev1?inv_code=adasia_allpublishers_display&aid=3704257862038289135010&rev=2369ca4&pr=Y6brngAFYaUK4DEWAAKHTilMVqwrjNgngttkrQ&bc=0.049&bmid=5989&biid=6021&sid=106025&brid=498733&adid=421730024&crid=25975648&ts=1671883678&bcud=49&ss=5&caid=0&unid=0&cepos=0&ceid=0&cb=61698
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
style.css
cdn.flashtalking.com/170119/4082875/css/ Frame E9C2
4 KB
2 KB
Stylesheet
General
Full URL
https://cdn.flashtalking.com/170119/4082875/css/style.css
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
80cfb7e3c871391d862a62cbe884e880054d4eec2a1a9d0584780f71843f61f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
x-amz-request-id
FXMPG4BQQZ7JNZZF
Surrogate-Control
max-age=1200;hw-h2proxy
Content-Length
864
x-amz-id-2
BmbxRMk2dQWzhV5IvJjhm4eoQWFZdVuhI0cIDiS0I0rUZzms6n2JwFRqFbBV4QLvo5pKX6bq9/Y=
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
X-HW
1671883679.cdn4-pxy016-ams02.am5.evs,1671883679.cds215.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1199
Accept-Ranges
bytes
gsap.min.js
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame E9C2
56 KB
23 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
732117ac92a33b760d9290a33f1541762ee9449dc417ea249b5a0df50738ad16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
x-amz-request-id
AA01DDC7316F7209
Connection
Keep-Alive
Content-Length
22785
x-amz-id-2
AvPbRwuVUg4hJEjjFkOdOz7NjiZ1xJ0F9BiTtj4tVg+tyr8St6jsN+62bFzUdWbW1xHFZ8TQbuI=
Last-Modified
Tue, 28 Jan 2020 18:56:48 GMT
ETag
"1580237808"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop208.am5.shc,1671883679.dop208.am5.t,1671883679.cds254.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=38251
Accept-Ranges
bytes
EasePack.min.js
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame E9C2
2 KB
2 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/EasePack.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
06a7a4aaf7d24fe25c456fd70efb10c13a63b0dc9563de6f9278e57ffeaf1549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
x-amz-request-id
7S4G9S6S5G2W8GEP
Connection
Keep-Alive
Content-Length
1370
x-amz-id-2
sfZ1/1iZqI6ukiEP2rg/P7JJytFNCQbtYRQZw1WaH3tqZL1m97sku50ooRgLqoW+bqCvBd8vo8A=
Last-Modified
Tue, 28 Jan 2020 18:56:48 GMT
ETag
"1580237808"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop018.am5.shc,1671883679.dop018.am5.t,1671883679.cds249.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=82768
Accept-Ranges
bytes
TextPlugin.min.js
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame E9C2
10 KB
4 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/TextPlugin.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
896065599d162442f45106ffece970d68db172c0b8f671c4cf3c4560ba381525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
x-amz-request-id
F5D31112306F2A8E
Surrogate-Control
max-age=86400;hw-h2proxy
Content-Length
3468
x-amz-id-2
HvE1OCie6biGKU+rp2kjn2NadRkFdmnkwa6KkLdMcW4+fq1pxA6uQjVDVD+X90fKJiDyaJjm9Qc=
Last-Modified
Tue, 28 Jan 2020 18:56:48 GMT
ETag
"1580237808"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
X-HW
1671883679.cdn4-pxy016-ams02.am5.evs,1671883679.cds146.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=62741
Accept-Ranges
bytes
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame E9C2
89 KB
29 KB
Script
General
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/main.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
x-amz-request-id
5V2W9ZPSTVJEW2T8
Connection
Keep-Alive
Content-Length
28626
x-amz-id-2
v/VTPBkIhadcSo5NzRIr7w3PlW5zb+2klAVXN/FmrmX4Q0ESoQ5AXM10MEMCqF2klqzfkOsRyn8=
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
ETag
"1660572864"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671883678.dop002.am5.t,1671883678.cds220.am5.shn,1671883679.dop002.am5.t,1671883679.cds007.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=14912
Accept-Ranges
bytes
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=timing&_s=13&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=video&utv=load_h5.vdo.ai_ContentStart&utl=v-yyzzbaby&utt=1633&_u=aEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=423989555
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33904
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 8328
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 10:51:16 GMT
dpixel
cms.quantserve.com/ Frame 6F4A
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIUATo5OLUzQDhgaR8AzkM8&google_cver=1&google_push=AavPq0MU4S3p8HUuvqZsbjMg_poU5BKXEMzoF7kHNdkomP1MwhafgVuPRZKnv-viyCrTr6SfNX9dIGSgPhxl2qUGgjgK40ija6_-
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 6F4A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEL7E0F6eGmSYBfV4VHWnYK0&google_cver=1&google_push=AavPq0Or-jhrml8MS9z66gNrM2L2orhHKjgoewhje8IJZdaFYnDYlGl8LMCUksKUdkgHYO0MDfyMbrrAJnFlkB6bUxiCrk8f0mek&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL7E0F6eGmSYBfV4VHWnYK0&google_cver=1&google_push=AavPq0Or-jhrml8MS9z66gNrM2L2orhHKjgoewhje8IJZdaFYnDYlGl8LMCUksKUdkgHYO0MDfyMbrrAJnFlkB6bUxiCrk8f0me...
43 B
416 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL7E0F6eGmSYBfV4VHWnYK0&google_cver=1&google_push=AavPq0Or-jhrml8MS9z66gNrM2L2orhHKjgoewhje8IJZdaFYnDYlGl8LMCUksKUdkgHYO0MDfyMbrrAJnFlkB6bUxiCrk8f0mek&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Or-jhrml8MS9z66gNrM2L2orhHKjgoewhje8IJZdaFYnDYlGl8LMCUksKUdkgHYO0MDfyMbrrAJnFlkB6bUxiCrk8f0mek%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77e93843df3c9262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
964
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL7E0F6eGmSYBfV4VHWnYK0&google_cver=1&google_push=AavPq0Or-jhrml8MS9z66gNrM2L2orhHKjgoewhje8IJZdaFYnDYlGl8LMCUksKUdkgHYO0MDfyMbrrAJnFlkB6bUxiCrk8f0mek&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0Or-jhrml8MS9z66gNrM2L2orhHKjgoewhje8IJZdaFYnDYlGl8LMCUksKUdkgHYO0MDfyMbrrAJnFlkB6bUxiCrk8f0mek%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77e938428db49262-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6F4A
0
174 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDuAfKZg6HfxbIzcfEGcCRI&google_cver=1&google_push=AavPq0N7rExV6OknSsdby75avYJFFRAZk8iZ0oIbEk50wMAoHu2J12BLNmK-LDEznrb64iMIZcyPW1945yv85lD6xTl_VtNjpEVT
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 6F4A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA0hDzIte6qsqgpNF5ZSSQc&google_cver=1&google_push=AavPq0PymMKJcLp5VXs7JkqDigh6TSZ14R3JApy20h1f4mDcnm4sVgprR95E6de6uWdM4ybmzxsoV1iCtnnc_877lGsx...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEA0hDzIte6qsqgpNF5ZSSQc&google_cver=1&google_push=AavPq0PymMKJcLp5VXs7JkqDigh6TSZ14R3JApy20h1f4mDcnm4sVgprR95E6de6uWdM4ybmzxsoV1iCtnnc_8...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PymMKJcLp5VXs7JkqDigh6TSZ14R3JApy20h1f4mDcnm4sVgprR95E6de6uWdM4ybmzxsoV1iCtnnc_877lGsxtlnlHJbb&google_hm=wmFNJNW8SeOwjcpVaf4EyQ==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PymMKJcLp5VXs7JkqDigh6TSZ14R3JApy20h1f4mDcnm4sVgprR95E6de6uWdM4ybmzxsoV1iCtnnc_877lGsxtlnlHJbb&google_hm=wmFNJNW8SeOwjcpVaf4EyQ==
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0PymMKJcLp5VXs7JkqDigh6TSZ14R3JApy20h1f4mDcnm4sVgprR95E6de6uWdM4ybmzxsoV1iCtnnc_877lGsxtlnlHJbb&google_hm=wmFNJNW8SeOwjcpVaf4EyQ==
date
Sat, 24 Dec 2022 12:07:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dds
rtb.openx.net/sync/ Frame 6F4A
43 B
351 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJt-_NH0Hf461Mptszxb5us&google_cver=1&google_push=AavPq0M2WCrylttIIy40ZNMwfuoUnqy66VzYlXpfMevGkG_MXyHhce6i3uB8vPYyOOxEifCgDwWhcPc-L9llqM_RdMH7WezrTCM
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
8usgp71v15vkhi2ghujskbre1811ef0v
pixel
cm.g.doubleclick.net/ Frame 6F4A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P3Z7Z1EGRlSPX482oORdGA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P3Z7Z1EGRlSPX482oORdGA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Mn6TTkbsEDnQ3CzSVxjBJfASI2cQrm9xTFiHQLFYHwosVVmDauGxPwxL4AiMXz5LEzxP04LsmcJliNFrehAPR2QX7K2dp6
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P3Z7Z1EGRlSPX482oORdGA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Mn6TTkbsEDnQ3CzSVxjBJfASI2cQrm9xTFiHQLFYHwosVVmDauGxPwxL4AiMXz5LEzxP04LsmcJliNFrehAPR2QX7K2dp6
date
Sat, 24 Dec 2022 12:07:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6F4A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMEnYJ1x2GdcrWqMyrEp8dQ&google_cver=1&google_push=AavPq0PF5rHRw6lWgN-YsZmwZ_wZD1ZfuayPjLJTGURCCWTLkmL7wVm3_DIpEH4N0xoc9ZreoW...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMEnYJ1x2GdcrWqMyrEp8dQ&google_cver=1&google_push=AavPq0PF5rHRw6lWgN-YsZmwZ_wZD1ZfuayPjLJTGURCCWTLkmL7wVm3_DIpEH4N0xoc9ZreoW...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02M3lKSGhwRTJ1SFg1d3I2T2JHZU90NDhQTThzZTBZen5B&google_push=AavPq0PF5rHRw6lWgN-YsZmwZ_wZD1ZfuayPjLJTGURCCWTLkmL7wVm3_...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02M3lKSGhwRTJ1SFg1d3I2T2JHZU90NDhQTThzZTBZen5B&google_push=AavPq0PF5rHRw6lWgN-YsZmwZ_wZD1ZfuayPjLJTGURCCWTLkmL7wVm3_DIpEH4N0xoc9ZreoWlUjKsGI8BaRDdkSoZhDHbbqTWa_g
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02M3lKSGhwRTJ1SFg1d3I2T2JHZU90NDhQTThzZTBZen5B&google_push=AavPq0PF5rHRw6lWgN-YsZmwZ_wZD1ZfuayPjLJTGURCCWTLkmL7wVm3_DIpEH4N0xoc9ZreoWlUjKsGI8BaRDdkSoZhDHbbqTWa_g
date
Sat, 24 Dec 2022 12:07:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 6F4A
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNRvuqY99ZqkI19FkzvUJh46VWkyjVB3HyiIqAug_TwoHSSZHAjnyQseH9gwxUiU_zNtUIow
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rum
dsum-sec.casalemedia.com/ Frame B616
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCENfq76UCGOitjMkBMAE&v=APEucNUEROQUdfZSN0VLUz8Z2hkld0Oix6hfUSAvWZSNHW1yEEGgXZiQjAgt2-PitmdXebpm6RC7JlwP0NqEuQNnutsFnmKNutPTkgYzLYhENuwl2grgOFyN42U0zJafIvYPxn-Kprzm3vIfWkba4hRc5nRSzZWSCcfcDJoIj5hRpkA6KG-90gE
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B616
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6brngDy3T.SrBxh72BEjQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1&google_hm=2
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCENfq76UCGOitjMkBMAE&v=APEucNUEROQUdfZSN0VLUz8Z2hkld0Oix6hfUSAvWZSNHW1yEEGgXZiQjAgt2-PitmdXebpm6RC7JlwP0NqEuQNnutsFnmKNutPTkgYzLYhENuwl2grgOFyN42U0zJafIvYPxn-Kprzm3vIfWkba4hRc5nRSzZWSCcfcDJoIj5hRpkA6KG-90gE
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMYVAjxWrBt3PX-j2NIBbSY&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B616
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEMesDaqerf_rSaPsH9hfWI&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEMesDaqerf_rSaPsH9hfWI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCENfq76UCGOitjMkBMAE&v=APEucNUEROQUdfZSN0VLUz8Z2hkld0Oix6hfUSAvWZSNHW1yEEGgXZiQjAgt2-PitmdXebpm6RC7JlwP0NqEuQNnutsFnmKNutPTkgYzLYhENuwl2grgOFyN42U0zJafIvYPxn-Kprzm3vIfWkba4hRc5nRSzZWSCcfcDJoIj5hRpkA6KG-90gE
Protocol
HTTP/1.1
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:59 GMT
AN-X-Request-Uuid
87fa10ef-7122-4817-a2fe-95d4be663f32
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEMesDaqerf_rSaPsH9hfWI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B616
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0NzcwNzU3NDI5OTE2OTcyMg%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0NzcwNzU3NDI5OTE2OTcyMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-r-5MCENfq76UCGOitjMkBMAE&v=APEucNUEROQUdfZSN0VLUz8Z2hkld0Oix6hfUSAvWZSNHW1yEEGgXZiQjAgt2-PitmdXebpm6RC7JlwP0NqEuQNnutsFnmKNutPTkgYzLYhENuwl2grgOFyN42U0zJafIvYPxn-Kprzm3vIfWkba4hRc5nRSzZWSCcfcDJoIj5hRpkA6KG-90gE
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
72571506-5220-4165-9575-514039d8b5c7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk0NzcwNzU3NDI5OTE2OTcyMg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 38F8
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASBSsVeo9S0OUJc7C0HcXrvz0YiBhlPsQTbRPQy088VIBJtrK-cJg6DrQmhnZUp8dW70oUPNb8ekSd8QWsTvTcxj_-OHkT012mV7bke_DpajXUAuWTiwSD78Ku7pv7hsELlgaKyHx9IZJDcMsrwt9q3M8AfaQrc94DIo5EYrTQPIpe3Do&cry=1&dbm_d=AKAmf-Df4Nv-t3-9brDwd-_O6fK08Z8lNjFal4ruvg4nysjWPEOLBsxz8l9kmCkJdjhyMUW4j0B_ep30xb030qClCKPI3rnbnNQ4wwVr9MPaFm2g_rPSQhwFbq1RuDRJDKg_2G56sxg8HZZu1TDYbKj2Jz_2KBbKvj8muEWFOm8dswjOKj9qpI44Npom7HamOX1LjSEflrb_vvvYDtMO7qG8Qw716_T6PgvwC2N-R8WeHb6R9D_8yb9LuPji18xjvmIJRACmRZ5Zf1DMBmFyvrOoG2_xuW2vKFD47ui9yGgShs1Uw5ulTQusAeXHMd9J4M5TAQ5DrXdpl6GHTeRHVY0KL9U7MgEowmUSEfr9xYUVDkueOI6C2drm8o84rExoIZQrz3G_XzTuRAipiHiN6Yj1yCsVVW1ESbO-Vubd3uDl_nFjtC8yiYdBZ1oFTokKNlfcOzCfh0n3g3kh6yVo1y7eLGhhKPbRDqRkGgH8COfPqsSojUgAL62gLMC59Li1faft4sIdDZdzzOShvqzUmszgo5uW2Bf6kfWhYAW3JZwPBlPQdIKtEzmNG9BYlpcUd-3R52SdvLno4WeE307j2pn3RMB1rJl8enYhJLmI34Pvk61YbXjYLmbRM5JXgFGZLnAD6WX8aMtpd14CTUOZXFvmkKmDqr8pbX3juVGft4rHKNsXjpBaT3YKaq4KvXPxi-Q1T-lotJHNdcnYRBaqDGBMbCu_U795N__VC0RMAxpjWt0fNTAxKBGmOQhwL1l6zCluQhvYenmN17b332__D9iGK5IX51aOddIBFDROvqcV7Y4XpAAtNNtMFm5ITKr5o0FnL82zUjLUWEdI8sab26Z-ODUSL-AzlnzDto9fam5Go_9zAG_bPYFiGWp4GmYhLRVE4kRHYiwr5F6cEy7YEwgAJpRR-A_ttI0yc3-W1ACpdgS9ec943shp8k8Ksf_2j4-mQMMfOgB2sRk_8DNSll46K5BuB2e70T3wITwty3hk-OeBobWUzraGXkiapUj__qTOSmQP6jU-tVWvvXEL1NVMzioqZU6kbttuREfNaD1bcF4cFpHgbiZGctqbz35g4JB-_zwkfGeU7MfjDeftL-Zpb8pPFcEjr0wZcwnaxfqEBbs7GjVPrgvUJ6w7JFfSEpeD2EWQdZPrdTude8SJARCsvotjIzRUaCvYhe2q0eXDCbjAj2yelxcGcfFxdsLlvfYsfZbfYEFdxZrAG3ocBlcVZ5EvBnh6dFWifkyZfN6tfErUtzX_Ks9kmE1ZqfJ-3AVqNbN6YT1CedhGhBJ0b1cCmbXrc-Qsw701Xud2ayxpWrNLA_mYXN_AAYFG64rPgViwr7CHldJEtF9tXhZa6GSMAmFewepDD9nNCrDEsByYy1uh-67hcO78QSyG7kf163V8QYvPldhZDLCbKwR7bbOoHhsNz73_ytdd04OoeykEZ_HVHWo5chuA0HHVG-uhTupmuHorvxlHM3kplgEmf46-5GBFhmy8gB9U-ncLNVQDCLVBvoj1hlk8nPj9XCxjfZDKKpt2GtFSGC30L9tSrbJq0nFQG4mkUNeNeSqs6WbJJhq5RTk32ru7khW4qXRIubc3HMgekk8lvJgYqdrVYTmOvS6FmWrNX76BeXNeGCrDQxLfH7e5WAxx-JkfhOE2oO-ILw0fv_kzCIHg4nSoeMT-IbO8pTLJ4RcHRcJTJp4PZl8uhGWzPzR8hie0oOfGJAVtqIZZt9MGBByGpLK98qdhtWpXyqAWRd69X6U_5Rtx1szGcHXkr9Zx2CpR2gLL6Op6UGojfLqDXjk77VatwSpd6Qd99Zb8ccdbORoU65A50-0qRP0zmBu1k-KqTYbBrfUdkVrkNvWKerMxl6LqIkga1DgytKVqqclVS8g4m-BvlQfv3oRqqz59cK_GjidysENjICakVXC5QI6owx4AV3s1L71MhRnaunH5bK2FU5UxaQVAL5RF_DdXqTXhEM8bTkiapxXoYMl_wbHB3Kw28SOdmx654ioyEbUzAe5Nip9I1H5ufvxiZFu4c0wNg0AgJUTsspWNsaJY7wwBLZQyC1sH2VVde6ReN7nDS8fLu5kq-NGiDdstODHQA1WC7-UVjA14Ry157f-sHTTKczWVj2QVx00S3wRpo9Ga1O50vjtUGik2hpqLLlm7ot7w0-pa-R8BaCuQ5TfsIr72U8NzTbfPKRi6Z4Bo6NOG3uM1_m6kF97X_JGE5FaTVWyNp4wE-eCMuIOMo6mSEcrKNENIpifhBV5bOQ23cVX-16R7ByGvmNAFg9CdBWYyhOAQtey8BOGfs2pJh4EB5WLlpBGJgQn-c_Aql6PEJEdFe8MuQ1irIX2xtizfsRFhLZVWWRSALqxEzu8zxFqkUTX047W8Jnz97OPSiNgFy4jcWX5Unv8YAfdwOwPDbpLF9Z19f48JCrsXu1TCwa-rASfEdeUWC5AqJH0e-7pkfgRwrn-SESKQI_fiKfgTUK2RtxUWGw31wnjeSwUxUH9jW-g5vExwH0TTriUVqJ2gWyPKRYpXquSLZOxZJQWQrD4L8IUDGOIXok6IwP53u1_G4SyDdNZhC_UOo0Riagke-wSdLDT2EtBRYHRLIuoD7ABPWXIGkLlZoiHWZxycHKxOz42ssQUsVzlfJqkLcV1FXdGyI_16nIXxctGdMrQXQnprIkD-X8RUoObJUtKnsYtBhgCYHGigvuqB9aFyqByxeES0hqJRKnDJC2_P50_c-HMilcM7MeGIlN103-O_Jx1Mo9a_gS_7j7MHb_WeRuTU_kURklthHvo4h0NLY94adX_jPmGKutvZRbWcl6iYcUDGPEiTo7Ke_2U3BaJIDoIM7wftVk7GkXKfJSmLqbIb1xbU1pMviwRBlf1dQN49RkQr1OsgxD9OtGpLJf3BIe8hxu3y38IpQhGXumgT9WHf5ym0XjeWonqyrG2H-WeD6ZQYbpfPCNeBuRNkaonxyskJISpNU-ukAYcHZE9wgBX9YLJnapwv6XGsK-1zcNf8MdjL3LISZLwqj7WYjIugBzYaLxR3CM0XjI0-coHYrMGGmDXC1RbHipKB2apOTwDb7T-fHuSgk2lrAKye4z6KJ0v4Cuii5L4pQXNOqh1tDNq75_AjIhqV90qfPI_Ze12qe3eA1w3gEOEG-iFLRYCgCz_iB6GKJEcVLSXJVShhP7dZFaco8vSb1pVgrPAneeRYYUFod2s_FHnoj3cWAkUOrfLzVkYqC3-y8zEnLqIJzs09GRUR7nM-rspTxgaEw7dkOfURsMym90wt6vRKKl20OHGDOSdj2DKNtOkENclmsfYqzHeSCsTH2SgqBvDRHtPRe4aOrHRWthX2FT9mWM8uQR0crUnKf-0dOVr-2y9YAQh8B5gYc2DqBCJdbRK0vqAMPW5pDp929hhcFy9GGvSymwIKAP28ppuMhGrL2irkC6NewiOEZ22swygnw7ttEIFKxQ_G&pr=96:0.049&cid=CAQSGwDq26N9IcOpei8rPIuEIdDTMTKsU9TEpYz01BgBIAo&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dadasia_allpublishers_display%26aid%3D3704257862038289135010%26rev%3D2369ca4%26pr%3DY6brngAFYaUK4DEWAAKHTilMVqwrjNgngttkrQ%26bc%3D0.049%26bmid%3D5989%26biid%3D6021%26sid%3D106025%26brid%3D498733%26adid%3D421730024%26crid%3D25975648%26ts%3D1671883678%26bcud%3D49%26ss%3D5%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D89170%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
69354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11387
x-xss-protection
0
server
cafe
etag
8197878782792770439
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 16:52:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 38F8
153 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASBSsVeo9S0OUJc7C0HcXrvz0YiBhlPsQTbRPQy088VIBJtrK-cJg6DrQmhnZUp8dW70oUPNb8ekSd8QWsTvTcxj_-OHkT012mV7bke_DpajXUAuWTiwSD78Ku7pv7hsELlgaKyHx9IZJDcMsrwt9q3M8AfaQrc94DIo5EYrTQPIpe3Do&cry=1&dbm_d=AKAmf-Df4Nv-t3-9brDwd-_O6fK08Z8lNjFal4ruvg4nysjWPEOLBsxz8l9kmCkJdjhyMUW4j0B_ep30xb030qClCKPI3rnbnNQ4wwVr9MPaFm2g_rPSQhwFbq1RuDRJDKg_2G56sxg8HZZu1TDYbKj2Jz_2KBbKvj8muEWFOm8dswjOKj9qpI44Npom7HamOX1LjSEflrb_vvvYDtMO7qG8Qw716_T6PgvwC2N-R8WeHb6R9D_8yb9LuPji18xjvmIJRACmRZ5Zf1DMBmFyvrOoG2_xuW2vKFD47ui9yGgShs1Uw5ulTQusAeXHMd9J4M5TAQ5DrXdpl6GHTeRHVY0KL9U7MgEowmUSEfr9xYUVDkueOI6C2drm8o84rExoIZQrz3G_XzTuRAipiHiN6Yj1yCsVVW1ESbO-Vubd3uDl_nFjtC8yiYdBZ1oFTokKNlfcOzCfh0n3g3kh6yVo1y7eLGhhKPbRDqRkGgH8COfPqsSojUgAL62gLMC59Li1faft4sIdDZdzzOShvqzUmszgo5uW2Bf6kfWhYAW3JZwPBlPQdIKtEzmNG9BYlpcUd-3R52SdvLno4WeE307j2pn3RMB1rJl8enYhJLmI34Pvk61YbXjYLmbRM5JXgFGZLnAD6WX8aMtpd14CTUOZXFvmkKmDqr8pbX3juVGft4rHKNsXjpBaT3YKaq4KvXPxi-Q1T-lotJHNdcnYRBaqDGBMbCu_U795N__VC0RMAxpjWt0fNTAxKBGmOQhwL1l6zCluQhvYenmN17b332__D9iGK5IX51aOddIBFDROvqcV7Y4XpAAtNNtMFm5ITKr5o0FnL82zUjLUWEdI8sab26Z-ODUSL-AzlnzDto9fam5Go_9zAG_bPYFiGWp4GmYhLRVE4kRHYiwr5F6cEy7YEwgAJpRR-A_ttI0yc3-W1ACpdgS9ec943shp8k8Ksf_2j4-mQMMfOgB2sRk_8DNSll46K5BuB2e70T3wITwty3hk-OeBobWUzraGXkiapUj__qTOSmQP6jU-tVWvvXEL1NVMzioqZU6kbttuREfNaD1bcF4cFpHgbiZGctqbz35g4JB-_zwkfGeU7MfjDeftL-Zpb8pPFcEjr0wZcwnaxfqEBbs7GjVPrgvUJ6w7JFfSEpeD2EWQdZPrdTude8SJARCsvotjIzRUaCvYhe2q0eXDCbjAj2yelxcGcfFxdsLlvfYsfZbfYEFdxZrAG3ocBlcVZ5EvBnh6dFWifkyZfN6tfErUtzX_Ks9kmE1ZqfJ-3AVqNbN6YT1CedhGhBJ0b1cCmbXrc-Qsw701Xud2ayxpWrNLA_mYXN_AAYFG64rPgViwr7CHldJEtF9tXhZa6GSMAmFewepDD9nNCrDEsByYy1uh-67hcO78QSyG7kf163V8QYvPldhZDLCbKwR7bbOoHhsNz73_ytdd04OoeykEZ_HVHWo5chuA0HHVG-uhTupmuHorvxlHM3kplgEmf46-5GBFhmy8gB9U-ncLNVQDCLVBvoj1hlk8nPj9XCxjfZDKKpt2GtFSGC30L9tSrbJq0nFQG4mkUNeNeSqs6WbJJhq5RTk32ru7khW4qXRIubc3HMgekk8lvJgYqdrVYTmOvS6FmWrNX76BeXNeGCrDQxLfH7e5WAxx-JkfhOE2oO-ILw0fv_kzCIHg4nSoeMT-IbO8pTLJ4RcHRcJTJp4PZl8uhGWzPzR8hie0oOfGJAVtqIZZt9MGBByGpLK98qdhtWpXyqAWRd69X6U_5Rtx1szGcHXkr9Zx2CpR2gLL6Op6UGojfLqDXjk77VatwSpd6Qd99Zb8ccdbORoU65A50-0qRP0zmBu1k-KqTYbBrfUdkVrkNvWKerMxl6LqIkga1DgytKVqqclVS8g4m-BvlQfv3oRqqz59cK_GjidysENjICakVXC5QI6owx4AV3s1L71MhRnaunH5bK2FU5UxaQVAL5RF_DdXqTXhEM8bTkiapxXoYMl_wbHB3Kw28SOdmx654ioyEbUzAe5Nip9I1H5ufvxiZFu4c0wNg0AgJUTsspWNsaJY7wwBLZQyC1sH2VVde6ReN7nDS8fLu5kq-NGiDdstODHQA1WC7-UVjA14Ry157f-sHTTKczWVj2QVx00S3wRpo9Ga1O50vjtUGik2hpqLLlm7ot7w0-pa-R8BaCuQ5TfsIr72U8NzTbfPKRi6Z4Bo6NOG3uM1_m6kF97X_JGE5FaTVWyNp4wE-eCMuIOMo6mSEcrKNENIpifhBV5bOQ23cVX-16R7ByGvmNAFg9CdBWYyhOAQtey8BOGfs2pJh4EB5WLlpBGJgQn-c_Aql6PEJEdFe8MuQ1irIX2xtizfsRFhLZVWWRSALqxEzu8zxFqkUTX047W8Jnz97OPSiNgFy4jcWX5Unv8YAfdwOwPDbpLF9Z19f48JCrsXu1TCwa-rASfEdeUWC5AqJH0e-7pkfgRwrn-SESKQI_fiKfgTUK2RtxUWGw31wnjeSwUxUH9jW-g5vExwH0TTriUVqJ2gWyPKRYpXquSLZOxZJQWQrD4L8IUDGOIXok6IwP53u1_G4SyDdNZhC_UOo0Riagke-wSdLDT2EtBRYHRLIuoD7ABPWXIGkLlZoiHWZxycHKxOz42ssQUsVzlfJqkLcV1FXdGyI_16nIXxctGdMrQXQnprIkD-X8RUoObJUtKnsYtBhgCYHGigvuqB9aFyqByxeES0hqJRKnDJC2_P50_c-HMilcM7MeGIlN103-O_Jx1Mo9a_gS_7j7MHb_WeRuTU_kURklthHvo4h0NLY94adX_jPmGKutvZRbWcl6iYcUDGPEiTo7Ke_2U3BaJIDoIM7wftVk7GkXKfJSmLqbIb1xbU1pMviwRBlf1dQN49RkQr1OsgxD9OtGpLJf3BIe8hxu3y38IpQhGXumgT9WHf5ym0XjeWonqyrG2H-WeD6ZQYbpfPCNeBuRNkaonxyskJISpNU-ukAYcHZE9wgBX9YLJnapwv6XGsK-1zcNf8MdjL3LISZLwqj7WYjIugBzYaLxR3CM0XjI0-coHYrMGGmDXC1RbHipKB2apOTwDb7T-fHuSgk2lrAKye4z6KJ0v4Cuii5L4pQXNOqh1tDNq75_AjIhqV90qfPI_Ze12qe3eA1w3gEOEG-iFLRYCgCz_iB6GKJEcVLSXJVShhP7dZFaco8vSb1pVgrPAneeRYYUFod2s_FHnoj3cWAkUOrfLzVkYqC3-y8zEnLqIJzs09GRUR7nM-rspTxgaEw7dkOfURsMym90wt6vRKKl20OHGDOSdj2DKNtOkENclmsfYqzHeSCsTH2SgqBvDRHtPRe4aOrHRWthX2FT9mWM8uQR0crUnKf-0dOVr-2y9YAQh8B5gYc2DqBCJdbRK0vqAMPW5pDp929hhcFy9GGvSymwIKAP28ppuMhGrL2irkC6NewiOEZ22swygnw7ttEIFKxQ_G&pr=96:0.049&cid=CAQSGwDq26N9IcOpei8rPIuEIdDTMTKsU9TEpYz01BgBIAo&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dadasia_allpublishers_display%26aid%3D3704257862038289135010%26rev%3D2369ca4%26pr%3DY6brngAFYaUK4DEWAAKHTilMVqwrjNgngttkrQ%26bc%3D0.049%26bmid%3D5989%26biid%3D6021%26sid%3D106025%26brid%3D498733%26adid%3D421730024%26crid%3D25975648%26ts%3D1671883678%26bcud%3D49%26ss%3D5%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D89170%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 12:07:59 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 38F8
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASBSsVeo9S0OUJc7C0HcXrvz0YiBhlPsQTbRPQy088VIBJtrK-cJg6DrQmhnZUp8dW70oUPNb8ekSd8QWsTvTcxj_-OHkT012mV7bke_DpajXUAuWTiwSD78Ku7pv7hsELlgaKyHx9IZJDcMsrwt9q3M8AfaQrc94DIo5EYrTQPIpe3Do&cry=1&dbm_d=AKAmf-Df4Nv-t3-9brDwd-_O6fK08Z8lNjFal4ruvg4nysjWPEOLBsxz8l9kmCkJdjhyMUW4j0B_ep30xb030qClCKPI3rnbnNQ4wwVr9MPaFm2g_rPSQhwFbq1RuDRJDKg_2G56sxg8HZZu1TDYbKj2Jz_2KBbKvj8muEWFOm8dswjOKj9qpI44Npom7HamOX1LjSEflrb_vvvYDtMO7qG8Qw716_T6PgvwC2N-R8WeHb6R9D_8yb9LuPji18xjvmIJRACmRZ5Zf1DMBmFyvrOoG2_xuW2vKFD47ui9yGgShs1Uw5ulTQusAeXHMd9J4M5TAQ5DrXdpl6GHTeRHVY0KL9U7MgEowmUSEfr9xYUVDkueOI6C2drm8o84rExoIZQrz3G_XzTuRAipiHiN6Yj1yCsVVW1ESbO-Vubd3uDl_nFjtC8yiYdBZ1oFTokKNlfcOzCfh0n3g3kh6yVo1y7eLGhhKPbRDqRkGgH8COfPqsSojUgAL62gLMC59Li1faft4sIdDZdzzOShvqzUmszgo5uW2Bf6kfWhYAW3JZwPBlPQdIKtEzmNG9BYlpcUd-3R52SdvLno4WeE307j2pn3RMB1rJl8enYhJLmI34Pvk61YbXjYLmbRM5JXgFGZLnAD6WX8aMtpd14CTUOZXFvmkKmDqr8pbX3juVGft4rHKNsXjpBaT3YKaq4KvXPxi-Q1T-lotJHNdcnYRBaqDGBMbCu_U795N__VC0RMAxpjWt0fNTAxKBGmOQhwL1l6zCluQhvYenmN17b332__D9iGK5IX51aOddIBFDROvqcV7Y4XpAAtNNtMFm5ITKr5o0FnL82zUjLUWEdI8sab26Z-ODUSL-AzlnzDto9fam5Go_9zAG_bPYFiGWp4GmYhLRVE4kRHYiwr5F6cEy7YEwgAJpRR-A_ttI0yc3-W1ACpdgS9ec943shp8k8Ksf_2j4-mQMMfOgB2sRk_8DNSll46K5BuB2e70T3wITwty3hk-OeBobWUzraGXkiapUj__qTOSmQP6jU-tVWvvXEL1NVMzioqZU6kbttuREfNaD1bcF4cFpHgbiZGctqbz35g4JB-_zwkfGeU7MfjDeftL-Zpb8pPFcEjr0wZcwnaxfqEBbs7GjVPrgvUJ6w7JFfSEpeD2EWQdZPrdTude8SJARCsvotjIzRUaCvYhe2q0eXDCbjAj2yelxcGcfFxdsLlvfYsfZbfYEFdxZrAG3ocBlcVZ5EvBnh6dFWifkyZfN6tfErUtzX_Ks9kmE1ZqfJ-3AVqNbN6YT1CedhGhBJ0b1cCmbXrc-Qsw701Xud2ayxpWrNLA_mYXN_AAYFG64rPgViwr7CHldJEtF9tXhZa6GSMAmFewepDD9nNCrDEsByYy1uh-67hcO78QSyG7kf163V8QYvPldhZDLCbKwR7bbOoHhsNz73_ytdd04OoeykEZ_HVHWo5chuA0HHVG-uhTupmuHorvxlHM3kplgEmf46-5GBFhmy8gB9U-ncLNVQDCLVBvoj1hlk8nPj9XCxjfZDKKpt2GtFSGC30L9tSrbJq0nFQG4mkUNeNeSqs6WbJJhq5RTk32ru7khW4qXRIubc3HMgekk8lvJgYqdrVYTmOvS6FmWrNX76BeXNeGCrDQxLfH7e5WAxx-JkfhOE2oO-ILw0fv_kzCIHg4nSoeMT-IbO8pTLJ4RcHRcJTJp4PZl8uhGWzPzR8hie0oOfGJAVtqIZZt9MGBByGpLK98qdhtWpXyqAWRd69X6U_5Rtx1szGcHXkr9Zx2CpR2gLL6Op6UGojfLqDXjk77VatwSpd6Qd99Zb8ccdbORoU65A50-0qRP0zmBu1k-KqTYbBrfUdkVrkNvWKerMxl6LqIkga1DgytKVqqclVS8g4m-BvlQfv3oRqqz59cK_GjidysENjICakVXC5QI6owx4AV3s1L71MhRnaunH5bK2FU5UxaQVAL5RF_DdXqTXhEM8bTkiapxXoYMl_wbHB3Kw28SOdmx654ioyEbUzAe5Nip9I1H5ufvxiZFu4c0wNg0AgJUTsspWNsaJY7wwBLZQyC1sH2VVde6ReN7nDS8fLu5kq-NGiDdstODHQA1WC7-UVjA14Ry157f-sHTTKczWVj2QVx00S3wRpo9Ga1O50vjtUGik2hpqLLlm7ot7w0-pa-R8BaCuQ5TfsIr72U8NzTbfPKRi6Z4Bo6NOG3uM1_m6kF97X_JGE5FaTVWyNp4wE-eCMuIOMo6mSEcrKNENIpifhBV5bOQ23cVX-16R7ByGvmNAFg9CdBWYyhOAQtey8BOGfs2pJh4EB5WLlpBGJgQn-c_Aql6PEJEdFe8MuQ1irIX2xtizfsRFhLZVWWRSALqxEzu8zxFqkUTX047W8Jnz97OPSiNgFy4jcWX5Unv8YAfdwOwPDbpLF9Z19f48JCrsXu1TCwa-rASfEdeUWC5AqJH0e-7pkfgRwrn-SESKQI_fiKfgTUK2RtxUWGw31wnjeSwUxUH9jW-g5vExwH0TTriUVqJ2gWyPKRYpXquSLZOxZJQWQrD4L8IUDGOIXok6IwP53u1_G4SyDdNZhC_UOo0Riagke-wSdLDT2EtBRYHRLIuoD7ABPWXIGkLlZoiHWZxycHKxOz42ssQUsVzlfJqkLcV1FXdGyI_16nIXxctGdMrQXQnprIkD-X8RUoObJUtKnsYtBhgCYHGigvuqB9aFyqByxeES0hqJRKnDJC2_P50_c-HMilcM7MeGIlN103-O_Jx1Mo9a_gS_7j7MHb_WeRuTU_kURklthHvo4h0NLY94adX_jPmGKutvZRbWcl6iYcUDGPEiTo7Ke_2U3BaJIDoIM7wftVk7GkXKfJSmLqbIb1xbU1pMviwRBlf1dQN49RkQr1OsgxD9OtGpLJf3BIe8hxu3y38IpQhGXumgT9WHf5ym0XjeWonqyrG2H-WeD6ZQYbpfPCNeBuRNkaonxyskJISpNU-ukAYcHZE9wgBX9YLJnapwv6XGsK-1zcNf8MdjL3LISZLwqj7WYjIugBzYaLxR3CM0XjI0-coHYrMGGmDXC1RbHipKB2apOTwDb7T-fHuSgk2lrAKye4z6KJ0v4Cuii5L4pQXNOqh1tDNq75_AjIhqV90qfPI_Ze12qe3eA1w3gEOEG-iFLRYCgCz_iB6GKJEcVLSXJVShhP7dZFaco8vSb1pVgrPAneeRYYUFod2s_FHnoj3cWAkUOrfLzVkYqC3-y8zEnLqIJzs09GRUR7nM-rspTxgaEw7dkOfURsMym90wt6vRKKl20OHGDOSdj2DKNtOkENclmsfYqzHeSCsTH2SgqBvDRHtPRe4aOrHRWthX2FT9mWM8uQR0crUnKf-0dOVr-2y9YAQh8B5gYc2DqBCJdbRK0vqAMPW5pDp929hhcFy9GGvSymwIKAP28ppuMhGrL2irkC6NewiOEZ22swygnw7ttEIFKxQ_G&pr=96:0.049&cid=CAQSGwDq26N9IcOpei8rPIuEIdDTMTKsU9TEpYz01BgBIAo&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dadasia_allpublishers_display%26aid%3D3704257862038289135010%26rev%3D2369ca4%26pr%3DY6brngAFYaUK4DEWAAKHTilMVqwrjNgngttkrQ%26bc%3D0.049%26bmid%3D5989%26biid%3D6021%26sid%3D106025%26brid%3D498733%26adid%3D421730024%26crid%3D25975648%26ts%3D1671883678%26bcud%3D49%26ss%3D5%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D89170%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
69354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 16:52:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 38F8
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcHfJAU9EqAkxt3hYERrwDGOpRllOJTwVGljqS65kvwJEjnkh3mHZECkoRgJkWL2IXME0AqXZeTX4025Ya2DbdKJnegB0CPN9FEOZZuvUI-vW-VuDKrt7Qk6uqdJ93qZihb4-cRLiug-_y9ROhx0Bp2ZlQNc23urqNiy2Im9TkvIVED5OixRyCw8x4RcO0lk44VGK7sx63wKsT48A-qFUqnInowmxVwj8so04CdK0Zd7RQhPT2IH5kL0sZP5GmilafGgKbdZL3A-5IDmwYzfV3y56oe_PaB5LrXH90Jtj1pGYbsRVBx1fiSfcVdEMqUDFBnLGRNsKGa77bxYFbfZ6bZgEgLpRGYqxChvkORsFmUW80OtBVGr_O1ZMmF89JuTn7IEUE2bcLGCywX-FHr4OXJn2OvsQZq5TLzZWccbFc6gWgPX3kUAIF09n9RfBsuAGScaxOBxtk-to2yxLEAxmugtwk5aHdydXOcestdY16xBMz5rfBrfyJ0Lzbr4NhZZi9eKw-kLGSKyVTNk-NxAc5laJLUQJSP-ILTS9JbtFk6hIGO8zZ9Kg8XJZWrNZbltJq0GYKQSqRs0_rutSxPPIEcPn7CS5tzrLJ2IrgATusw9u-NdyoyUn08_8-lXW2LhNQHfS5QzYAye0G15h-uQxHym760vb-O-xMrdg4r2m8s8uhR4MXGvc0TJaWL2kVWGvr6b1qDG3iamEBivbKiwCfnTcT-wBlGbc33ncSUUUcREeOtdIUGurm2Tx8wv7blDc59WBNKnySD8Bn5Ctldnz0FVZDxBlLB1A4RTQ8HUAGP7-LalvesLeiM9-SnXlsfYWbKcWrkwp4KFjTkX_Bdf92v0RMCIZ94i3POmKjL6pW8-EO2x-Y4iDwYKj_RGTXn2oEv5_IRKTVZWUQ3fgdwacnSLYrPPnOjzTffcMmPy9aUAECS3Od4aHwatwrMmaKnQ9PP02rpudnQ_Dgr8m6nOsJ0QsldGFAAtJRr-JhnVxZfTomQq4-1pniDsKlQnnfb8FjFtapdHx8oqrNXyqqSiXYC2JEhgY_fmCdtwsYOEL0iP3HrU99mHXLNULqgar3uhWn6D2fioZLmiXhSOADfa6GRRxpypmox0wv36CVnz085sLMuf9VrQrZFWfuxr5k2HtPkIxVyrT0H2nP37fDV7fRy6YGGX0hwxophhMw4wK75GaxXAaMgI-YZRQiuP4aaR28xuTVSQ&sai=AMfl-YSOFwb72lPnxwYoDxYFkYRH1yDcyz0ITafsx0cna2_o1pN613BzvQS6TgJ30f7s8XRpsYFxCdvWzx-XW9OfxhPORA7Z3uLrW9Y-muD_1TeEBWEmPl5FmAD_oAvTbqrK5sMPVp4T35CjoRIkiV_2XTs-BXh4nYHXxMYbPCklAPzIJTjUHxNnGxlFsQ&sig=Cg0ArKJSzL4IT17xSCdsEAE&uach_m=[UACH]&pr=96:0.049&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.67871&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASBSsVeo9S0OUJc7C0HcXrvz0YiBhlPsQTbRPQy088VIBJtrK-cJg6DrQmhnZUp8dW70oUPNb8ekSd8QWsTvTcxj_-OHkT012mV7bke_DpajXUAuWTiwSD78Ku7pv7hsELlgaKyHx9IZJDcMsrwt9q3M8AfaQrc94DIo5EYrTQPIpe3Do&cry=1&dbm_d=AKAmf-Df4Nv-t3-9brDwd-_O6fK08Z8lNjFal4ruvg4nysjWPEOLBsxz8l9kmCkJdjhyMUW4j0B_ep30xb030qClCKPI3rnbnNQ4wwVr9MPaFm2g_rPSQhwFbq1RuDRJDKg_2G56sxg8HZZu1TDYbKj2Jz_2KBbKvj8muEWFOm8dswjOKj9qpI44Npom7HamOX1LjSEflrb_vvvYDtMO7qG8Qw716_T6PgvwC2N-R8WeHb6R9D_8yb9LuPji18xjvmIJRACmRZ5Zf1DMBmFyvrOoG2_xuW2vKFD47ui9yGgShs1Uw5ulTQusAeXHMd9J4M5TAQ5DrXdpl6GHTeRHVY0KL9U7MgEowmUSEfr9xYUVDkueOI6C2drm8o84rExoIZQrz3G_XzTuRAipiHiN6Yj1yCsVVW1ESbO-Vubd3uDl_nFjtC8yiYdBZ1oFTokKNlfcOzCfh0n3g3kh6yVo1y7eLGhhKPbRDqRkGgH8COfPqsSojUgAL62gLMC59Li1faft4sIdDZdzzOShvqzUmszgo5uW2Bf6kfWhYAW3JZwPBlPQdIKtEzmNG9BYlpcUd-3R52SdvLno4WeE307j2pn3RMB1rJl8enYhJLmI34Pvk61YbXjYLmbRM5JXgFGZLnAD6WX8aMtpd14CTUOZXFvmkKmDqr8pbX3juVGft4rHKNsXjpBaT3YKaq4KvXPxi-Q1T-lotJHNdcnYRBaqDGBMbCu_U795N__VC0RMAxpjWt0fNTAxKBGmOQhwL1l6zCluQhvYenmN17b332__D9iGK5IX51aOddIBFDROvqcV7Y4XpAAtNNtMFm5ITKr5o0FnL82zUjLUWEdI8sab26Z-ODUSL-AzlnzDto9fam5Go_9zAG_bPYFiGWp4GmYhLRVE4kRHYiwr5F6cEy7YEwgAJpRR-A_ttI0yc3-W1ACpdgS9ec943shp8k8Ksf_2j4-mQMMfOgB2sRk_8DNSll46K5BuB2e70T3wITwty3hk-OeBobWUzraGXkiapUj__qTOSmQP6jU-tVWvvXEL1NVMzioqZU6kbttuREfNaD1bcF4cFpHgbiZGctqbz35g4JB-_zwkfGeU7MfjDeftL-Zpb8pPFcEjr0wZcwnaxfqEBbs7GjVPrgvUJ6w7JFfSEpeD2EWQdZPrdTude8SJARCsvotjIzRUaCvYhe2q0eXDCbjAj2yelxcGcfFxdsLlvfYsfZbfYEFdxZrAG3ocBlcVZ5EvBnh6dFWifkyZfN6tfErUtzX_Ks9kmE1ZqfJ-3AVqNbN6YT1CedhGhBJ0b1cCmbXrc-Qsw701Xud2ayxpWrNLA_mYXN_AAYFG64rPgViwr7CHldJEtF9tXhZa6GSMAmFewepDD9nNCrDEsByYy1uh-67hcO78QSyG7kf163V8QYvPldhZDLCbKwR7bbOoHhsNz73_ytdd04OoeykEZ_HVHWo5chuA0HHVG-uhTupmuHorvxlHM3kplgEmf46-5GBFhmy8gB9U-ncLNVQDCLVBvoj1hlk8nPj9XCxjfZDKKpt2GtFSGC30L9tSrbJq0nFQG4mkUNeNeSqs6WbJJhq5RTk32ru7khW4qXRIubc3HMgekk8lvJgYqdrVYTmOvS6FmWrNX76BeXNeGCrDQxLfH7e5WAxx-JkfhOE2oO-ILw0fv_kzCIHg4nSoeMT-IbO8pTLJ4RcHRcJTJp4PZl8uhGWzPzR8hie0oOfGJAVtqIZZt9MGBByGpLK98qdhtWpXyqAWRd69X6U_5Rtx1szGcHXkr9Zx2CpR2gLL6Op6UGojfLqDXjk77VatwSpd6Qd99Zb8ccdbORoU65A50-0qRP0zmBu1k-KqTYbBrfUdkVrkNvWKerMxl6LqIkga1DgytKVqqclVS8g4m-BvlQfv3oRqqz59cK_GjidysENjICakVXC5QI6owx4AV3s1L71MhRnaunH5bK2FU5UxaQVAL5RF_DdXqTXhEM8bTkiapxXoYMl_wbHB3Kw28SOdmx654ioyEbUzAe5Nip9I1H5ufvxiZFu4c0wNg0AgJUTsspWNsaJY7wwBLZQyC1sH2VVde6ReN7nDS8fLu5kq-NGiDdstODHQA1WC7-UVjA14Ry157f-sHTTKczWVj2QVx00S3wRpo9Ga1O50vjtUGik2hpqLLlm7ot7w0-pa-R8BaCuQ5TfsIr72U8NzTbfPKRi6Z4Bo6NOG3uM1_m6kF97X_JGE5FaTVWyNp4wE-eCMuIOMo6mSEcrKNENIpifhBV5bOQ23cVX-16R7ByGvmNAFg9CdBWYyhOAQtey8BOGfs2pJh4EB5WLlpBGJgQn-c_Aql6PEJEdFe8MuQ1irIX2xtizfsRFhLZVWWRSALqxEzu8zxFqkUTX047W8Jnz97OPSiNgFy4jcWX5Unv8YAfdwOwPDbpLF9Z19f48JCrsXu1TCwa-rASfEdeUWC5AqJH0e-7pkfgRwrn-SESKQI_fiKfgTUK2RtxUWGw31wnjeSwUxUH9jW-g5vExwH0TTriUVqJ2gWyPKRYpXquSLZOxZJQWQrD4L8IUDGOIXok6IwP53u1_G4SyDdNZhC_UOo0Riagke-wSdLDT2EtBRYHRLIuoD7ABPWXIGkLlZoiHWZxycHKxOz42ssQUsVzlfJqkLcV1FXdGyI_16nIXxctGdMrQXQnprIkD-X8RUoObJUtKnsYtBhgCYHGigvuqB9aFyqByxeES0hqJRKnDJC2_P50_c-HMilcM7MeGIlN103-O_Jx1Mo9a_gS_7j7MHb_WeRuTU_kURklthHvo4h0NLY94adX_jPmGKutvZRbWcl6iYcUDGPEiTo7Ke_2U3BaJIDoIM7wftVk7GkXKfJSmLqbIb1xbU1pMviwRBlf1dQN49RkQr1OsgxD9OtGpLJf3BIe8hxu3y38IpQhGXumgT9WHf5ym0XjeWonqyrG2H-WeD6ZQYbpfPCNeBuRNkaonxyskJISpNU-ukAYcHZE9wgBX9YLJnapwv6XGsK-1zcNf8MdjL3LISZLwqj7WYjIugBzYaLxR3CM0XjI0-coHYrMGGmDXC1RbHipKB2apOTwDb7T-fHuSgk2lrAKye4z6KJ0v4Cuii5L4pQXNOqh1tDNq75_AjIhqV90qfPI_Ze12qe3eA1w3gEOEG-iFLRYCgCz_iB6GKJEcVLSXJVShhP7dZFaco8vSb1pVgrPAneeRYYUFod2s_FHnoj3cWAkUOrfLzVkYqC3-y8zEnLqIJzs09GRUR7nM-rspTxgaEw7dkOfURsMym90wt6vRKKl20OHGDOSdj2DKNtOkENclmsfYqzHeSCsTH2SgqBvDRHtPRe4aOrHRWthX2FT9mWM8uQR0crUnKf-0dOVr-2y9YAQh8B5gYc2DqBCJdbRK0vqAMPW5pDp929hhcFy9GGvSymwIKAP28ppuMhGrL2irkC6NewiOEZ22swygnw7ttEIFKxQ_G&pr=96:0.049&cid=CAQSGwDq26N9IcOpei8rPIuEIdDTMTKsU9TEpYz01BgBIAo&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dadasia_allpublishers_display%26aid%3D3704257862038289135010%26rev%3D2369ca4%26pr%3DY6brngAFYaUK4DEWAAKHTilMVqwrjNgngttkrQ%26bc%3D0.049%26bmid%3D5989%26biid%3D6021%26sid%3D106025%26brid%3D498733%26adid%3D421730024%26crid%3D25975648%26ts%3D1671883678%26bcud%3D49%26ss%3D5%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D89170%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 12:07:59 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 38F8
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASBSsVeo9S0OUJc7C0HcXrvz0YiBhlPsQTbRPQy088VIBJtrK-cJg6DrQmhnZUp8dW70oUPNb8ekSd8QWsTvTcxj_-OHkT012mV7bke_DpajXUAuWTiwSD78Ku7pv7hsELlgaKyHx9IZJDcMsrwt9q3M8AfaQrc94DIo5EYrTQPIpe3Do&cry=1&dbm_d=AKAmf-Df4Nv-t3-9brDwd-_O6fK08Z8lNjFal4ruvg4nysjWPEOLBsxz8l9kmCkJdjhyMUW4j0B_ep30xb030qClCKPI3rnbnNQ4wwVr9MPaFm2g_rPSQhwFbq1RuDRJDKg_2G56sxg8HZZu1TDYbKj2Jz_2KBbKvj8muEWFOm8dswjOKj9qpI44Npom7HamOX1LjSEflrb_vvvYDtMO7qG8Qw716_T6PgvwC2N-R8WeHb6R9D_8yb9LuPji18xjvmIJRACmRZ5Zf1DMBmFyvrOoG2_xuW2vKFD47ui9yGgShs1Uw5ulTQusAeXHMd9J4M5TAQ5DrXdpl6GHTeRHVY0KL9U7MgEowmUSEfr9xYUVDkueOI6C2drm8o84rExoIZQrz3G_XzTuRAipiHiN6Yj1yCsVVW1ESbO-Vubd3uDl_nFjtC8yiYdBZ1oFTokKNlfcOzCfh0n3g3kh6yVo1y7eLGhhKPbRDqRkGgH8COfPqsSojUgAL62gLMC59Li1faft4sIdDZdzzOShvqzUmszgo5uW2Bf6kfWhYAW3JZwPBlPQdIKtEzmNG9BYlpcUd-3R52SdvLno4WeE307j2pn3RMB1rJl8enYhJLmI34Pvk61YbXjYLmbRM5JXgFGZLnAD6WX8aMtpd14CTUOZXFvmkKmDqr8pbX3juVGft4rHKNsXjpBaT3YKaq4KvXPxi-Q1T-lotJHNdcnYRBaqDGBMbCu_U795N__VC0RMAxpjWt0fNTAxKBGmOQhwL1l6zCluQhvYenmN17b332__D9iGK5IX51aOddIBFDROvqcV7Y4XpAAtNNtMFm5ITKr5o0FnL82zUjLUWEdI8sab26Z-ODUSL-AzlnzDto9fam5Go_9zAG_bPYFiGWp4GmYhLRVE4kRHYiwr5F6cEy7YEwgAJpRR-A_ttI0yc3-W1ACpdgS9ec943shp8k8Ksf_2j4-mQMMfOgB2sRk_8DNSll46K5BuB2e70T3wITwty3hk-OeBobWUzraGXkiapUj__qTOSmQP6jU-tVWvvXEL1NVMzioqZU6kbttuREfNaD1bcF4cFpHgbiZGctqbz35g4JB-_zwkfGeU7MfjDeftL-Zpb8pPFcEjr0wZcwnaxfqEBbs7GjVPrgvUJ6w7JFfSEpeD2EWQdZPrdTude8SJARCsvotjIzRUaCvYhe2q0eXDCbjAj2yelxcGcfFxdsLlvfYsfZbfYEFdxZrAG3ocBlcVZ5EvBnh6dFWifkyZfN6tfErUtzX_Ks9kmE1ZqfJ-3AVqNbN6YT1CedhGhBJ0b1cCmbXrc-Qsw701Xud2ayxpWrNLA_mYXN_AAYFG64rPgViwr7CHldJEtF9tXhZa6GSMAmFewepDD9nNCrDEsByYy1uh-67hcO78QSyG7kf163V8QYvPldhZDLCbKwR7bbOoHhsNz73_ytdd04OoeykEZ_HVHWo5chuA0HHVG-uhTupmuHorvxlHM3kplgEmf46-5GBFhmy8gB9U-ncLNVQDCLVBvoj1hlk8nPj9XCxjfZDKKpt2GtFSGC30L9tSrbJq0nFQG4mkUNeNeSqs6WbJJhq5RTk32ru7khW4qXRIubc3HMgekk8lvJgYqdrVYTmOvS6FmWrNX76BeXNeGCrDQxLfH7e5WAxx-JkfhOE2oO-ILw0fv_kzCIHg4nSoeMT-IbO8pTLJ4RcHRcJTJp4PZl8uhGWzPzR8hie0oOfGJAVtqIZZt9MGBByGpLK98qdhtWpXyqAWRd69X6U_5Rtx1szGcHXkr9Zx2CpR2gLL6Op6UGojfLqDXjk77VatwSpd6Qd99Zb8ccdbORoU65A50-0qRP0zmBu1k-KqTYbBrfUdkVrkNvWKerMxl6LqIkga1DgytKVqqclVS8g4m-BvlQfv3oRqqz59cK_GjidysENjICakVXC5QI6owx4AV3s1L71MhRnaunH5bK2FU5UxaQVAL5RF_DdXqTXhEM8bTkiapxXoYMl_wbHB3Kw28SOdmx654ioyEbUzAe5Nip9I1H5ufvxiZFu4c0wNg0AgJUTsspWNsaJY7wwBLZQyC1sH2VVde6ReN7nDS8fLu5kq-NGiDdstODHQA1WC7-UVjA14Ry157f-sHTTKczWVj2QVx00S3wRpo9Ga1O50vjtUGik2hpqLLlm7ot7w0-pa-R8BaCuQ5TfsIr72U8NzTbfPKRi6Z4Bo6NOG3uM1_m6kF97X_JGE5FaTVWyNp4wE-eCMuIOMo6mSEcrKNENIpifhBV5bOQ23cVX-16R7ByGvmNAFg9CdBWYyhOAQtey8BOGfs2pJh4EB5WLlpBGJgQn-c_Aql6PEJEdFe8MuQ1irIX2xtizfsRFhLZVWWRSALqxEzu8zxFqkUTX047W8Jnz97OPSiNgFy4jcWX5Unv8YAfdwOwPDbpLF9Z19f48JCrsXu1TCwa-rASfEdeUWC5AqJH0e-7pkfgRwrn-SESKQI_fiKfgTUK2RtxUWGw31wnjeSwUxUH9jW-g5vExwH0TTriUVqJ2gWyPKRYpXquSLZOxZJQWQrD4L8IUDGOIXok6IwP53u1_G4SyDdNZhC_UOo0Riagke-wSdLDT2EtBRYHRLIuoD7ABPWXIGkLlZoiHWZxycHKxOz42ssQUsVzlfJqkLcV1FXdGyI_16nIXxctGdMrQXQnprIkD-X8RUoObJUtKnsYtBhgCYHGigvuqB9aFyqByxeES0hqJRKnDJC2_P50_c-HMilcM7MeGIlN103-O_Jx1Mo9a_gS_7j7MHb_WeRuTU_kURklthHvo4h0NLY94adX_jPmGKutvZRbWcl6iYcUDGPEiTo7Ke_2U3BaJIDoIM7wftVk7GkXKfJSmLqbIb1xbU1pMviwRBlf1dQN49RkQr1OsgxD9OtGpLJf3BIe8hxu3y38IpQhGXumgT9WHf5ym0XjeWonqyrG2H-WeD6ZQYbpfPCNeBuRNkaonxyskJISpNU-ukAYcHZE9wgBX9YLJnapwv6XGsK-1zcNf8MdjL3LISZLwqj7WYjIugBzYaLxR3CM0XjI0-coHYrMGGmDXC1RbHipKB2apOTwDb7T-fHuSgk2lrAKye4z6KJ0v4Cuii5L4pQXNOqh1tDNq75_AjIhqV90qfPI_Ze12qe3eA1w3gEOEG-iFLRYCgCz_iB6GKJEcVLSXJVShhP7dZFaco8vSb1pVgrPAneeRYYUFod2s_FHnoj3cWAkUOrfLzVkYqC3-y8zEnLqIJzs09GRUR7nM-rspTxgaEw7dkOfURsMym90wt6vRKKl20OHGDOSdj2DKNtOkENclmsfYqzHeSCsTH2SgqBvDRHtPRe4aOrHRWthX2FT9mWM8uQR0crUnKf-0dOVr-2y9YAQh8B5gYc2DqBCJdbRK0vqAMPW5pDp929hhcFy9GGvSymwIKAP28ppuMhGrL2irkC6NewiOEZ22swygnw7ttEIFKxQ_G&pr=96:0.049&cid=CAQSGwDq26N9IcOpei8rPIuEIdDTMTKsU9TEpYz01BgBIAo&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dadasia_allpublishers_display%26aid%3D3704257862038289135010%26rev%3D2369ca4%26pr%3DY6brngAFYaUK4DEWAAKHTilMVqwrjNgngttkrQ%26bc%3D0.049%26bmid%3D5989%26biid%3D6021%26sid%3D106025%26brid%3D498733%26adid%3D421730024%26crid%3D25975648%26ts%3D1671883678%26bcud%3D49%26ss%3D5%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D89170%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 11:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:46:28 GMT
16759609660534879998
s0.2mdn.net/simgad/ Frame 38F8
45 KB
45 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/16759609660534879998
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d57b09e07b91dd0cb8d16facdd08366d8e024253edbcd48c9d66409981ee5c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 07:53:12 GMT
x-content-type-options
nosniff
age
15287
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46532
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:31:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Dec 2023 07:53:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F11B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsAoSnuumY7bECb_ex_AP15qI4AcAAAAAOAHgBAI&bg=!Li2lLWnNAAYgquz3AKo7ACkAdvg8Womezz0nWIHKNd8LoevMCJoaP17vjQ8SF8zHwLjC0rC3tIkfYwIAAAGRUgAAAAFoAQeZAznERePZto-B51ObYVfCBnvLVDVCjX3ZqrIBoFN_5htVEESk-yY0qY6pJiWlrzQDWMwCki6b8M5uBe-JjDeMQvqoIqeFvk-cpAEe1za0GuCfGKHbvzl3qixyfJs3AtFnaHd-W4SijyAWYDLQvtTZOl175txGeaELBMrdUIvkUW-pBRUicedVlNvj_F7blJbH5RFzFVUbNh6r9bAhWH-lvRn_mmpgelP6clTAqoeltG2EXpwk6DpHYSNsQICoQIIlSnIdIKpG1U8r1EdpF8M9zVdKjtjRUL-GTlx_pWZsdDb3T1aT4aIQLjGAfqk2tTDbZQwkUM2uvdKit4SLJpqORZyOQ0SjGw94PtfYP4QJjbHG_0Abpy10OLiQjgqM4ainLCxAR23PKZwkq2QUzsqP-FpihkGGX16tKKtYOyFjbhvfARBDpuO8EDXqG19G4K4DJSpVExrL1NyU6hxfR0cizjyeNvdi6sXdTAuNxGJab1OVfP5ANdvMp-43bd3jUJAb9fgg2DaivLShee5DL84hv5QmS1vF8-X2scTCm7mugE4WGbx1GUrzS38wgNGwqzQ_zaVbiTYsnihbINT915qYKwQESYAUq3dctqpD7ERaEroc7WW7dMr8XtUHwDmT-idMw4e2xiXJY7sRZ90auP0O2nvzFQ6agVl6pO5hmXkAQWOctqwAfMghrYiN3AeLb-LmwYmzJ397HQvw_yFz-ei_mcc2BUZnqko4aBG76nwyoFL9shxCjEf4_x9r7YBXMPsFN0REjoVTvPjjCmvFaOiWPuyZTtruYTRLudWJYuvhY_eVt1yK8yKM8OCgxL0QQuFPDoBBAAVWeP1nw3CuHHM4L0uVczXB8mvzptpdPh3C_VHcnRG1FNBg38cmQclKl8CuohMJTz_4So9dLiQ6OchePlbEy2eaNGGmZ30poAuIfxg-9zbFVRWFLMijuBFHUFIm7EyVX5sZcImrrGnTjWBokWMrBydPIvLaT3KySHBlXPqNEJydb5zPJCGgef-m5gA0a9CQuF0UGvTZZgrMklABWI4B9h2y5A4mhiMErbgZNtyXnRKexXBhqaXXKw3kjmpOZxj2ilEJrbjjEQA
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/
482 KB
482 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash
ea2588cf0c54b79c64e76bc4b0e91e3ab6ab959f4789940ec130a6726483bed6

Request headers

Referer
https://www.yyzzbaby.com/
vdoai
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=668528-1161651

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Sat, 30 Jul 2022 00:41:28 GMT
Server
nginx/1.20.1
ETag
"62e47e38-13305090"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 668528-1161651/321933456
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
493124
Expires
Sun, 24 Dec 2023 12:07:59 GMT
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://www.yyzzbaby.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Sat, 24 Dec 2022 12:07:59 GMT
Expires
Sun, 24 Dec 2023 12:07:59 GMT
Server
nginx/1.20.1
gen_204
pagead2.googlesyndication.com/pagead/ Frame F16F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BK8junuumY5_1CYHd3wPTvbPIDAAAAAA4AeAEAg&bg=!JySlJGDNAAYgquz3AKo7ACkAdvg8Wp1ldUTxlGDLk6NV0KYpgC2Bix88Drh88xYPGrx-SIja-7mq4AIAAAGAUgAAAAJoAQcKAAdrGOajzFE7mQMmEbDtTzjLTZfeOh_I9k6cmr-cUM0q_85W9wdRl8iJC-VyIrSnlEWWAYoZlLmetTOI-bN72OCxTIfUBAE3_UBJwBnA0VAhduSNgz_k2m7EJo7Ed6jbeTW1gjWHKiYlPA5zeoX7yRsTxC-HxO7RVyOUZQ4TqPiEp9uL1WsVFr681fLO4K7qWQVs1tEXdM5oJCgmf26sSWZmRjjixbDmfKocL2LeD-vx9eYYR7CwgiqS81My6E2OHlsx_bnaegmOBOT-RCsIXtwl0R73Wa4ddW0HUEv6UjBX7SvdVOGFIJAQC0VQ8jHSYWgGu5-yoXdQXNSZ7Zrj-aVklyxbjqpxB6x0ppjYN_t1JmjxmJ0DAWsL2vPRVZs71eeiTWE82wo0VQs2mxhcxCWSbpINoT1_hJtfvx_8AJlxZvoDuBS3QUUV1qZ7ab-a6sxWh16mltu5aPEb6Dg9jlqH6EHRbORVn_LPHla5MGBgwvpeRv30P25pKM3_DO0OkaOiVBe_gHDRYGSbxGz8QBPf9xXKqCmhskDF3hhb7tVaoxwFKixUIJ4pZngR-vOR5uVFIwxFukhR9t33Y2hus4pIpW6M7BMfniuYekTNg9AJ9KWKlawPruU8YBSLGPJm04CSCV-lZEAtrrorNWJUN0AMnASlOQmXuwauQYXGxVaQxhyCV48Y9zq49HWaZjUuS-SCmHUSmfYDyUkYo2DNEvSc4fMqjxWIkVe16s33bGvkRx8WgaYi55JaEsvmjNELH8rE4ZRjC5-ehxtXJEGr0heahEXDQSD95yu2tBc8_-SJir384ke86tqtZtWDvrs9mLDkBExEaCknPpsZhjmxZAM_TNBDDqDZ-Q8odls48sV9SwSVjJfZdvvlNmsMs8BlW0QBv8xJEUwcXafLRaAEAkHN89otKzlwm_ZJKuKNbbkf0dN__EdxCl8lVJ9MBj5Z2OByI-WQ33XMAYWldR_Hk-y8iw0dO-IjF5rmF5lzJ_Giwm98l2zVgmLt_X7ZSlaAdJsS944zby347wxPFhtIdyCzSKwiR4G0xwRpBqNYaCX8Nnp_uuW0W0x2hd8P0QwWjjc
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ad-events.flashtalking.com/state/6882479;4082875;0;271;80C0266A-6A50-1B11-250C-E0F36276C07A/ Frame D590
0
66 B
Image
General
Full URL
https://ad-events.flashtalking.com/state/6882479;4082875;0;271;80C0266A-6A50-1B11-250C-E0F36276C07A/?cachebuster=470320370
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.112.146 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-112-146.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
ft.stat
stat.flashtalking.com/reportV3/ Frame D590
1 B
377 B
Image
General
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?224808575-6882479;4082875;0-304-0-5471A0FFDE97AD-372374066
Requested by
Host: 232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
URL: https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 12:07:59 GMT
manifest.js
cdn.flashtalking.com/170119/4082875/ Frame E9C2
113 B
812 B
Script
General
Full URL
https://cdn.flashtalking.com/170119/4082875/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0f16f24b66ab2f8d364f360596dd838468383673c7d67a7cb8c0886b121d7f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
x-amz-request-id
NE7AT32XDVTC4TFW
Surrogate-Control
max-age=1200;hw-h2proxy
Content-Length
126
x-amz-id-2
mZhehMUbRwe8KeRgakegP5eTX1wNttjNnDET8JaE8aUfhdwPx5Fmyo/jXD8Y5GS0B07DtpZ8r3I=
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-HW
1671883679.cdn4-pxy016-ams02.am5.evs,1671883679.cds205.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
hg1.jpg
cdn.flashtalking.com/170119/4082875/images/ Frame E9C2
52 KB
53 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/hg1.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
eb72b1d68afdbb0f6ba7c0c429624dc01a3017b94fd25de34362ad297dd73f6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
N32V0KW1X64N2XG5
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1671883678.dop018.am5.shc,1671883679.dop018.am5.t,1671883679.cds324.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1199
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
53211
x-amz-id-2
ZX1ykZkS3+03BZjc1gSGQBClAUrcFFApLnziTPbFTXf2kO9xegtr+1iUnA8M8yKusZQyyFlDNI0=
hg2.jpg
cdn.flashtalking.com/170119/4082875/images/ Frame E9C2
50 KB
51 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/hg2.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
307cc96dc20a8c27c9a8798f07a45e9009dca9a309a852c3e4c7e114f4c1ec7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
ZK4Y2AFWVVFAMJ6S
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1671883678.dop152.am5.shc,1671883679.dop152.am5.t,1671883679.cds250.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1199
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
51428
x-amz-id-2
cNc/hRz2bDWRXQgbgjagfjYdoZM6MagBBdFTb12hFla7wT7XDTEca7H/AvmAgIs64YY/FSzOtYg=
hg3.jpg
cdn.flashtalking.com/170119/4082875/images/ Frame E9C2
25 KB
26 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/hg3.jpg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
532db41f5a1087c4787573a9e0605a5981d001eb412aec57cbe7113f8b334eb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32XQNNSY95RM735
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-HW
1671883678.dop125.am5.t,1671883678.cds239.am5.shn,1671883679.dop125.am5.t,1671883679.cds116.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1199
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25444
x-amz-id-2
WB0Y0o9lPlH5yo0UWkHGeI8QKnqB7QtnhHP+8MWG81FJ+CtrsiULsgQLl0toEd3Ch1f6D6vbE6I=
logo.svg
cdn.flashtalking.com/170119/4082875/images/ Frame E9C2
7 KB
8 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/logo.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
6654a63b00bdd0bf9d5826c7ab72a84f9e5647ecd6c2ace67503456319b1838e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32H03HAT2T4T05W
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop208.am5.shc,1671883679.dop208.am5.t,1671883679.cds316.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7500
x-amz-id-2
LvPFG+SknzoB995udj3UO+1GiXn2+iHU5yiVR/j7Ok60HkSdxAZBSFsLxhH9vOUcX1/UWjWteiU=
copyphase1.svg
cdn.flashtalking.com/170119/4082875/images/ Frame E9C2
3 KB
4 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/copyphase1.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2854ee6c8bcefae5af92a25ec828db621fe0994f01e1afa0c3240c9cd8c2b53f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
N32YXZKXCWEA2A3V
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop002.am5.t,1671883678.cds220.am5.shn,1671883679.dop002.am5.t,1671883679.cds115.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1199
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2914
x-amz-id-2
18zU6u4ujWtPluuB2qx9mqTsT0UTODlpeqa7w5eVMmKfPzAWKOTBnT0iQQ9bD5Ky6mvZV/Tf6tU=
copyphase2.svg
cdn.flashtalking.com/170119/4082875/images/ Frame E9C2
3 KB
3 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/copyphase2.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2f542e969c79b4ae3e03954481a961001a66096a6ca43ba4df2af140ce99bef0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
NE7017MK038ADE1B
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop125.am5.t,1671883678.cds239.am5.shn,1671883679.dop125.am5.t,1671883679.cds146.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1199
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2604
x-amz-id-2
Cv7oxzPPQjnMN+GDBokhUB9Ot6Q31+c9q608Kl7Dr2BTXGOyMVsYLMnYCaTjTN8b2P4/fCNDrXo=
copyphase3.svg
cdn.flashtalking.com/170119/4082875/images/ Frame E9C2
13 KB
13 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/copyphase3.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a82bf22c844d10d55df025c24025bf464dc175da5f439fa0411cb10e953c4e8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
NE7E3X0W84N1AJ9A
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop152.am5.shc,1671883679.dop152.am5.t,1671883679.cds246.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12861
x-amz-id-2
jZVwik50Q8mDuF/ecfprtpC0XWTX+qrpkM3BZa2FATTwgYt7tylrF9QlzzL0tm5AaPsYmhxMYWY=
cta.svg
cdn.flashtalking.com/170119/4082875/images/ Frame E9C2
5 KB
6 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/cta.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
5f188bd596926e30a865819ba8e19e526f0c4ad77babe539688b7bb905b8faed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:36 GMT
x-amz-request-id
EVVGPQ5JZSPC4BVE
ETag
"1666279716"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop208.am5.shc,1671883679.dop208.am5.t,1671883679.cds007.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5238
x-amz-id-2
Ra8UwOE7AFJKz9vVEK65GWVymrNr+lcfA/OWNRO+xQxFAlOpA4uyDOVQoGtN16/YQTocqTsEKTI=
pb.svg
cdn.flashtalking.com/170119/4082875/images/ Frame E9C2
3 KB
4 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/pb.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9bc037bd21b64c738431daeb5b7657d4f87039a1fa5dfffb5b7ffaa8c2e5ae31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32KE2X900ZCB1AF
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop002.am5.t,1671883678.cds220.am5.shn,1671883679.dop002.am5.t,1671883679.cds246.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3496
x-amz-id-2
U0cDamzb1FmsjAy1CZkumGxApAfgAAgxocUAChkd8Mm3loLQmbcfl9kfZArUOKFvoCgJMfg7Ris=
tag.svg
cdn.flashtalking.com/170119/4082875/images/ Frame E9C2
16 KB
17 KB
Image
General
Full URL
https://cdn.flashtalking.com/170119/4082875/images/tag.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/170119/4082875/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f9299e6a9b1a3106e1489f974221459cf31a78258192b00cf9653f6a9df4b290

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/170119/4082875/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Thu, 20 Oct 2022 15:28:37 GMT
x-amz-request-id
N32ST5HPE2A5T1YW
ETag
"1666279717"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-HW
1671883678.dop018.am5.shc,1671883679.dop018.am5.t,1671883679.cds153.am5.c
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16547
x-amz-id-2
Ox/FC1/gd1MnjfxIpCj9Cu/V3wk4Rhft0VyBla5ZOT3G/mqQxsYsMw5LuuDOZlLz2OeZ/A4G2Vs=
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 565F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
174083
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 11:46:36 GMT
expires
Fri, 22 Dec 2023 11:46:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 38F8
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcHfJAU9EqAkxt3hYERrwDGOpRllOJTwVGljqS65kvwJEjnkh3mHZECkoRgJkWL2IXME0AqXZeTX4025Ya2DbdKJnegB0CPN9FEOZZuvUI-vW-VuDKrt7Qk6uqdJ93qZihb4-cRLiug-_y9ROhx0Bp2ZlQNc23urqNiy2Im9TkvIVED5OixRyCw8x4RcO0lk44VGK7sx63wKsT48A-qFUqnInowmxVwj8so04CdK0Zd7RQhPT2IH5kL0sZP5GmilafGgKbdZL3A-5IDmwYzfV3y56oe_PaB5LrXH90Jtj1pGYbsRVBx1fiSfcVdEMqUDFBnLGRNsKGa77bxYFbfZ6bZgEgLpRGYqxChvkORsFmUW80OtBVGr_O1ZMmF89JuTn7IEUE2bcLGCywX-FHr4OXJn2OvsQZq5TLzZWccbFc6gWgPX3kUAIF09n9RfBsuAGScaxOBxtk-to2yxLEAxmugtwk5aHdydXOcestdY16xBMz5rfBrfyJ0Lzbr4NhZZi9eKw-kLGSKyVTNk-NxAc5laJLUQJSP-ILTS9JbtFk6hIGO8zZ9Kg8XJZWrNZbltJq0GYKQSqRs0_rutSxPPIEcPn7CS5tzrLJ2IrgATusw9u-NdyoyUn08_8-lXW2LhNQHfS5QzYAye0G15h-uQxHym760vb-O-xMrdg4r2m8s8uhR4MXGvc0TJaWL2kVWGvr6b1qDG3iamEBivbKiwCfnTcT-wBlGbc33ncSUUUcREeOtdIUGurm2Tx8wv7blDc59WBNKnySD8Bn5Ctldnz0FVZDxBlLB1A4RTQ8HUAGP7-LalvesLeiM9-SnXlsfYWbKcWrkwp4KFjTkX_Bdf92v0RMCIZ94i3POmKjL6pW8-EO2x-Y4iDwYKj_RGTXn2oEv5_IRKTVZWUQ3fgdwacnSLYrPPnOjzTffcMmPy9aUAECS3Od4aHwatwrMmaKnQ9PP02rpudnQ_Dgr8m6nOsJ0QsldGFAAtJRr-JhnVxZfTomQq4-1pniDsKlQnnfb8FjFtapdHx8oqrNXyqqSiXYC2JEhgY_fmCdtwsYOEL0iP3HrU99mHXLNULqgar3uhWn6D2fioZLmiXhSOADfa6GRRxpypmox0wv36CVnz085sLMuf9VrQrZFWfuxr5k2HtPkIxVyrT0H2nP37fDV7fRy6YGGX0hwxophhMw4wK75GaxXAaMgI-YZRQiuP4aaR28xuTVSQ&sai=AMfl-YSOFwb72lPnxwYoDxYFkYRH1yDcyz0ITafsx0cna2_o1pN613BzvQS6TgJ30f7s8XRpsYFxCdvWzx-XW9OfxhPORA7Z3uLrW9Y-muD_1TeEBWEmPl5FmAD_oAvTbqrK5sMPVp4T35CjoRIkiV_2XTs-BXh4nYHXxMYbPCklAPzIJTjUHxNnGxlFsQ&sig=Cg0ArKJSzL4IT17xSCdsEAE&uach_m=[UACH]&pr=96:0.049&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=197&vt=11&dtpt=196&dett=2&cstd=0&cisv=r20221207.67871&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASBSsVeo9S0OUJc7C0HcXrvz0YiBhlPsQTbRPQy088VIBJtrK-cJg6DrQmhnZUp8dW70oUPNb8ekSd8QWsTvTcxj_-OHkT012mV7bke_DpajXUAuWTiwSD78Ku7pv7hsELlgaKyHx9IZJDcMsrwt9q3M8AfaQrc94DIo5EYrTQPIpe3Do&cry=1&dbm_d=AKAmf-Df4Nv-t3-9brDwd-_O6fK08Z8lNjFal4ruvg4nysjWPEOLBsxz8l9kmCkJdjhyMUW4j0B_ep30xb030qClCKPI3rnbnNQ4wwVr9MPaFm2g_rPSQhwFbq1RuDRJDKg_2G56sxg8HZZu1TDYbKj2Jz_2KBbKvj8muEWFOm8dswjOKj9qpI44Npom7HamOX1LjSEflrb_vvvYDtMO7qG8Qw716_T6PgvwC2N-R8WeHb6R9D_8yb9LuPji18xjvmIJRACmRZ5Zf1DMBmFyvrOoG2_xuW2vKFD47ui9yGgShs1Uw5ulTQusAeXHMd9J4M5TAQ5DrXdpl6GHTeRHVY0KL9U7MgEowmUSEfr9xYUVDkueOI6C2drm8o84rExoIZQrz3G_XzTuRAipiHiN6Yj1yCsVVW1ESbO-Vubd3uDl_nFjtC8yiYdBZ1oFTokKNlfcOzCfh0n3g3kh6yVo1y7eLGhhKPbRDqRkGgH8COfPqsSojUgAL62gLMC59Li1faft4sIdDZdzzOShvqzUmszgo5uW2Bf6kfWhYAW3JZwPBlPQdIKtEzmNG9BYlpcUd-3R52SdvLno4WeE307j2pn3RMB1rJl8enYhJLmI34Pvk61YbXjYLmbRM5JXgFGZLnAD6WX8aMtpd14CTUOZXFvmkKmDqr8pbX3juVGft4rHKNsXjpBaT3YKaq4KvXPxi-Q1T-lotJHNdcnYRBaqDGBMbCu_U795N__VC0RMAxpjWt0fNTAxKBGmOQhwL1l6zCluQhvYenmN17b332__D9iGK5IX51aOddIBFDROvqcV7Y4XpAAtNNtMFm5ITKr5o0FnL82zUjLUWEdI8sab26Z-ODUSL-AzlnzDto9fam5Go_9zAG_bPYFiGWp4GmYhLRVE4kRHYiwr5F6cEy7YEwgAJpRR-A_ttI0yc3-W1ACpdgS9ec943shp8k8Ksf_2j4-mQMMfOgB2sRk_8DNSll46K5BuB2e70T3wITwty3hk-OeBobWUzraGXkiapUj__qTOSmQP6jU-tVWvvXEL1NVMzioqZU6kbttuREfNaD1bcF4cFpHgbiZGctqbz35g4JB-_zwkfGeU7MfjDeftL-Zpb8pPFcEjr0wZcwnaxfqEBbs7GjVPrgvUJ6w7JFfSEpeD2EWQdZPrdTude8SJARCsvotjIzRUaCvYhe2q0eXDCbjAj2yelxcGcfFxdsLlvfYsfZbfYEFdxZrAG3ocBlcVZ5EvBnh6dFWifkyZfN6tfErUtzX_Ks9kmE1ZqfJ-3AVqNbN6YT1CedhGhBJ0b1cCmbXrc-Qsw701Xud2ayxpWrNLA_mYXN_AAYFG64rPgViwr7CHldJEtF9tXhZa6GSMAmFewepDD9nNCrDEsByYy1uh-67hcO78QSyG7kf163V8QYvPldhZDLCbKwR7bbOoHhsNz73_ytdd04OoeykEZ_HVHWo5chuA0HHVG-uhTupmuHorvxlHM3kplgEmf46-5GBFhmy8gB9U-ncLNVQDCLVBvoj1hlk8nPj9XCxjfZDKKpt2GtFSGC30L9tSrbJq0nFQG4mkUNeNeSqs6WbJJhq5RTk32ru7khW4qXRIubc3HMgekk8lvJgYqdrVYTmOvS6FmWrNX76BeXNeGCrDQxLfH7e5WAxx-JkfhOE2oO-ILw0fv_kzCIHg4nSoeMT-IbO8pTLJ4RcHRcJTJp4PZl8uhGWzPzR8hie0oOfGJAVtqIZZt9MGBByGpLK98qdhtWpXyqAWRd69X6U_5Rtx1szGcHXkr9Zx2CpR2gLL6Op6UGojfLqDXjk77VatwSpd6Qd99Zb8ccdbORoU65A50-0qRP0zmBu1k-KqTYbBrfUdkVrkNvWKerMxl6LqIkga1DgytKVqqclVS8g4m-BvlQfv3oRqqz59cK_GjidysENjICakVXC5QI6owx4AV3s1L71MhRnaunH5bK2FU5UxaQVAL5RF_DdXqTXhEM8bTkiapxXoYMl_wbHB3Kw28SOdmx654ioyEbUzAe5Nip9I1H5ufvxiZFu4c0wNg0AgJUTsspWNsaJY7wwBLZQyC1sH2VVde6ReN7nDS8fLu5kq-NGiDdstODHQA1WC7-UVjA14Ry157f-sHTTKczWVj2QVx00S3wRpo9Ga1O50vjtUGik2hpqLLlm7ot7w0-pa-R8BaCuQ5TfsIr72U8NzTbfPKRi6Z4Bo6NOG3uM1_m6kF97X_JGE5FaTVWyNp4wE-eCMuIOMo6mSEcrKNENIpifhBV5bOQ23cVX-16R7ByGvmNAFg9CdBWYyhOAQtey8BOGfs2pJh4EB5WLlpBGJgQn-c_Aql6PEJEdFe8MuQ1irIX2xtizfsRFhLZVWWRSALqxEzu8zxFqkUTX047W8Jnz97OPSiNgFy4jcWX5Unv8YAfdwOwPDbpLF9Z19f48JCrsXu1TCwa-rASfEdeUWC5AqJH0e-7pkfgRwrn-SESKQI_fiKfgTUK2RtxUWGw31wnjeSwUxUH9jW-g5vExwH0TTriUVqJ2gWyPKRYpXquSLZOxZJQWQrD4L8IUDGOIXok6IwP53u1_G4SyDdNZhC_UOo0Riagke-wSdLDT2EtBRYHRLIuoD7ABPWXIGkLlZoiHWZxycHKxOz42ssQUsVzlfJqkLcV1FXdGyI_16nIXxctGdMrQXQnprIkD-X8RUoObJUtKnsYtBhgCYHGigvuqB9aFyqByxeES0hqJRKnDJC2_P50_c-HMilcM7MeGIlN103-O_Jx1Mo9a_gS_7j7MHb_WeRuTU_kURklthHvo4h0NLY94adX_jPmGKutvZRbWcl6iYcUDGPEiTo7Ke_2U3BaJIDoIM7wftVk7GkXKfJSmLqbIb1xbU1pMviwRBlf1dQN49RkQr1OsgxD9OtGpLJf3BIe8hxu3y38IpQhGXumgT9WHf5ym0XjeWonqyrG2H-WeD6ZQYbpfPCNeBuRNkaonxyskJISpNU-ukAYcHZE9wgBX9YLJnapwv6XGsK-1zcNf8MdjL3LISZLwqj7WYjIugBzYaLxR3CM0XjI0-coHYrMGGmDXC1RbHipKB2apOTwDb7T-fHuSgk2lrAKye4z6KJ0v4Cuii5L4pQXNOqh1tDNq75_AjIhqV90qfPI_Ze12qe3eA1w3gEOEG-iFLRYCgCz_iB6GKJEcVLSXJVShhP7dZFaco8vSb1pVgrPAneeRYYUFod2s_FHnoj3cWAkUOrfLzVkYqC3-y8zEnLqIJzs09GRUR7nM-rspTxgaEw7dkOfURsMym90wt6vRKKl20OHGDOSdj2DKNtOkENclmsfYqzHeSCsTH2SgqBvDRHtPRe4aOrHRWthX2FT9mWM8uQR0crUnKf-0dOVr-2y9YAQh8B5gYc2DqBCJdbRK0vqAMPW5pDp929hhcFy9GGvSymwIKAP28ppuMhGrL2irkC6NewiOEZ22swygnw7ttEIFKxQ_G&pr=96:0.049&cid=CAQSGwDq26N9IcOpei8rPIuEIdDTMTKsU9TEpYz01BgBIAo&xfc=https%3A%2F%2Feb2.3lift.com%2Fec%3Finv_code%3Dadasia_allpublishers_display%26aid%3D3704257862038289135010%26rev%3D2369ca4%26pr%3DY6brngAFYaUK4DEWAAKHTilMVqwrjNgngttkrQ%26bc%3D0.049%26bmid%3D5989%26biid%3D6021%26sid%3D106025%26brid%3D498733%26adid%3D421730024%26crid%3D25975648%26ts%3D1671883678%26bcud%3D49%26ss%3D5%26caid%3D0%26unid%3D0%26cepos%3D0%26ceid%3D0%26cb%3D89170%26rdir%3D&rfl=2%2Chttps%253A%252F%252Fwww.yyzzbaby.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 24 Dec 2022 12:07:59 GMT
sync
eb2.3lift.com/ Frame C319
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?max=10&cb=70415
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 24 Dec 2022 12:07:59 GMT
csi
csi.gstatic.com/ Frame 30FA
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lc1wdi9b&c=8567818601437&slotId=4283909300718.5&qqid=CJzTr4ackvwCFZjUdwodR-8MTA&gqid=n-umY8v8AdaOjuwPov6f4A0&fb=ima_html5-lima&sdkv=h.3.549.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44748969%2C44750824%2C44765701%2C44768716&met.4=ghmsh_s.lc1wdj8r~ghmsh_s.lc1wdj8s&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=uU6VDiKU1x_NP-fR
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
simid_trueview_en.html
imasdk.googleapis.com/js/simid/ Frame AFB0
147 KB
45 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/simid/simid_trueview_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54e4659c23e4a26d918573426b16dbd6a8c0525237d3e49b1e2feab765768a38
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-jKiAKTJ6pHmID_LpWeCz0g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static; base-uri 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'nonce-jKiAKTJ6pHmID_LpWeCz0g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static; base-uri 'none'
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 30FA
453 B
478 B
Image
General
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-7094677798399606
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:33:08 GMT
x-content-type-options
nosniff
age
2091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Dec 2022 12:23:08 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 30FA
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBon3n-umY9yHBJip3wPH3rPgBLaNpItu2YrGobMQ4-SDpa4kEAEgrNaJRmCV4pCCoAegAe7JlO8CyAEFqQJsf92vI9CxPuACAKgDAZgEAKoE1AJP0Gs7cYpO4shnryDyc94F6vnOksGCtrv2-nyU-dmfPI3uiSwe404iMu2LxBJq_uBsrjHgN3azDbOe0q4y6oikPnG2NxzfBUEctJ0fWmdAuiC82OpIpo5V4s-B6HTIamUlAWDs-0iPZmlsnhTQjWR1Yfh9bkJuejOYvwtQQVFz1a094Uu2gsTZhXfiJeyORC9yxHFlR04HKZVSSB1DKhm0jNDfd3tIaog35luTwm22QXUudsiExspN-SCfz9SoEKkH00_zyxWYR61mhxgFIXkNj_CEsHnEzcDAWMwwOYR7UP0XhtK1Tvyp5qjy-C-Gs3CB1_cn5Tq_pY5z2jCIgyyNbVDtefClAUwpQAp23UxsVP5bWZWjRXlSNMpOafWp-9_QJkwNxaunxJUVi4o7fPohvDP0yo8DCBmixu88kQTOvQDWqLI9AJdDQFCD7B2xvXqJNe0ewATrhJ3NggTgBAGIBZqNje5BkgUICAMQAhgBUAGgBlSAB_q165ABqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECxCSaK9JMTQa0JgAoDmAsByAsB0AsPuAwBmg0BD7ATq7HVEdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&sigh=pvUrybjWtwk&label=show_ad&sdkv=h.3.549.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2MzUxNjM3NjQwOTIMNjA4ODAwODg2ODM3QJMEUiMQDyUAADRCKAE6C3Y5dzYtdUFUX2lVQglnb29nbGVhZHNQABgB
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 30FA
0
0
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C0Op8n-umY9yHBJip3wPH3rPgBLaNpItu2YrGobMQ4-SDpa4kEAEgrNaJRmCV4pCCoAegAe7JlO8CyAEFqQJsf92vI9CxPuACAKgDAZgEAKoE1QJP0Gs7cYpO4shnryDyc94F6vnOksGCtrv2-nyU-dmfPI3uiSwe404iMu2LxBJq_uBsrjHgN3azDbOe0q4y6oikPnG2NxzfBUEctJ0fWmdAuiC82OpIpo5V4s-B6HTIamUlAWDs-0iPZmlsvhQwVd5ypTqmljiDoiQoWjOCe2t-2qA-4ksTsn_ojXeeIsSOMuAEU_ZDgikBKZXip_aQaBm0g9_fd56zgYsNExhmwe32tHRbdcgGI8m4ejCfONddE6sHJkwGyBeYsq6RhBgF1Hj4jPCGRXoxzsHArc_EOoR7pf7ihdK1u_9c5ajyDSxzsHCBAuTv4Rt9aIhiCMePmG52YFu_c9AFDg8AABPyDST7keLbRIijcC1G-3fHqOJ0Y0_pHctknf9f3n5-l9TQVRZn2z0eywSqIDuizfzP-hiQVgv0qL4p9NEkTrqIzh2_q-XgbbnmtsAE64SdzYIE4AQBkgUICBsQAhgBUAGSBQgINxAFGApQAaAGVIAH-rXrkAGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEMq3pAGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATq7HVEcITBhjuyZTvAsgTi7De4APYEwLYFAHQFQGYFgGoFgGAFwGyFx4KHAgAEhRwdWItNzA5NDY3Nzc5ODM5OTYwNhjEixc&sigh=Kga3LiItfas&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N9zyCrZG9xRxFsXqyt-y6qbfw3Nbi4kw9Y93z2-NdkrTuwuVBbNgl4sSbr7JQw7dssabE-K7drGAEgEw&vt=10&sdkv=h.3.549.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2MzUxNjM3NjQwOTIMNjA4ODAwODg2ODM3QJMEUiMQDyUAADRCKAE6C3Y5dzYtdUFUX2lVQglnb29nbGVhZHNQABgB
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

sync
eb2.3lift.com/ Frame 81E2
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?max=10&cb=71599
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/2369ca4d2b2a0cf532ecfd0480c15fd7ed08fa0a/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 24 Dec 2022 12:07:59 GMT
csi
csi.gstatic.com/
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lc1wdh5x&c=8567818601437&slotId=4283909300718.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 565F
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 10:51:16 GMT
videoplayback
rr3---sn-5hne6nsr.googlevideo.com/
3 MB
3 MB
Media
General
Full URL
https://rr3---sn-5hne6nsr.googlevideo.com/videoplayback?expire=1671912479&ei=n-umY72qEMeU-gaWg5zwDQ&ip=2a03:1b20:6:f011::2e&id=bfdc3afae013fe25&itag=22&source=youtube&requiressl=yes&mh=g-&mm=31&mn=sn-5hne6nsr&ms=au&mv=m&mvi=3&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=45.069&lmt=1658518162222682&mt=1671883288&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgO4kQasM-MLsisrtEY9haP_eVCTUddSRiwXCE8D3WqywCIE9Oko36kevSPclF6G1CKtUHqPDpd2Qds2OAFgHP9j8w&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOOqNhj5HTSw9wI4GAFL8ydbbwY3sLPoLiJTr8P5jb2nAiASmiQax1JTkhxbSULXBwNc-44LwW5TjF8KhHy8A9S7cA==&cpn=uU6VDiKU1x_NP-fR
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:6::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
ca61016153cef837ad51696e9e8c9374a8c13d990868e54c250006736c2c5271
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yyzzbaby.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Jul 2022 19:29:22 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-3194163/3194164
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3194164
Expires
Sat, 24 Dec 2022 12:07:59 GMT
csi
csi.gstatic.com/ Frame AFB0
0
327 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lc1wdjcw&c=5827804630475&slotId=2913902315237.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/simid/simid_trueview_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8328
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9UYLnuumY7nhHdPkx_AP752C-AoAAAAAOAHgBAI&bg=!zM-lz4vNAAYgquz3AKo7ACkAdvg8Wg5uMRfzxBhwxKO3QFPff94rP4lQlH2vu6WP8kPINyXvTAmzjAIAAAEdUgAAAARoAQeZA44o38NZdYKBRi_GS-1swjy09en3-T0F84bnbEH4qXt47rvblyQpxHxM7zOtJNF5Nu_pKnY32oGMznDcS0CD08NUp_K8yEZwB2AeDri-nxS-Q9-J9TQFDbKv-GKm91B5pGZjeIIHbBhRqtxuR4Yvr_4G84sM5ITBEruZyaCsXhW-YU55RhG3mqSyxd3Jfxl1ah5cdosxMwQ9sQF3cOsyeiVxC5sP21SghQiNyXYKTRXQJP2luM94cSQ1bGwXJedUx1WAQXNMEXITD5u7CTbUnYG7pdOCYRlRoaHvnr2PpGqcMhltoIe9R7_qWlwabpXJKWyjReLu7uy_4NMmoogjMwFo7hkRuoGdZfousuj5awEil15hZTkQqBYYyNDKluYr2-Rq08LitElSvfP3g8u8Q9nlQkpZbp_1ey-JNOcv1oq7bgoOluzOPBbKsNpYfGKpudXrmYp4EFI7xnLjbriYFpITh9TsZGAgTJQC-YN4E964W1QPUiSBaBt7e5fVuKJfnAtSXNz-r1YXcH5Zqmj27wuPCreaCqhD9Z5Yh-rTW-lEwSSuGnM4zvXQqwJym9Kw30Nw1Ve1YenASMXYlcaIlwiIyk33LFXc8v7b6Mgh6l_zDxYP9QTVqEKYdde_UbK52aXPzipGVTeFtXA3kxgs3ThFKFzDgRli7Ldzs7U7zNzNbMojIEOFddrR0widh10tXY5mAo4KamWcH103UG5YWuhgM2MDxH59jKw5VYuaKteNsPrrPhNybqVImRaKpyHP_OlZtqLkQ0xQRNuwnF6yJ5sUGA-beb-rSsqCaiytdOMOKYRa2AhVQPiMaJmht0xV0SNIUcgOP-A0BPG_mmrYcDTjqOiu8m1efa9Sm4Foe2FLYU6x7p1JLGMUFpv31_2evLXVgojTp1X19IkmL0zJLI7VoTJn9iZy9A6mly2s_O5zrHXnqBk9FlqcbuSddWpeQ2am3CAmQjPPIdLnc_lkAW3UTm6r5SBb4iRi--Rp1LYWy9FeBo5s8njho70_U7siEN0lotsfjwl6FHm8vOfaAs4PE5cKkfC1Ed1uLG8Fry2vJBi_jVlMDl90QHG2qgzc0waBEshzZywL1HJg6ssqHk7oV4-vqJA1EyMqM8JOP1cBsInFyrhWdFTBgfXCO6dpwY_DqOES2WtBkPEa8eyW9Eo4Kx92admodgLOYQ0DFoVQ81nA22tpH8WcGwgmLhnY
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AFB0
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lc1wdjcy&c=5827804630475&slotId=2913902315237.5&fb=simid_trueview&fbv=1.0.0&gqid=n-umY8v8AdaOjuwPov6f4A0&qqid=CJzTr4ackvwCFZjUdwodR-8MTA&sdkv=h.3.549.0&sei=44748969%2C44750824%2C44765701%2C44768716&simid_ssss=unknown&simid_trvc_e=ep&met.4=vss_tr.41
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/simid/simid_trueview_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AMLnZu8UW8h0d8JSP5cYPdeGpATlNnGqQ_W-3FUjTfmvLw=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame AFB0
2 KB
2 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AMLnZu8UW8h0d8JSP5cYPdeGpATlNnGqQ_W-3FUjTfmvLw=s48-c-k-c0x00ffffff-no-rj
Requested by
Host: www.yyzzbaby.com
URL: https://www.yyzzbaby.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
81ab472b1dce1d9c9963902ee0077de0a2e13d75c8e82a6f38da84e6718ced7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:04:37 GMT
x-content-type-options
nosniff
age
3802
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
fife
etag
"v2865"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 11 Dec 2022 10:43:11 GMT
csi
csi.gstatic.com/ Frame AFB0
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lc1wdje7&c=5827804630475&slotId=2913902315237.5&fb=simid_trueview&fbv=1.0.0&gqid=n-umY8v8AdaOjuwPov6f4A0&qqid=CJzTr4ackvwCFZjUdwodR-8MTA&sdkv=h.3.549.0&sei=44748969%2C44750824%2C44765701%2C44768716&simid_ssss=unknown&simid_cturl=1&simid_cturi=1&simid_fs=0&simid_ns=adHandles&simid_vda=1&simid_vd=0-0-800-450&simid_ap_aturl=0&simid_ap_f=TRUEVIEW&simid_ap_is=1&simid_ap_it=1&simid_trvc_e=s_pi
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/simid/simid_trueview_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/
510 KB
510 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash
6ef107460a18e1b8831508b76794eab5a7c94a9a7e8c06f109a8f315db4aad84

Request headers

Referer
https://www.yyzzbaby.com/
vdoai
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=1161652-1683539

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Sat, 30 Jul 2022 00:41:28 GMT
Server
nginx/1.20.1
ETag
"62e47e38-13305090"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 1161652-1683539/321933456
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
521888
Expires
Sun, 24 Dec 2023 12:07:59 GMT
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://www.yyzzbaby.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Sat, 24 Dec 2022 12:07:59 GMT
Expires
Sun, 24 Dec 2023 12:07:59 GMT
Server
nginx/1.20.1
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68511dbc2989f9330b3d03ae127d1abb4a2b2389d06454ef4ba51ce352e82d3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11018
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 30FA
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBon3n-umY9yHBJip3wPH3rPgBLaNpItu2YrGobMQ4-SDpa4kEAEgrNaJRmCV4pCCoAegAe7JlO8CyAEFqQJsf92vI9CxPuACAKgDAZgEAKoE1AJP0Gs7cYpO4shnryDyc94F6vnOksGCtrv2-nyU-dmfPI3uiSwe404iMu2LxBJq_uBsrjHgN3azDbOe0q4y6oikPnG2NxzfBUEctJ0fWmdAuiC82OpIpo5V4s-B6HTIamUlAWDs-0iPZmlsnhTQjWR1Yfh9bkJuejOYvwtQQVFz1a094Uu2gsTZhXfiJeyORC9yxHFlR04HKZVSSB1DKhm0jNDfd3tIaog35luTwm22QXUudsiExspN-SCfz9SoEKkH00_zyxWYR61mhxgFIXkNj_CEsHnEzcDAWMwwOYR7UP0XhtK1Tvyp5qjy-C-Gs3CB1_cn5Tq_pY5z2jCIgyyNbVDtefClAUwpQAp23UxsVP5bWZWjRXlSNMpOafWp-9_QJkwNxaunxJUVi4o7fPohvDP0yo8DCBmixu88kQTOvQDWqLI9AJdDQFCD7B2xvXqJNe0ewATrhJ3NggTgBAGIBZqNje5BkgUICAMQAhgBUAGgBlSAB_q165ABqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcBqAgB0ggRCIDhgBAQARgdMgKqAjoCgECxCSaK9JMTQa0JgAoDmAsByAsB0AsPuAwBmg0BD7ATq7HVEdgTAtgUAdAVAZgWAagWAfgWAYAXAQ&sigh=pvUrybjWtwk&label=video_ad_loaded&sdkv=h.3.549.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2MzUxNjM3NjQwOTIMNjA4ODAwODg2ODM3QJMEUiMQDyUAADRCKAE6C3Y5dzYtdUFUX2lVQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 30FA
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 14:03:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511449
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 14:03:50 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 30FA
0
0
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C0Op8n-umY9yHBJip3wPH3rPgBLaNpItu2YrGobMQ4-SDpa4kEAEgrNaJRmCV4pCCoAegAe7JlO8CyAEFqQJsf92vI9CxPuACAKgDAZgEAKoE1QJP0Gs7cYpO4shnryDyc94F6vnOksGCtrv2-nyU-dmfPI3uiSwe404iMu2LxBJq_uBsrjHgN3azDbOe0q4y6oikPnG2NxzfBUEctJ0fWmdAuiC82OpIpo5V4s-B6HTIamUlAWDs-0iPZmlsvhQwVd5ypTqmljiDoiQoWjOCe2t-2qA-4ksTsn_ojXeeIsSOMuAEU_ZDgikBKZXip_aQaBm0g9_fd56zgYsNExhmwe32tHRbdcgGI8m4ejCfONddE6sHJkwGyBeYsq6RhBgF1Hj4jPCGRXoxzsHArc_EOoR7pf7ihdK1u_9c5ajyDSxzsHCBAuTv4Rt9aIhiCMePmG52YFu_c9AFDg8AABPyDST7keLbRIijcC1G-3fHqOJ0Y0_pHctknf9f3n5-l9TQVRZn2z0eywSqIDuizfzP-hiQVgv0qL4p9NEkTrqIzh2_q-XgbbnmtsAE64SdzYIE4AQBkgUICBsQAhgBUAGSBQgINxAFGApQAaAGVIAH-rXrkAGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEMq3pAGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATq7HVEcITBhjuyZTvAsgTi7De4APYEwLYFAHQFQGYFgGoFgGAFwGyFx4KHAgAEhRwdWItNzA5NDY3Nzc5ODM5OTYwNhjEixc&sigh=Kga3LiItfas&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N9zyCrZG9xRxFsXqyt-y6qbfw3Nbi4kw9Y93z2-NdkrTuwuVBbNgl4sSbr7JQw7dssabE-K7drGAEgEw&sdkv=h.3.549.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

B27029422.324843224;dc_trk_aid=517134159;dc_trk_cid=164403333;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMImo2N7kGoAsa45wGwAouw3uADQDsQ3ODkAQgMc5cwz4M1897PAzp0Cyc=;ord=35108...
ad.doubleclick.net/ddm/trackimp/N485604.3473192DV360_PH_DE/ Frame 30FA
42 B
533 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N485604.3473192DV360_PH_DE/B27029422.324843224;dc_trk_aid=517134159;dc_trk_cid=164403333;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMImo2N7kGoAsa45wGwAouw3uADQDsQ3ODkAQgMc5cwz4M1897PAzp0Cyc=;ord=3510831703;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=6833333406763186245;dc_av=520;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?gclid=EAIaIQobChMInNOvhpyS_AIVmNR3Ch1H7wxMEAEYASAAEgIOi_D_BwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 30FA
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C72Bzn-umY9yHBJip3wPH3rPgBLaNpItu2YrGobMQ4-SDpa4kEAEgrNaJRmCV4pCCoAegAe7JlO8CyAEFqQJsf92vI9CxPuACAKgDAZgEAKoE0QJP0Gs7cYpO4shnryDyc94F6vnOksGCtrv2-nyU-dmfPI3uiSwe404iMu2LxBJq_uBsrjHgN3azDbOe0q4y6oikPnG2NxzfBUEctJ0fWmdAuiC82OpIpo5V4s-B6HTIamUlAWDs-0iPZmlsnhTQjWR1Yfh9bkJuejOYvwtQQVFz1a094Uu2gsTZhXfiJeyORC9yxHFlR04HKZVSSB1DKhm0jNDfd3tIaog35luTwm22QXUudsiExspN-SCfz9SoEKkH00_zyxWYR61mhxgFIXkNj_CEsHnEzcDAWMwwOYR7UP0XhtK1Tvyp5qjy-C-Gs3CB1_cn5Tq_pY5z2jCIgyyNbVDtefClAUwpQAp23UxsVP5bWZWjRSFT_pVFOyCYaVoFkCn5c6I9WLy8F6S4sdWiWVPXwCwJIQFJTWsVOLoMlC7ORBToLxSsg3mv9JpREx99wATrhJ3NggTgBAGIBZqNje5BoAZUgAf6teuQAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOrsdUR2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=kCIqFhwBWxk&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D45000%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883679686%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.18%26t%3D1671883679461&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2MzUxNjM3NjQwOTIMNjA4ODAwODg2ODM3QJMEUiYQDyUAADRCKAE6C3Y5dzYtdUFUX2lVQglnb29nbGVhZHNI3QFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 30FA
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvM3-1D_6LlANAG-29Uj0lBObnPMfPD0A3cLiDrWHQSOtcaxo2YKw_amj-5oYtIC_AqxIJiJErL1oT7ta6l0_A0fvuHQSeg0HCN9e5OMAVKBj4v5wm8lTvVN4890wWlweGH5WgGZIY3gQNRatwN04ATC1HTxajw4O1H&sai=AMfl-YT1wAdJ6o5UHa9ekHoVBhoS1t22XfD6VPJ4yyUQntWn6RZ2c5AEpnWex4eIT_tS3h5gh7s8Qw2aL5oa81D7LkdMFcW7iiWsjf2YZnGnY-v_JIBHWF7xWP0s-8paOA&sig=Cg0ArKJSzEjBLgzoZIdyEAE&cid=CAQSOwDq26N9zyCrZG9xRxFsXqyt-y6qbfw3Nbi4kw9Y93z2-NdkrTuwuVBbNgl4sSbr7JQw7dssabE-K7drGAEgEw&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D45000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883679687%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1671883679461&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame 30FA
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=6833333406763186245&acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D45000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883679687%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1671883679461?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=6833333406763186245;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D...
ade.googlesyndication.com/ddm/activity_ext/ Frame 30FA
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=6833333406763186245;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D45000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883679687%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1671883679461?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 30FA
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C72Bzn-umY9yHBJip3wPH3rPgBLaNpItu2YrGobMQ4-SDpa4kEAEgrNaJRmCV4pCCoAegAe7JlO8CyAEFqQJsf92vI9CxPuACAKgDAZgEAKoE0QJP0Gs7cYpO4shnryDyc94F6vnOksGCtrv2-nyU-dmfPI3uiSwe404iMu2LxBJq_uBsrjHgN3azDbOe0q4y6oikPnG2NxzfBUEctJ0fWmdAuiC82OpIpo5V4s-B6HTIamUlAWDs-0iPZmlsnhTQjWR1Yfh9bkJuejOYvwtQQVFz1a094Uu2gsTZhXfiJeyORC9yxHFlR04HKZVSSB1DKhm0jNDfd3tIaog35luTwm22QXUudsiExspN-SCfz9SoEKkH00_zyxWYR61mhxgFIXkNj_CEsHnEzcDAWMwwOYR7UP0XhtK1Tvyp5qjy-C-Gs3CB1_cn5Tq_pY5z2jCIgyyNbVDtefClAUwpQAp23UxsVP5bWZWjRSFT_pVFOyCYaVoFkCn5c6I9WLy8F6S4sdWiWVPXwCwJIQFJTWsVOLoMlC7ORBToLxSsg3mv9JpREx99wATrhJ3NggTgBAGIBZqNje5BoAZUgAf6teuQAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOrsdUR2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=kCIqFhwBWxk&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D45000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883679689%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1671883679461&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2MzUxNjM3NjQwOTIMNjA4ODAwODg2ODM3QJMEUiYQDyUAADRCKAE6C3Y5dzYtdUFUX2lVQglnb29nbGVhZHNI3QFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=6833333406763186245;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 30FA
42 B
494 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=6833333406763186245;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D45000%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883679689%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1671883679461?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 30FA
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C72Bzn-umY9yHBJip3wPH3rPgBLaNpItu2YrGobMQ4-SDpa4kEAEgrNaJRmCV4pCCoAegAe7JlO8CyAEFqQJsf92vI9CxPuACAKgDAZgEAKoE0QJP0Gs7cYpO4shnryDyc94F6vnOksGCtrv2-nyU-dmfPI3uiSwe404iMu2LxBJq_uBsrjHgN3azDbOe0q4y6oikPnG2NxzfBUEctJ0fWmdAuiC82OpIpo5V4s-B6HTIamUlAWDs-0iPZmlsnhTQjWR1Yfh9bkJuejOYvwtQQVFz1a094Uu2gsTZhXfiJeyORC9yxHFlR04HKZVSSB1DKhm0jNDfd3tIaog35luTwm22QXUudsiExspN-SCfz9SoEKkH00_zyxWYR61mhxgFIXkNj_CEsHnEzcDAWMwwOYR7UP0XhtK1Tvyp5qjy-C-Gs3CB1_cn5Tq_pY5z2jCIgyyNbVDtefClAUwpQAp23UxsVP5bWZWjRSFT_pVFOyCYaVoFkCn5c6I9WLy8F6S4sdWiWVPXwCwJIQFJTWsVOLoMlC7ORBToLxSsg3mv9JpREx99wATrhJ3NggTgBAGIBZqNje5BoAZUgAf6teuQAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOrsdUR2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=kCIqFhwBWxk&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=admute&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D45000%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883679691%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,11,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1671883679461&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2MzUxNjM3NjQwOTIMNjA4ODAwODg2ODM3QJMEUiYQDyUAADRCKAE6C3Y5dzYtdUFUX2lVQglnb29nbGVhZHNI3QFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=6833333406763186245;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%...
ade.googlesyndication.com/ddm/activity_ext/ Frame 30FA
42 B
107 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=6833333406763186245;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D45000%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883679691%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,11,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.18%26t%3D1671883679461?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
logger
analytics.vdo.ai/
0
321 B
XHR
General
Full URL
https://analytics.vdo.ai/logger
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns555277.ip-54-39-16.net
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yyzzbaby.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=event&_s=14&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=video_loaded&el=v-yyzzbaby&_u=aEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=496161021
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33904
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=event&_s=15&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview_match&el=v-yyzzbaby&_u=aEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=84982106
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33904
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=event&_s=16&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview_match&el=v-yyzzbaby&_u=aEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=381493220
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33904
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 565F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKcUen-umY736A66NjuwPz8uySAAAAAA4AeAEAg&bg=!fX6lfjrNAAYgquz3AKo7ACkAdvg8WojvmewKQ-TLjK5lgaJY-Nw3dKNXAfB3-Bg6nVh-jX853IEX-gIAAABwUgAAAAJoAQeZA15D29nvEZe6QH6sN_GznSL3aKKzf9AIFlALUS2pnSxMCBiTG4ZnhhED_5PhXVnsFskPBYktwVdI0TDwVEVhccnfh_bow3WD3XMK1temPcK0JzneTfuRX9dQu7PErBMqRAx-0FhqWLjBqs1p5lXSfrhTMawixRR66tyrWqyHKOQFDxQlwRhETlTppz30St86QgyE8d9CyW5FomyG2c2XaXOGSzcjkj-GixrcEBky5HuNyEqh75FIQiQtv50LoWzuMr-2AvHW4ZqZaB2Xv8vz6AGSJZIboa6Hku-kLX4Hytj5u7oqX1ii7YX2amwJz2DVM_27yW2_B6s44g4k1Hx2xcJfwl7yXJm1lj2fsx_Q7xPewAGhrnQSp2_LDIlu8CRoojTBDNkNxY2Q31_eLepT2YYfTgO6PU-amc5DicIPkM0fCPH9WpSp0YHzw9bhy4FiuBVhclp8fbr7d5ke4nUbpdAVGmtcN86PCrdu6Gjmy9omL9c3SPMqZ8tdYSe38prQhKlLeSVwdC4fcUbVOBsgT2KvhlH0EaSiRh4afUvv2XKkdiDrVoqv073OkH8XsRyhPi3GMVMAMEwyi2-MNVolKokrMAKcJ0UKEDjoHamdqzr_D7O9AR1F3iTSsUaE5KtPEnhlzikO_B85nVwa_VGo8qPZMCRMnSm3Fr_PVut9JTQ6-Sx8Xq-2RmwQOhoUMVkL6XdQsopYnInJbNyZCSjqiNqpkdSl-KB47JLx48AUZVK8fT6vIgOiODHED-9BTiRlbpE-VzgibICE__O0zR3v8Ki8mAJ_dxpeROoOqX0hVmdB2axB2BwVBllfZCxKLjK5Ijg4biOTzi5qR4ZiDn7u5JhLmejriMPEEOZq9e9xVw0DkSlHu13ioadYk6qqtb-iu6Q1ePTk-rq2SXxTp8nYPCOsKAYevd7T-h8eQiTfQG6ad2q2RI-sZMcGI-SGiVjVwdEHgj6k7GKMkDfj1-n_S8abA1gXUy_CW6cpBj8stWKqGq2w3PICJU8ySwG5HbXWY9IGiaMgdWMRXrBFta1VxxWLMFKv3s-cKgkbR17Cxb4tG2BR85jqBC3vVreQA25LYVgzvsvaG6hfNmw2w-74dKmEorVu9N8eL9GTP0ztrkgFpEQHljUpl2-Pki1NbUQd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:07:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071222
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 12:07:59 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 70F8
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7839
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 09:57:20 GMT
expires
Sun, 24 Dec 2023 09:57:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame 70F8
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 10:51:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D2F1
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9814
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 09:24:25 GMT
expires
Sun, 24 Dec 2023 09:24:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5009
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7179da419f5e94b8a11b24fff676d049d56e23f43f11b899470b052a48c118ec
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SS1ZldjLPZHaaT2s0wddbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-SS1ZldjLPZHaaT2s0wddbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:07:59 GMT
expires
Sat, 24 Dec 2022 12:07:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/
474 KB
474 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash
22553f1d94455c4c330848568251cd9fe263a34b2f17ed640a1378c02ff7cb18

Request headers

Referer
https://www.yyzzbaby.com/
vdoai
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=1683540-2168579

Response headers

Date
Sat, 24 Dec 2022 12:07:59 GMT
Last-Modified
Sat, 30 Jul 2022 00:41:28 GMT
Server
nginx/1.20.1
ETag
"62e47e38-13305090"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 1683540-2168579/321933456
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
485040
Expires
Sun, 24 Dec 2023 12:07:59 GMT
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://www.yyzzbaby.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Sat, 24 Dec 2022 12:07:59 GMT
Expires
Sun, 24 Dec 2023 12:07:59 GMT
Server
nginx/1.20.1
sodar
pagead2.googlesyndication.com/pagead/ Frame 5009
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120601&jk=2455065715707127&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame D2F1
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 10:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Dec 2023 10:51:16 GMT
truncated
/ Frame 30FA
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
playback
s.youtube.com/api/stats/ Frame 30FA
0
0
Image
General
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&el=adunit&cpn=uU6VDiKU1x_NP-fR&docid=v9w6-uAT_iU&ver=2&cmt=0.220&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fimasdk.googleapis.com%2Fjs%2Fcore%2Fbridge3.549.0_en.html&len=45.000&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=108.0.5359.124&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::71 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 70F8
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.549.0&bgai=Bb4-Kn-umY9yHBJip3wPH3rPgBAAAAAA4AboFEwiLyK2GnJL8AhVWh4MHHSL_B9w&bg=!5-Sl5KDNAAYgquz3AKo7ACkAdvg8WpEAmn6kZlodZPVzSPVODTLXKkN1osoqTK_8REFAdWKijUYquQIAAABWUgAAAAJoAQeZAqJSjHVpdewcv_j5PfZS0mHk7bS4D8mCE2aYuHvgthrkkFXK7rWey8gQEWm272eYPT9qfWu1K_2nYH7sCt8bS_dnXIFPIjCgWukYgI5n-u-kKX-CiVRDX4DdiJgtmlBjy9q0uxOm0sEx_kWjHjy8_w8lXOBZ6fraScnM8aoxXzPkDIyl57dAI2xW0lHJgILcUVGtXmJjFWP-pgg4ahnXWatp3eTmAydi5EzZuXpEzdgZYIKy1cBKv4ts-VoIRsuuXRlUApdgynAtpZsn1vvFc1p-T_vUWp2DdA7Bu0SHtg98vE14xwI3xPf3f7EHa_O9tX-aBkjP6hAm4SRthSrMgetntpL_QCIEVxBQnEBie7cITM3vSMtvU_zn6LaWQhNmkWnNH7PV0bDHF3bE-SnUUBE7flI9V3n4QEdfS6EjCS3F7V7rl3d08XfamukY4ErXoXajEwrkTdopjLjdBVwPaHrYgGve_s_sVutagSVFPNmxIsmdjEE7bJd81ig0P1763CTUf1GecwJIR3i4KBfpDhqh6Wy18aapDW4Eg0RLzdzHo6bCppcPL7vYVCM-_D7O-OC6DTvN69pvCvDCO0YHWPP7S85kg-ncnwWtONw8wbTP971LWYUZ7mVH0QYexuB0aJE_sDQwuKB3FdGj9YmJCt9tqp_ygDLZUV4Xa-f1dKnPb9jttv-yfL9unodouRH251-UiHZVfn-B4LDd2gYeGSlIRrGw2XOCtz_-B9xgzWDutbS4ASZlOQpmyQOEzRpRS26YO9y0LwSut1bBoXSfz_AOp4t27CwhWDlJX5o1fgHuNt9Iy08EbXvUoOrAmhkIhqukfecAsib89lL8HlGqrRtHcjxRwPheinCTHTANyRU2iRSF1SQd10XZva02ZfmW2C0MRw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame D2F1
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?EHZ6HA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:08:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ev
eb2.3lift.com/ Frame 7939
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ev?inv_code=adasia_allpublishers_display&aid=3704257862038289135010&rev=2369ca4&pr=Y6brngAFYaUK4DEWAAKHTilMVqwrjNgngttkrQ&bc=0.049&bmid=5989&biid=6021&sid=106025&brid=498733&adid=421730024&crid=25975648&ts=1671883678&bcud=49&ss=5&caid=0&unid=0&cepos=0&ceid=0&cb=36007
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:08:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/
510 KB
511 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash
8aa63ed53e6e4390677fd9b471bc163a58d6f2c16792619539da4d46d8e3bf32

Request headers

Referer
https://www.yyzzbaby.com/
vdoai
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=2168580-2691031

Response headers

Date
Sat, 24 Dec 2022 12:08:00 GMT
Last-Modified
Sat, 30 Jul 2022 00:41:28 GMT
Server
nginx/1.20.1
ETag
"62e47e38-13305090"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 2168580-2691031/321933456
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
522452
Expires
Sun, 24 Dec 2023 12:08:00 GMT
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://www.yyzzbaby.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Sat, 24 Dec 2022 12:08:00 GMT
Expires
Sun, 24 Dec 2023 12:08:00 GMT
Server
nginx/1.20.1
activeview
pagead2.googlesyndication.com/pcs/ Frame FA87
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqoECueSleKcvRVodOWJvFgn4P2zexrRAj2SITwF-m9AEWC4PJ0BpoVBFMLGh7bAfboq1qTuel4RNIp_kXiz6VMBxWPzeipVFNT_hBgO63EL_h7vucLSi7l_GcnctjO7G4YfMgFg&sai=AMfl-YQJSjfjbNiuc9tradA0DfgJmX0JQYRuNfJBhmhtioT23Cscvt-TeG5XTNiZ-tj48njlD0f23-TH4KYQ5kU3UAEL40kaV0sWwNyaZVTG3WinkXAhQ6aOsmiBeu9CIg&sig=Cg0ArKJSzKurJxTbNEzqEAE&cid=CAQSOwDq26N9aBKJT-3W-4dN2qDrfJtMWoj_O6e8u-qOLOlkeeNq2fCmnCAX7KndpQztnQ7UmpOGm1e_O2dLGAEgEw&id=ampim&o=436,571&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=559&tls=1559&g=100&h=100&tt=1559&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/
451 KB
451 KB
XHR
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Requested by
Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash
e7c29a6aafafa891b8ed82a4a604629789ba94f8715a95e651f734b6dd705305

Request headers

Referer
https://www.yyzzbaby.com/
vdoai
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=2691032-3152383

Response headers

Date
Sat, 24 Dec 2022 12:08:00 GMT
Last-Modified
Sat, 30 Jul 2022 00:41:28 GMT
Server
nginx/1.20.1
ETag
"62e47e38-13305090"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Content-Range
bytes 2691032-3152383/321933456
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
461352
Expires
Sun, 24 Dec 2023 12:08:00 GMT
1648451910386241614604bf3.ts
h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/ Frame
0
0
Preflight
General
Full URL
https://h5.vdo.ai/media_file/v-yyzzbaby/source/uploads/videos/1648451910386241614604bf3.ts
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.235.114.204 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5018842.ip-15-235-114.net
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
vdoai
Access-Control-Request-Method
GET
Origin
https://www.yyzzbaby.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Sat, 24 Dec 2022 12:08:00 GMT
Expires
Sun, 24 Dec 2023 12:08:00 GMT
Server
nginx/1.20.1
activeview
pagead2.googlesyndication.com/pcs/ Frame 38F8
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEpG8dXCzS8BXoTsOnUBV7LnRiBWiNw5OAfvRNtIOXXLDjim3IpMsvdWYo57vW6egXTdqQbMNAF7NJfrT_UAk2I1DK2a1bhNI&sig=Cg0ArKJSzEsrRFs4zqe4EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671883679035&rpt=390&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7939
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPoOof7gu74qEcgNsDmonxDpIoVMbkHUNlenQVC3EUcLzwbPpiyFe1MtzuKBaxRQM4BGC4jtlzPypFvslohIB1CzlY&sig=Cg0ArKJSzBuwXm3Q-W-KEAE&cid=CAASF-RoUQSV_xoAAVEFGfj3y88gL_N_IGZY&id=lidar2&mcvt=1002&p=1110,436,1200,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=390099101&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671883678670&rpt=811&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120601&jk=2455065715707127&bg=!-vml-b3NAAYgquz3AKo7ACkAdvg8WpFbJIrLhU2TJfLjxwENnp8UlS5wXwFkDTrCMuFngASvu_Z1CAIAAAB3UgAAAAJoAQeZAtcRDpI-grSS4BO--YWWVKRuqawjJo9QerNPGYG-6WEOxCxcNewQj5sxjbnVMiYjHRpXmncfCOnLO6wD3tUA1qQ9A8mJsHwz92DQJotGioXYOvjv2JUn6CSJWE8XhD3Hqwzt7OXlVVbZMLkqeTbHhLHrWPwtzg6SYqe8XFM-mOvVjscThFP7DUhXNeURg_El7aDCSgMaD2VvKwq5bmsIdDM9tQj2FXdMSQGHhsPC0rDZCuiAaY7UVjKcFQ_8qQeRYoUcx1D_SqBueZLHhNgQL5oUy8NdZcIyyP-ie2u9kGvqmBssRHdOoGi46PYdZdCK4tpveWSVczfSxQUFDeh3mmbOxLo1AYT6BkZV-Smubj1pXWnOx4eR7iRYiHFQN7RIAOv2OCorlimtgRxV5QoDprwk7dFVuD9C25PBku_z1XlkaaMwT5tHMyYXtGTZxu_uv5PMo_tj8YGU15Jr__K8wx7MDeFr9S1SLf0G5PENDfiCvJNLjSn3wIbxrqGr1NxprWnMrnc0ncdDPaOhhsLGUGzabjHsdpyErj7JLXHsaNNJSS8j0qQQrzAo1f9wqjX9YltdDFRuQ6yln7puA7LzhktvN8nFqDxz95Gv1fI5eRKNsH5_ReiC2ZTgryeryvYgfWDzYz4PN4h7WH_KazHhEAFJXawcQNJZI28MkgQwwcf40G5trX3P83xdxPeLa2xPrtYQv3KzmXbM2fxEON1noupZkElAg3J7o-85ui02SCF1IFmQ5fzN5lAvbeJ3SKQdeJ1uXD00w4kONmNFQjPndWIQxjkxfZ9lOqGjDMI_tGxtLVh7TOrpoN8-R5uAYcYJwpuiEKBA7r4WC5ZZ_6yFRFbkuJnQDMkPjfD59h7tgTEMJvN0wn5tUU1vCc16fZlSbpTJ8l5H7FeZrjImFcyplj6VXfQVwfsHwsAebsDQzUe4rICjLEiUaILi2RfNqGRuCP0DLtA0z9nK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

csi
csi.gstatic.com/ Frame AFB0
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lc1wdjeq&c=5827804630475&slotId=2913902315237.5&fb=simid_trueview&fbv=1.0.0&gqid=n-umY8v8AdaOjuwPov6f4A0&qqid=CJzTr4ackvwCFZjUdwodR-8MTA&sdkv=h.3.549.0&sei=44748969%2C44750824%2C44765701%2C44768716&simid_ssss=unknown&simid_mds=-1000&simid_trvc_e=s_psc&met.4=vss_pp.ds
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/simid/simid_trueview_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lc1wdjbo&c=8567818601437&slotId=4283909300718.5&met.4=hvd_lc.lc1wdjbo~hvd_ad.lc1wdjbo~hvd_mad.lc1wdjbo~hvd_admu.lc1wdjbo~hvd_src.lc1wdjbo&ps=800x450
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=358926428&t=event&_s=17&dl=https%3A%2F%2Fwww.yyzzbaby.com%2F&ul=en-us&de=UTF-8&dt=YYZZ%20Baby&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=impression_video&el=v-yyzzbaby&_u=aEDAAUABCAAAACgCI~&jid=&gjid=&cid=285876916.1671883677&tid=UA-113932176-41&_gid=710856035.1671883677&gtm=2oubu0&z=1463457378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33906
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 30FA
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvM3-1D_6LlANAG-29Uj0lBObnPMfPD0A3cLiDrWHQSOtcaxo2YKw_amj-5oYtIC_AqxIJiJErL1oT7ta6l0_A0fvuHQSeg0HCN9e5OMAVKBj4v5wm8lTvVN4890wWlweGH5WgGZIY3gQNRatwN04ATC1HTxajw4O1H&sai=AMfl-YT1wAdJ6o5UHa9ekHoVBhoS1t22XfD6VPJ4yyUQntWn6RZ2c5AEpnWex4eIT_tS3h5gh7s8Qw2aL5oa81D7LkdMFcW7iiWsjf2YZnGnY-v_JIBHWF7xWP0s-8paOA&sig=Cg0ArKJSzEjBLgzoZIdyEAE&cid=CAQSOwDq26N9zyCrZG9xRxFsXqyt-y6qbfw3Nbi4kw9Y93z2-NdkrTuwuVBbNgl4sSbr7JQw7dssabE-K7drGAEgEw&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D2043,0,0,0,0%26mtos%3D2043,2043,2043,2043,2043%26amtos%3D0,0,0,0,0%26mcvt%3D2043%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2043%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D637%26pst%3D433%26dur%3D45000%26vmtime%3D1805%26dtos%3D2043%26dtoss%3D1%26dvs%3D2032%26dfvs%3D2032%26dvpt%3D2032%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883681723%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2043,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.18%26t%3D1671883679461
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame 30FA
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=6833333406763186245&acvw=sv%3D941%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D2043,0,0,0,0%26mtos%3D2043,2043,2043,2043,2043%26amtos%3D0,0,0,0,0%26mcvt%3D2043%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2043%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D637%26pst%3D433%26dur%3D45000%26vmtime%3D1805%26dtos%3D2043%26dtoss%3D1%26dvs%3D2032%26dfvs%3D2032%26dvpt%3D2032%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883681723%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2043,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.18%26t%3D1671883679461?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=6833333406763186245;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D941%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D2043,0,0,0,0%26mtos%3D2043,2043,2043,204...
ade.googlesyndication.com/ddm/activity_ext/ Frame 30FA
42 B
63 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=6833333406763186245;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D941%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26tos%3D2043,0,0,0,0%26mtos%3D2043,2043,2043,2043,2043%26amtos%3D0,0,0,0,0%26mcvt%3D2043%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2043%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D637%26pst%3D433%26dur%3D45000%26vmtime%3D1805%26dtos%3D2043%26dtoss%3D1%26dvs%3D2032%26dfvs%3D2032%26dvpt%3D2032%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883681723%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2043,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.18%26t%3D1671883679461?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.yyzzbaby.com%2F&domain=www.yyzzbaby.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=r6f1SnxUYzhZVUZvRkFzNXNPTERWRWJaQmlhd3pWMWd2RG9GLzE5VnJjK0xkWHhObGlSRWVmbU0xMy9KajlpLy8zQk5zdUFpSlFKcUZQQ0Zob25FQzRiNSs0WXk3UVlMdGxVVEV5ZFEvQzNENFFvS1o4U3l0S0lONGpmVn...
418 B
692 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=r6f1SnxUYzhZVUZvRkFzNXNPTERWRWJaQmlhd3pWMWd2RG9GLzE5VnJjK0xkWHhObGlSRWVmbU0xMy9KajlpLy8zQk5zdUFpSlFKcUZQQ0Zob25FQzRiNSs0WXk3UVlMdGxVVEV5ZFEvQzNENFFvS1o4U3l0S0lONGpmVnFzTUdaNFYxcVQrV1ZtcElReW8xd2VSVlRvWG1zWWlQdUVRLzgrOGdVRE5EUElRaG9qYVM2Skh0bGZ6N051R3JtaUJpRldIZzg2c2QxM0FOTmV4aDZkTi9mdEN4bWMzV0tvejJoa1lLSlhyOHBxOHk2bVR1VlZpWXRVQkFRZ1gvUFhUTTVKdEgyQ1pHL2tSTXQ3SFoxUHp1ZVdXalFZcmQ1c1JrWC9oc2w3TjZoMTVwYVZuST18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0eae48e93a133ad5179f0a6512d4ffb73ef903b3c3f0f1a42d0e37dc67184392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1936809
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=r6f1SnxUYzhZVUZvRkFzNXNPTERWRWJaQmlhd3pWMWd2RG9GLzE5VnJjK0xkWHhObGlSRWVmbU0xMy9KajlpLy8zQk5zdUFpSlFKcUZQQ0Zob25FQzRiNSs0WXk3UVlMdGxVVEV5ZFEvQzNENFFvS1o4U3l0S0lONGpmVnFzTUdaNFYxcVQrV1ZtcElReW8xd2VSVlRvWG1zWWlQdUVRLzgrOGdVRE5EUElRaG9qYVM2Skh0bGZ6N051R3JtaUJpRldIZzg2c2QxM0FOTmV4aDZkTi9mdEN4bWMzV0tvejJoa1lLSlhyOHBxOHk2bVR1VlZpWXRVQkFRZ1gvUFhUTTVKdEgyQ1pHL2tSTXQ3SFoxUHp1ZVdXalFZcmQ1c1JrWC9oc2w3TjZoMTVwYVZuST18&cppv=2
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
517260
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.yyzzbaby.com%2F&domain=www.yyzzbaby.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.yyzzbaby.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.yyzzbaby.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 24 Dec 2022 12:08:02 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
435868
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 660D
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=153817
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sat, 24 Dec 2022 12:08:03 GMT
expires
Mon, 26 Dec 2022 06:51:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FDB2
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60271
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 12:08:03 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
100, 327182
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220040-HHN
X-Timer
S1671883683.292421,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame EF11
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Dec 2022 12:08:03 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 32F0
23 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU3VM41V&prvid=2034%2C2033%2C2031%2C2030%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C9%2C208%2C2055%2C3020%2C173%2C251%2C175%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2022%2C182%2C141%2C222%2C10000%2C228%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0138e023c3eb18b740540c0a0c5485730715c4336190fa4c7114834d1bce2902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8267
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 12:08:03 GMT
expires
Mon, 26 Dec 2022 12:08:03 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync
eb2.3lift.com/ Frame 5F4F
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/7735/prebid_2022_12_16_11_20_4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.yyzzbaby.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sat, 24 Dec 2022 12:08:03 GMT
pixelSync
pixel-sync.sitescout.com/dmp/
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 24 Dec 2022 12:08:02 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
cookie
cm.adform.net/
43 B
105 B
Image
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:08:03 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=
  • https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-D8qGPaBE2uHs4vom6KmpGOt1ui1LJcIBmDpcRBM-~A&gdpr=0&gdpr_consent=
0
459 B
Image
General
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-D8qGPaBE2uHs4vom6KmpGOt1ui1LJcIBmDpcRBM-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.93.93.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-93-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

location
https://a-prebid.vidoomy.com/setuid?bidder=verizonmedia&uid=y-D8qGPaBE2uHs4vom6KmpGOt1ui1LJcIBmDpcRBM-~A&gdpr=0&gdpr_consent=
date
Sat, 24 Dec 2022 12:08:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
a-prebid.vidoomy.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3947707574299169722
0
426 B
Image
General
Full URL
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3947707574299169722
Protocol
H2
Server
54.93.93.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-93-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
vary
Accept-Encoding, Origin
expires
0

Redirect headers

Date
Sat, 24 Dec 2022 12:08:03 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
57b5a2a9-65a3-417e-83f2-5831a18a91f9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=3947707574299169722
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=c2614d24-d5bc-49e3-b08d-ca5569fe04c9
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=vidoomy&bsw_custom_parameter=c2614d24-d5bc-49e3-b08d-ca5569fe04c9
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=aee1031c-7cdd-4bdd-a927-b2b64b1dd078&ssp=vidoomy&expires=30&user_group=5&bsw_param=c2614d24-d5bc-49e3-b08d-ca5569fe04c9
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c2614d24-d5bc-49e3-b08d-ca5569fe04c9
43 B
466 B
Image
General
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c2614d24-d5bc-49e3-b08d-ca5569fe04c9
Protocol
H2
Server
54.93.93.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-93-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.yyzzbaby.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:08:03 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c2614d24-d5bc-49e3-b08d-ca5569fe04c9
date
Sat, 24 Dec 2022 12:08:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 660D
3 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66520961&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c7f6406d90a70c8fff0730f0307e5960b5267cb2c97fa93506842290711eb0db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 12:08:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 1294
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:989163a6-eba0-4900-882f-4601cb76453c&gdpr=0&gdpr_consent=
42 B
325 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:989163a6-eba0-4900-882f-4601cb76453c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 12:08:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 24 Dec 2022 12:08:03 GMT
Expires
Sat, 24 Dec 2022 12:08:02 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master zrh-pixel-x13 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:989163a6-eba0-4900-882f-4601cb76453c&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 0080
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=615023845212102004
42 B
193 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=615023845212102004
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 12:08:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=615023845212102004
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 7EAC
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 12:08:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 12:08:02 GMT
expires
Sat, 24 Dec 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1628158
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2933
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F767B67-5106-4654-8F5F-8F36A0E45D18&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F767B67-5106-4654-8F5F-8F36A0E45D18&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F767B67-5106-4654-8F5F-8F36A0E45D18&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 24 Dec 2022 12:08:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
PC9JC0HG8Q9EGMVFE7XN

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 24 Dec 2022 12:08:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F767B67-5106-4654-8F5F-8F36A0E45D18&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
F4V75NJN9VHHKFC7ZQR7
Pug
simage2.pubmatic.com/AdServer/ Frame 7985
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3947707574299169722&gdpr=0&gdpr_consent=
42 B
297 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3947707574299169722&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 12:08:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
a1bbb0e7-3692-450a-82dc-dfce60bcb2f0
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 24 Dec 2022 12:08:03 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3947707574299169722&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 4046
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Z_XX4DSkj7B89IfkZKSbsmOghuR884fmaP57Jztf
42 B
341 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Z_XX4DSkj7B89IfkZKSbsmOghuR884fmaP57Jztf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 12:08:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 24 Dec 2022 12:08:03 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Z_XX4DSkj7B89IfkZKSbsmOghuR884fmaP57Jztf
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 4BF3
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180685719748933776&gdpr=0&gdpr_consent=
42 B
323 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180685719748933776&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 12:08:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sat, 24 Dec 2022 12:08:03 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7180685719748933776&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 660D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P3Z7Z1EGRlSPX482oORdGA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:08:03 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=153817
accept-ranges
bytes
content-length
5554
expires
Mon, 26 Dec 2022 06:51:40 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 660D
95 B
382 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3F767B67-5106-4654-8F5F-8F36A0E45D18
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:08:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77e9385cad3abbce-FRA
access-control-allow-headers
*
content-length
95
qmap
sync.crwdcntrl.net/ Frame 660D
49 B
263 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3F767B67-5106-4654-8F5F-8F36A0E45D18&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-211-146.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.21
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 660D
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=611868835
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3F767B67-5106-4654-8F5F-8F36A0E45D18
0
277 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3F767B67-5106-4654-8F5F-8F36A0E45D18
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
via
1.1 google
last-modified
Sat, 24 Dec 2022 12:08:03 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3F767B67-5106-4654-8F5F-8F36A0E45D18
date
Sat, 24 Dec 2022 12:08:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 660D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Y3NjdCNjctNTEwNi00NjU0LThGNUYtOEYzNkEwRTQ1RDE4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 12:08:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 660D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC3Jj8zo3BEik71W02eJX6U&google_cver=1
42 B
297 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC3Jj8zo3BEik71W02eJX6U&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 12:08:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC3Jj8zo3BEik71W02eJX6U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 660D
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:08:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 23 Dec 2022 12:08:03 GMT
generic
match.adsrvr.org/track/cmf/ Frame 660D
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 660D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5463142829037364157
42 B
219 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5463142829037364157
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 24 Dec 2022 12:08:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5463142829037364157
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
3F767B67-5106-4654-8F5F-8F36A0E45D18
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 660D
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3F767B67-5106-4654-8F5F-8F36A0E45D18?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:17a1:3e8:dac1:363e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:08:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 660D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3F767B67-5106-4654-8F5F-8F36A0E45D18&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GzIz59BE2uUYR3IgCMwnlaZjYSFK7Ho-~A&gdpr=0&gdpr_consent=
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GzIz59BE2uUYR3IgCMwnlaZjYSFK7Ho-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:08:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GzIz59BE2uUYR3IgCMwnlaZjYSFK7Ho-~A&gdpr=0&gdpr_consent=
date
Sat, 24 Dec 2022 12:08:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 660D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c2614d24-d5bc-49e3-b08d-ca5569fe04c9&gdpr=&gdpr_consent=&gdpr_pd=
1 B
184 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c2614d24-d5bc-49e3-b08d-ca5569fe04c9&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 12:08:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c2614d24-d5bc-49e3-b08d-ca5569fe04c9&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 24 Dec 2022 12:08:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=r6f1SnxUYzhZVUZvRkFzNXNPTERWRWJaQmlhd3pWMWd2RG9GLzE5VnJjK0xkWHhObGlSRWVmbU0xMy9KajlpLy8zQk5zdUFpSlFKcUZQQ0Zob25FQzRiNSs0WXk3UVlMdGxVVEV5ZFEvQzNENFFvS1o4U3l0S0lONGpmVnFzTUdaNFYxcVQrV1ZtcElReW8xd2VSVlRvWG1zWWlQdUVRLzgrOGdVRE5EUElRaG9qYVM2Skh0bGZ6N051R3JtaUJpRldIZzg2c2QxM0FOTmV4aDZkTi9mdEN4bWMzV0tvejJoa1lLSlhyOHBxOHk2bVR1VlZpWXRVQkFRZ1gvUFhUTTVKdEgyQ1pHL2tSTXQ3SFoxUHp1ZVdXalFZcmQ1c1JrWC9oc2w3TjZoMTVwYVZuST18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 24 Dec 2022 12:08:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
471609
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame FDB2
0
863 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:08:03 GMT
AN-X-Request-Uuid
225eb148-953e-46ff-a174-62557e18d106
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame EF11
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
83ca0319ef45d9c77d544b1559e685f05c266b8009a4b9db93c0bb6b4ff78c0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 12:08:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Dec 2022 10:50:53 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81770
Connection
keep-alive
Content-Length
10067
Expires
Sun, 25 Dec 2022 10:50:53 GMT
pixel
cm.g.doubleclick.net/ Frame EF11
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ4MWU5OWI4Mjg3YmUxYTM4YjY3ZjBkNzBkZmJkNWNjMjYzOGM3Yg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ4MWU5OWI4Mjg3YmUxYTM4YjY3ZjBkNzBkZmJkNWNjMjYzOGM3Yg
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmQ4MWU5OWI4Mjg3YmUxYTM4YjY3ZjBkNzBkZmJkNWNjMjYzOGM3Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame EF11
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame EF11
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxV0RIQTYtMUMtTTFVTg==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxV0RIQTYtMUMtTTFVTg==
Protocol
H3
Server
142.251.39.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxV0RIQTYtMUMtTTFVTg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame EF11
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5iSk1RvcSiysRB24uuymlQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5iSk1RvcSiysRB24uuymlQ
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5iSk1RvcSiysRB24uuymlQ
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:08:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MGQR7BWKYVGMPHHDVCTJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=5iSk1RvcSiysRB24uuymlQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EF11
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OgBcQPnqLk1aF_ShlvV6GMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ioXhuNRE2oItbsI0bqNRozXZ7jZ1cTlo4Wo35A--~A
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ioXhuNRE2oItbsI0bqNRozXZ7jZ1cTlo4Wo35A--~A
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 24 Dec 2022 12:08:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ioXhuNRE2oItbsI0bqNRozXZ7jZ1cTlo4Wo35A--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame EF11
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1WDHA6-1C-M1UN
0
706 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1WDHA6-1C-M1UN
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:08:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0C84A328B4804421BEE80075387F039C Ref B: FRAEDGE1521 Ref C: 2022-12-24T12:08:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwkcERvc/HYuqYdYo1qw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1WDHA6-1C-M1UN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EF11
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=T57XCnRfSEWqSrU5E6nd0w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=T57XCnRfSEWqSrU5E6nd0w
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=T57XCnRfSEWqSrU5E6nd0w
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:08:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XT84JA8YFK62982HQZZT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=T57XCnRfSEWqSrU5E6nd0w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EF11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGSK9umQeDICf2eIRJHNAuU&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGSK9umQeDICf2eIRJHNAuU&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGSK9umQeDICf2eIRJHNAuU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame 1E0B
1 B
377 B
Image
General
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?224808575-6882479;4082875;0-310-0-5471457E13125D-911208567-0x0x50x0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:08:03 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 12:08:03 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame 4ABF
1 B
377 B
Image
General
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?224808575-6882479;4082875;0-310-0-54719E56D09C10-766331152-0x0x50x0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:08:03 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 12:08:03 GMT
pixel.gif
px.moatads.com/ Frame 4189
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=8&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRIPLELIFT1&ol=275522191&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-NiIrBeoFGpG4fz6GF1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-9G8YTaADD%2Bh2gA%3D%3D&sc=1&os=1-AA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.yyzzbaby.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.yyzzbaby.com&lp=https%3A%2F%2Fwww.yyzzbaby.com&t=1671883678573&de=316409543895&cu=1671883678573&m=5409&ar=67fa5e2a4e8-clean&iw=b667516&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&lf=309&lg=1&lh=49&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A1400%3A403&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5194&cd=50&ah=5194&am=50&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=7207%3A39761%3Aundefined%3A10&bo=5989&bd=yyzzbaby.com&gw=triplelift879988051105&zMoatOrigSlicer1=5989&zMoatOrigSlicer2=470044&zMoatTactic=undefined&zMoatPixelParams=aid%3A45304938713870492186720%3Bsr%3A10%3Buid%3A0%3B&zMoatJS=3%3A-&hv=Triplelift%20Override%201&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=2&jm=1&tc=0&fs=201243&na=1043234084&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 24 Dec 2022 12:08:03 GMT
ft.stat
stat.flashtalking.com/reportV3/ Frame D590
1 B
377 B
Image
General
Full URL
https://stat.flashtalking.com/reportV3/ft.stat?224808575-6882479;4082875;0-310-0-5471A0FFDE97AD-259222545-0x0x50x0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-47.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:08:04 GMT
Last-Modified
Thu, 28 Jun 2012 14:38:09 GMT
Server
AkamaiNetStorage
ETag
"c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type
text/plain
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1
Expires
Sat, 24 Dec 2022 12:08:04 GMT
async_usersync
ib.adnxs.com/ Frame FDB2
0
863 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 12:08:04 GMT
AN-X-Request-Uuid
304425e2-f995-4cc2-a7dc-6c2492acb284
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 30FA
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C72Bzn-umY9yHBJip3wPH3rPgBLaNpItu2YrGobMQ4-SDpa4kEAEgrNaJRmCV4pCCoAegAe7JlO8CyAEFqQJsf92vI9CxPuACAKgDAZgEAKoE0QJP0Gs7cYpO4shnryDyc94F6vnOksGCtrv2-nyU-dmfPI3uiSwe404iMu2LxBJq_uBsrjHgN3azDbOe0q4y6oikPnG2NxzfBUEctJ0fWmdAuiC82OpIpo5V4s-B6HTIamUlAWDs-0iPZmlsnhTQjWR1Yfh9bkJuejOYvwtQQVFz1a094Uu2gsTZhXfiJeyORC9yxHFlR04HKZVSSB1DKhm0jNDfd3tIaog35luTwm22QXUudsiExspN-SCfz9SoEKkH00_zyxWYR61mhxgFIXkNj_CEsHnEzcDAWMwwOYR7UP0XhtK1Tvyp5qjy-C-Gs3CB1_cn5Tq_pY5z2jCIgyyNbVDtefClAUwpQAp23UxsVP5bWZWjRSFT_pVFOyCYaVoFkCn5c6I9WLy8F6S4sdWiWVPXwCwJIQFJTWsVOLoMlC7ORBToLxSsg3mv9JpREx99wATrhJ3NggTgBAGIBZqNje5BoAZUgAf6teuQAagHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOrsdUR2BMC2BQB0BUBmBYBqBYB-BYBgBcB&sigh=kCIqFhwBWxk&cmd=Ch1jYS12aWRlby1wdWItNzA5NDY3Nzc5ODM5OTYwNhAAGAI&label=video_skip_shown&ad_mt=5258&acvw=sv%3D941%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D119,400,569,1200%26p0%3D119,400,569,1200%26tos%3D5293,0,0,0,0%26mtos%3D5293,5293,5293,5293,5293%26amtos%3D0,0,0,0,0%26mcvt%3D5293%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5293%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1437%26pst%3D433%26dur%3D45000%26vmtime%3D5257%26is%3D275%26i0%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5293,5293,5293,5293,5293%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D1394%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D28,0,0,0,0%26avms%3Dexc%26qi%3D140424604%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26pnmm%3D1671883676710%26ptlt%3D1671883684973%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,5293,0%26ss0%3D0.18&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.18%26t%3D1671883679461&sdkv=h.3.549.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU2MzUxNjM3NjQwOTIMNjA4ODAwODg2ODM3QJMEUiYQDyUAADRCKAE6C3Y5dzYtdUFUX2lVQglnb29nbGVhZHNI3QFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 12:08:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 660D
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:08:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVhjua4FqM8FtKxWlXjwXwllStP0DV9LcERT0tTjP-UXwfjDDZN5ODUGQ7a1gdWxg5qDR9os4WCZscTeS-JdbpEl0frc1msfYkG7lCb2gyvYVDyTDN0u4R4vn28cpe1Ff27aUlIw&sai=AMfl-YT4MvdigOVDVRi_bdOlYWmexiRum5PWFQiopaF-hiEMKK3zP12mjaCvCHcFbckv0U9nLZU8MXHPQBLi4fKDbmL6Nn0W5AHendBRePcdesj-kzIKPFmkasNz8vbda3DANfqbCCAnGlv_Q6vNy-w&sig=Cg0ArKJSzFp1HUWSp0ZeEAE&cid=CAQSSwDq26N9YLBl0kR1Rb8knyYftDeWIwaQ6ndOziN6FGRBYjoR_sZv-3NSciuU8F-Q-rfXr1Gale6qL6ecsOkVFHQ2lxg5gB83-zu3fBgBIBM&id=lidartos&mcvt=264&p=572,436,662,1164&mtos=264,264,264,264,264&tos=264,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=847536670&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1671883677557&rpt=909&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontentvisibilityautostatechange function| $ function| jQuery object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS object| PWT object| atspbjs object| _hmt string| vdo_analyticsID function| vdo_analytics function| logPixel object| requestObject function| logError object| w_vdo object| d_vdo function| insideSafeFrame object| dataLayer object| vdo_ai_ boolean| vdoHlsUrl string| GoogleAnalyticsObject function| vdo_ga function| initVdo object| google_tag_manager object| google_tag_data object| atspbjsChunk object| _pbjsGlobals object| mnet object| Criteo object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| ggeac object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| vdoCompanionGptSlot number| refreshInterval boolean| vdo_companion_event object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| vttjs function| WebVTT function| vdo_videojs object| pbjs_vdoChunk object| pbjs_vdo string| nobidVersion object| nobid string| vdo_lastLocation object| closure_lm_520710 number| apploadingmetrikayt object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady boolean| _bdhm_loaded_717591447bd95ee9eb6b80570e688fc0 object| mini_tangram_log_n2uask object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_ba function| sync16589_b undefined| sync16589_c undefined| sync16589_ca undefined| sync16589_d function| sync16589_e object| sync16589_g function| sync16589_da function| sync16589_ea object| sync16589_ object| sync16589_ha object| sync16589_o object| sync16589_ta object| sync16589_K function| sync16589_aa function| sync16589_a function| sync16589_f function| sync16589_h function| sync16589_i function| sync16589_j function| sync16589_k function| sync16589_ga function| sync16589_fa function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_p function| sync16589_ia function| sync16589_ja function| sync16589_r function| sync16589_ka function| sync16589_s function| sync16589_t function| sync16589_q function| sync16589_u function| sync16589_la function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_y function| sync16589_z function| sync16589_A function| sync16589_B function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_C function| sync16589_ma function| sync16589_G function| sync16589_H function| sync16589_na function| sync16589_oa function| sync16589_I function| sync16589_J function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_L function| sync16589_M function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_Q function| sync16589_R function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_Z function| sync16589_X function| sync16589__ function| sync16589_Y function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_3 function| sync16589_8 function| sync16589_ua function| sync16589_4 function| sync16589_6 function| sync16589_va function| sync16589_wa function| sync16589_9 function| sync16589_7 function| sync16589_5 function| sync16589_xa function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_$ function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea object| lotame_sync_16589 object| zfgstorage object| z0uzhgap0iq object| zfgformats function| onClickTrigger boolean| zfgloadedpopup object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_132 object| Criteo_identitytag_132 object| pbjs function| setImmediate function| clearImmediate object| regeneratorRuntime object| ox_esp object| closure_lm_897653 number| vdoCompanionRefreshTimer object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

80 Cookies

Domain/Path Name / Value
www.yyzzbaby.com/ Name: PHPSESSID
Value: 6p5111bvne0mmqhc27ejapenc7
.www.yyzzbaby.com/ Name: lrgarden_lang
Value: en
www.yyzzbaby.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.yyzzbaby.com/ Name: _ga
Value: GA1.2.285876916.1671883677
.yyzzbaby.com/ Name: _gid
Value: GA1.2.710856035.1671883677
.yyzzbaby.com/ Name: _gat_gtag_UA_113932176_41
Value: 1
.rubiconproject.com/ Name: khaos
Value: LC1WDHA6-1C-M1UN
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoQXm0tUMEXIT5APvdogVCbaTd6KyMQnaub55ZO9yeic5EFDkSx01tD5q4NFxcQjzVScVXYQls1sOBxGCOXoSK1pN9XcvuOONvc6UO785F0Pw==
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: CD16C349AB9BC349
.youtube.com/ Name: YSC
Value: lO_b1ViVtRE
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: mqJsL_1J380
.yyzzbaby.com/ Name: Hm_lvt_717591447bd95ee9eb6b80570e688fc0
Value: 1671883678
.yyzzbaby.com/ Name: Hm_lpvt_717591447bd95ee9eb6b80570e688fc0
Value: 1671883678
.yyzzbaby.com/ Name: lotame_domain_check
Value: yyzzbaby.com
.yyzzbaby.com/ Name: __gads
Value: ID=063d8549da2ec36e:T=1671883677:S=ALNI_Mah_MM0gB9B42eIIS4Z9oVuKH1ZCw
.yyzzbaby.com/ Name: __gpi
Value: UID=00000b97ec4af742:T=1671883677:RT=1671883677:S=ALNI_MazEHmG0MMzfNW-fCupP09-h2jL2A
.criteo.com/ Name: uid
Value: bf94c799-e5f5-4dbf-914d-5699bfe1aa31
.doubleclick.net/ Name: IDE
Value: AHWqTUnfkyKXCYKyZ7GgqpwYb9dlUTIRk-JoYuFdLp1UzJSNlRvoLYYdMWvQPaK_Sdw
.openx.net/ Name: i
Value: a2a72147-570e-45a4-a9a8-5f34f35308b7|1671883678
.doubleclick.net/ Name: DSID
Value: NO_DATA
.vtracy.de/ Name: tr_dt
Value: 2022-12-24+13%3A07%3A58
.vtracy.de/ Name: tr_id
Value: vi-25bc84e2-726b-4108-98f2-63755cb83e60
m.exactag.com/ Name: exactag_new_gk
Value: 18894a5588c7421aa260356655ce02f8%7C22.02.2023%2012%3A07%3A58
m.exactag.com/ Name: exactag_new_uk
Value: c166f65c24984a4f916330d7a841333c%7C
m.exactag.com/ Name: session_session
Value: 0bb3bff62b3946e689b0db8e
.casalemedia.com/ Name: CMID
Value: Y6brngDy3T.SrBxh72BEjQAA
.casalemedia.com/ Name: CMPS
Value: 5133
.casalemedia.com/ Name: CMPRO
Value: 5133
.casalemedia.com/ Name: CMTS
Value: 1212
.w55c.net/ Name: wfivefivec
Value: jOCuwdkt1P93jM5
.simpli.fi/ Name: suid
Value: 10EA215385C54622BB76DD2713459AB8
.adfarm1.adition.com/ Name: UserID1
Value: 7180685719748933776
.w55c.net/ Name: matchcasale
Value: 5
.vtracy.de/ Name: tr_aasd_pm_dach
Value: 2022-12-24+13%3A07%3A58
.mathtag.com/ Name: uuid
Value: 989163a6-eba0-4900-882f-4601cb76453c
.bidswitch.net/ Name: tuuid
Value: c2614d24-d5bc-49e3-b08d-ca5569fe04c9
.bidswitch.net/ Name: c
Value: 1671883679
.bidswitch.net/ Name: tuuid_lu
Value: 1671883679
.vtracy.de/ Name: tr_gsd_pm_dach
Value: 2022-12-24+13%3A07%3A59
.quantserve.com/ Name: mc
Value: 63a6eb9f-2125b-d2f02-51098
.bidswitch.net/ Name: google_push
Value: AavPq0PymMKJcLp5VXs7JkqDigh6TSZ14R3JApy20h1f4mDcnm4sVgprR95E6de6uWdM4ybmzxsoV1iCtnnc_877lGsxtlnlHJbb
.yahoo.com/ Name: A3
Value: d=AQABBJ_rpmMCEApXkGUeGZYnnfu1PwKybkkFEgEBAQE9qGOwYwAAAAAA_eMAAA&S=AQAAAlRiN0cDIh7MBVq4ZRuFJeo
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3F767B67-5106-4654-8F5F-8F36A0E45D18
.adnxs.com/ Name: uuid2
Value: 3947707574299169722
.blismedia.com/ Name: b
Value: 63A6EB9F6113405E4DDBD9F8BLIS
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU)mAg/>!]tbPl1M>e)ZlrFUfJ+tGXxpCHjhSQDY]#OB)x4iDV15VESbp8Zsn8w_kjZh3If)y3KL9D3I?+Db/$ar
.tribalfusion.com/ Name: ANON_ID
Value: a9nseFs2aF9pAJsbYL7LZdvZaqFXY4FXjRyqOEXE3prk6OCsEGbQZcAjtmCTTsRS11HHO5EWMPWkk5EBtLGRfH4
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158497:3
.pubmatic.com/ Name: DPSync3
Value: 1673049600%3A201_227_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1672704000%3A63%7C1673136000%3A35%7C1673049600%3A161_54_8_251_220_21_13_7_56_3_71%7C1674432000%3A203%7C1672444800%3A223
.quantserve.com/ Name: d
Value: EI4BDgHxJ4EO-TA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~2910:195v~2910:18z8~2910"
.zeotap.com/ Name: zc
Value: 2c40a5ab-4b1e-4d15-655a-680206f3ff73
.rqtrk.eu/ Name: browser_id
Value: 1:db402730-d504-4aba-934c-fbcf1425fc56
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7180685719748933776&KRTB&23278-7180685719748933776&KRTB&23369-7180685719748933776
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3947707574299169722&KRTB&23339-3947707574299169722
.pubmatic.com/ Name: PugT
Value: 1671883683
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:989163a6-eba0-4900-882f-4601cb76453c&KRTB&16736-uid:989163a6-eba0-4900-882f-4601cb76453c&KRTB&23019-uid:989163a6-eba0-4900-882f-4601cb76453c&KRTB&23208-uid:989163a6-eba0-4900-882f-4601cb76453c
a-prebid.vidoomy.com/ Name: SSCookie
Value: 1
.vidoomy.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ2ZXJpem9ubWVkaWEiOnsidWlkIjoieS1EOHFHUGFCRTJ1SHM0dm9tNkttcEdPdDF1aTFMSmNJQm1EcGNSQk0tfkEiLCJleHBpcmVzIjoiMjAyMy0wMS0wN1QxMjowODowMy4zNDQ3NDQwMzRaIn19LCJiZGF5IjoiMjAyMi0xMi0yNFQxMjowODowMy4zNDQ3NDExMThaIn0=
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-c2614d24-d5bc-49e3-b08d-ca5569fe04c9
.de17a.com/ Name: guid
Value: 1.615023845212102004
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-Z_XX4DSkj7B89IfkZKSbsmOghuR884fmaP57Jztf&KRTB&19420-Z_XX4DSkj7B89IfkZKSbsmOghuR884fmaP57Jztf&KRTB&22979-Z_XX4DSkj7B89IfkZKSbsmOghuR884fmaP57Jztf&KRTB&23403-Z_XX4DSkj7B89IfkZKSbsmOghuR884fmaP57Jztf
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEC3Jj8zo3BEik71W02eJX6U&KRTB&16514-CAESEC3Jj8zo3BEik71W02eJX6U&KRTB&23025-CAESEC3Jj8zo3BEik71W02eJX6U&KRTB&23386-CAESEC3Jj8zo3BEik71W02eJX6U
.adform.net/ Name: C
Value: 1
.yyzzbaby.com/ Name: cto_bundle
Value: Xgvphl9oVHl1TzNCVUlNMjZPUnl1ZmZPQW5TdllsSFoyaVBmUzhnbmthRyUyQjZ3MWZNdzNnQlFSZkZrUTJ5MVRPQzV6UlBYaVJOTGc5MWFHWlhYMFVRcTNYNWxzVlBVWWxPOTRqazFUVXR5ZEd1UFpkVkVhenZLOWN0enFYd1ZLRTduYUowejQ0SkloaGZmUFY2eDFqUzVPc2dudyUzRCUzRA
.yyzzbaby.com/ Name: cto_bidid
Value: dVacVF93SnQ5TjkwUXFJcWdPYzJzellEZUkzdzFqJTJGTmd6VVVsdDIwTE5kQjZGaXJQWGlVeHZpdDZyaiUyQlZLNnBqQSUyRkZyWDV1bXhsUlJzJTJGRnV5TG9aeW9mc0g3SHd5aHZpaFZtbUJjTGtGNEx6YXFRJTNE
.weborama.fr/ Name: AFFICHE_W
Value: oNi-xl30SjSg12
.pubmatic.com/ Name: SPugT
Value: 1671883682
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-615023845212102004
.adform.net/ Name: uid
Value: 5463142829037364157
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5463142829037364157&KRTB&23263-5463142829037364157
.creative-serving.com/ Name: tuuid
Value: aee1031c-7cdd-4bdd-a927-b2b64b1dd078
.creative-serving.com/ Name: c
Value: 1671883683
.creative-serving.com/ Name: tuuid_lu
Value: 1671883683
.amazon-adsystem.com/ Name: ad-id
Value: A6XoNmrKO0AQjnkOvaP0oiI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImMyNjE0ZDI0LWQ1YmMtNDllMy1iMDhkLWNhNTU2OWZlMDRjOSIsImV4cGlyZXMiOjE2NzQ0NzU2ODN9fX0=

9 Console Messages

Source Level URL
Text
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ads.pubmatic.com/AdServer/js/pwt/1006845/8989/pwt.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://z.moatads.com/triplelift879988051105/moatad.js(Line 137)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3F767B67-5106-4654-8F5F-8F36A0E45D18&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

232126bf5c2c01524e7b5436ebc00378.safeframe.googlesyndication.com
a-prebid.vidoomy.com
a.teads.tv
a.tribalfusion.com
a.vdo.ai
a.vidoomy.com
a4338.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-events.flashtalking.com
ad.doubleclick.net
ad.yieldlab.net
ade.googlesyndication.com
ads.creative-serving.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
analytics.vdo.ai
anymind360.com
bcp.crwdcntrl.net
bedrapiona.com
bidder.criteo.com
c1.adform.net
cdn.ampproject.org
cdn.flashtalking.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cr.frontend.weborama.fr
csi.gstatic.com
d.vidoomy.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
geo.moatads.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
h5.vdo.ai
hbopenbid.pubmatic.com
hm.baidu.com
ib.3lift.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.lrgarden.com
inklinkor.com
js-sec.indexww.com
m.exactag.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prebid.media.net
prg.smartadserver.com
pubads.g.doubleclick.net
px.ads.linkedin.com
px.moatads.com
red.vtracy.de
reypelis.tv
rr3---sn-5hne6nsr.googlevideo.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s.youtube.com
s0.2mdn.net
securepubads.g.doubleclick.net
servedby.flashtalking.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
stat.flashtalking.com
static.criteo.net
sync.crwdcntrl.net
sync.mathtag.com
tags.crwdcntrl.net
targeting.vdo.ai
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ups.analytics.yahoo.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
www.yyzzbaby.com
x.bidswitch.net
yt3.ggpht.com
z.moatads.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
103.235.46.191
104.109.57.2
13.248.245.213
13.32.99.28
13.41.112.146
13.41.244.204
139.45.197.234
141.95.33.111
142.250.180.226
142.250.185.198
142.250.186.98
142.251.39.2
15.235.114.204
151.101.129.108
151.101.129.55
162.19.141.161
172.64.151.162
172.64.154.237
178.250.0.163
178.250.2.146
178.32.210.227
18.66.97.88
184.30.20.22
184.30.20.47
185.170.63.50
185.29.132.241
185.64.189.115
185.64.190.77
185.64.190.80
185.80.39.216
185.89.210.244
198.47.127.20
2.17.245.32
2.18.233.180
2.18.37.133
205.185.216.10
213.155.156.164
23.37.42.132
2600:9000:2250:c600:a:e047:752:5701
2602:803:c003:200::31
2606:4700:10::6816:1857
2606:4700:10::6816:3556
2606:4700:20::681a:2e3
2606:4700:20::681a:854
2606:4700:3030::ac43:d31d
2606:4700::6810:5714
2606:4700::6812:18ad
2606:4700:e0::ac40:6803
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c00::71
2a00:1450:400d:805::200e
2a00:1450:400d:808::2001
2a00:1450:400d:808::2002
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::200a
2a00:1450:400d:80e::2002
2a00:1450:400e:6::8
2a00:1450:4019:80d::2003
2a02:2638:1::3
2a02:2638::1c
2a02:2638::24
2a05:d018:d29:3602:17a1:3e8:dac1:363e
2a06:98c1:3121::3
3.121.53.43
3.124.135.253
3.126.56.137
34.102.146.192
34.107.148.139
34.111.129.221
34.111.131.239
34.120.135.53
34.91.62.186
34.96.105.8
34.98.64.218
35.186.253.211
35.71.131.137
37.157.3.30
37.157.6.233
52.29.214.155
52.29.215.64
52.46.130.91
52.59.97.181
54.229.195.56
54.39.16.115
54.73.211.146
54.93.93.30
67.220.228.202
69.173.144.139
69.173.144.165
85.114.159.93
85.14.248.71
96.16.132.239
98.98.134.242
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0138e023c3eb18b740540c0a0c5485730715c4336190fa4c7114834d1bce2902
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06a7a4aaf7d24fe25c456fd70efb10c13a63b0dc9563de6f9278e57ffeaf1549
07093f511458f36f0c0d3422c628cdfb0a6edf449762bf4993b7f9b4c4d60dab
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
0a30a6b65c41c70772e7cb14c88c2b7c9bbd617147f04c74e333638f1eb46b00
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eae48e93a133ad5179f0a6512d4ffb73ef903b3c3f0f1a42d0e37dc67184392
0f16f24b66ab2f8d364f360596dd838468383673c7d67a7cb8c0886b121d7f3f
0ffeb07223d185f5aa0ea14081ee9c86d8a98b77ca6f2d82c207dcbda7dc6657
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37
14f01a2aacbbf6e8a1c478b6ec257753335ebafc85e9648bc98e4aa8fd182150
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17acb3e35c480f440a8da6988c21f764d28514ec8854cb0d15761aa732c032a4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e3b4ab6b2ab006e1018912fcb7eb99f9afdb18598b71158be4751327e80a8a7
1ea06b223dd402e83dc8207f0c48b1b3ec7148c9f9e9d9956071cc1c7493b473
217bf8dfd4bc7f055e294046da98d137fcf0651b36e1b6e88469080b186b8876
22553f1d94455c4c330848568251cd9fe263a34b2f17ed640a1378c02ff7cb18
24290643ea43476bfa1726627006849784d64855ad9aaa0ab8d71126f3e1fdf2
2755f8fb12b0fe84bcdffde2932bb003db9271cccdc97d2b63ba7bc0bac4fb02
2854ee6c8bcefae5af92a25ec828db621fe0994f01e1afa0c3240c9cd8c2b53f
2a8101f11114ca87d824533fb4736871a34d4987a07e9c327c6365e3fed667e5
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2c53bdf8ce054fec6b12a00b59590cbf4b16db24970dbb3fdb0664ea3d635885
2dd59e2bd6e6dc473d4e0df661276c855fa19e965241e999efa903c96581d161
2f542e969c79b4ae3e03954481a961001a66096a6ca43ba4df2af140ce99bef0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
307cc96dc20a8c27c9a8798f07a45e9009dca9a309a852c3e4c7e114f4c1ec7b
312f9a35c3e594216f8ee311d915c5342c50246d4c82eeb62012ca3e1b389eab
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3204c081baa8c5037a27a2f1b82517e726f1d64923a3498b1799363fd8dbe72a
34f32b0e530a8ede0753fb1b2a54dba3f8e03edc3dfc1f5f6cbabd9d018c415f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
374b556b4b1a745a1694a0cb9aae4ce31bf10508f2af944173af7339a47ebcd9
390ecb6c9f6f98cdbef1b99cfab9bfc10223a8ed125b81e4d4cdc64838c61013
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e6de88fab8d42c6d2cd1463bdfc7c04ea208984c2bd4001da3a567c169cb1ce
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404e8cfc4fc8d0f06b1f744aa470d001d26f2daaca3a9a9b1072f509f09557f6
468907f51d74e48ecd47d52465f954c56b978fbaf1506566b997a6d87e793b9f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495449ef2972a1894abb489bedb06ea9f4de2a9236fa1eaee0beeb59be588607
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d84c0dc0fee49ba1d62f95002673c1681cee960bc64ed67ddb4069ecd6753d1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
532db41f5a1087c4787573a9e0605a5981d001eb412aec57cbe7113f8b334eb7
535ab67187aba8c401c2506c6aa002e66387bad5efc8839e55bb5466e4107a41
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e4659c23e4a26d918573426b16dbd6a8c0525237d3e49b1e2feab765768a38
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b3114e86007b6bd1f03f16a0e8783792d324cd4b3fb6905f8c00b21f1faa93
576203c50b573fb2c705bfe9f0789e676d66d0d597cb11ea0c7ac4bdba4845d6
58de19b9b52f611b37f9842712aba148a24854dd26c7851a88e34faf1be8d477
5ab1b0a057d2bd20012562459bc3bad3b1ca065f4a566cf988fa180ef5f78513
5eb488082a08298e66073f680152a04417fdf118c67745c389223142c889a4aa
5f188bd596926e30a865819ba8e19e526f0c4ad77babe539688b7bb905b8faed
5f3a1784f038e4babee51af87e5a377668820cac09f9c994a8c96be1023796f1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6654a63b00bdd0bf9d5826c7ab72a84f9e5647ecd6c2ace67503456319b1838e
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
66c6a65b77e9a8ba512aa82b3d1f541c10f951539fd72099b10ea52be3892534
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
68511dbc2989f9330b3d03ae127d1abb4a2b2389d06454ef4ba51ce352e82d3b
6a77912e8fe1229d50aaa6a59e935ebd933084e3a9169c2cc250b400fc41427d
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b5ef7861572324f3e9d49c9284d10e8e582e1bc44694394afdf5bdc0e6bd0cd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce04a60c063696e0d0f34ecc37268c375958e42be80902801c798311fd9fd34
6e1be6d7aa07838a3596867380fb111875bc6e1be4fe1862d6563446748d87bb
6e7a4a5ee8eefebadc1a32ddb66d5fa6a97e3b92eb533ff172172f7ca5d9b195
6ef107460a18e1b8831508b76794eab5a7c94a9a7e8c06f109a8f315db4aad84
702b1af26958fe0b2bfb3689d1438a9846209bb76343049a48f6a92b691a6b30
7064222dda30364ef7ad969521cbf75891b23b6c6b697e1685ab799d9b8550a9
7179da419f5e94b8a11b24fff676d049d56e23f43f11b899470b052a48c118ec
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
732117ac92a33b760d9290a33f1541762ee9449dc417ea249b5a0df50738ad16
776f17cd31d68310982a0a8fbbf0c1699ee98edeea10428b7fa9a26fe954d208
77820b3fdeb559c7105dc2ea853a959b6452edbb8ee77f840cf9b422215f245c
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
79e86049a33a4706f4e46501c1268f61536aa9ed3943113c308076b2403c53f4
7d2e3f0f8f846d781a15b9a95828e0d503ea231c0b7f65d883e6d6d16b8c1d4f
7ec2b29096b119e0d33066f109b86bd25438f02717af7003af528941f932b8b2
7f7e482b3ff63b1236b09e88dcca137dda8be0173960109c3ce96ebc19794e18
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80cfb7e3c871391d862a62cbe884e880054d4eec2a1a9d0584780f71843f61f5
81491ddf5323b14471a6c51eb7f9a6cdaf353d38ad4433d350e31aa6c12c9a37
81ab472b1dce1d9c9963902ee0077de0a2e13d75c8e82a6f38da84e6718ced7d
82463ea172654963701647923a9556b3ac722c65f17d94877407553adbd94bc9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83768c7f0d6eb72f1cb72d0a5d1f9ae35d315c79c16e3dece2db317497c3bb49
83ca0319ef45d9c77d544b1559e685f05c266b8009a4b9db93c0bb6b4ff78c0f
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86da92138feec7e4c98ea16945ee8ab227a04cd3aa0a38fcb1a990777b638e0e
896065599d162442f45106ffece970d68db172c0b8f671c4cf3c4560ba381525
8a0cbf8ef2220ce5f03b50666488811c3b118a7b29ef1b06ee28f563cd029b38
8aa63ed53e6e4390677fd9b471bc163a58d6f2c16792619539da4d46d8e3bf32
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e6d697fe302923a307416328b42656c9fee161661cd6ea5fbc8a5d34a13e022
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
9847db39a8a4a7cf193c8941e5eeaa5c5f575fdbdabfb1a0ef369f10cdf59354
98b6e4dd8a8673c207030be6e44d440b5794ae8da9c44c58c1cab8ef15e053c1
99bba4a59cda8325295ef7b7c6d963654b38a4ae035bfeba1db07410d0085773
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9bc037bd21b64c738431daeb5b7657d4f87039a1fa5dfffb5b7ffaa8c2e5ae31
9c0bb96e373b6b52fc25ec3cf9688542c2a2e28b96abcdb174e3d9b3b9a1b737
9c8c4819f65dd12131d77a7b5d4a5ef6ab87a7385ed7aaaab68ebca112c0b1ff
9d57b09e07b91dd0cb8d16facdd08366d8e024253edbcd48c9d66409981ee5c1
9e4198838093f8141f5365cda089d0f7a80b213db5df754b4c3a3760234fc8fc
9ed516ef3950eb7cbfa73503874351e8d279279bb013cb6f6e2bda637ead7cbf
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fe4261bb70be8a59c1f208863c34bb29082f78ab96f81bb7696ee2c72b7954
a1616a86a0e40e78fe8337e37e8857cdcbd5904d9db0bd407aa7cf68a24940e8
a22c68c3919bc17cc40d16b4f03777eb997258ad0a2c6040099978451a5110ef
a2cef147f59ba3c90ea2d5a2d4897f9c126b5d71b472d5625cd484fa232ef0c1
a43c7dbe1ba1ff9d4698bc3fe9e894c59075c0a4dc27ba86522095180fcf5407
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a82bf22c844d10d55df025c24025bf464dc175da5f439fa0411cb10e953c4e8d
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
a9924d42491609faed097bf67ef5d7f62638831061c17d69097a91c4c60088a3
ab79d75854050d545dc226e87d89007670f6904ee0fbfec6568d41e8c8e2076c
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
ad3a7717de7d3df6c1bddc599b5dfe15a71d3fe2b4e4249b196ec4209bc9c2f9
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
af13a30138885d11d6115eefb7429a65d839e96d829f90dde42a37ef9ef0a0d6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44
b335c5a59830f8cbb2f0e8dd6efa924d8021692eae705ae849149e71557ed44f
b391c9b20be2ae5c5386431f8a021c80d8b0eee8048f02b71c06c033fe92f076
b409d34b98cd33d26f4cab9115bb8cd21b7a299c6818156160e7782781e99f7c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b45c3eba87d7d61a1e69f064b5534eb02b11db75408ad95b070ad55b3378cdca
b4acff4ef8d3ab6468f4ea7a30988d5a3c06a2947c7de7cb1f366f3a2c167522
b4b777bbcda5eaa3b5622eca18b80cdd90e68e031fc7dd9837f4feb0088ddf72
b50cdb72502d6a6ac4475b1147d4ba2bfdb4e375114fa31245ab1929691d90ea
b653c1bf24cad57820eb09c7955c744567fc06fb5e333634d663b9e538240097
b812885648b40e2a26eea562a823b6b59815ffbb94eb059f693e8848b2f1da95
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd59f0124fee43d4bff324feab47b2a40065aff5a924a18891a709c61de660df
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c08e765e11da22d3768a7d2d19d5dccbe2072f3d79ee41bab4bd521601bbfa0f
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3439c58be3e221294edeade9aa3f18982d1aecdeaca41576ccd5e9c51f8d616
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c4db351e7b79f5ed215ba61fae34b3eebc733da305e877826b17fc2de3c90cd8
c6cad571a51929df501cf37965050f9b95588f53ff99bd1d8e84e18838607b8b
c7430434f3c19cd05cffe74ec0b16c2b695f730cbde8ccb8a8f3b331d90fa753
c7c138da1fdc59bf23aa67ebdd07bbdee63b5febffff46ceeb908becfde514cb
c7d9aee23556fe305cf14f7df66640f17665da60952e09bfee209a4a3e10f336
c7f6406d90a70c8fff0730f0307e5960b5267cb2c97fa93506842290711eb0db
ca61016153cef837ad51696e9e8c9374a8c13d990868e54c250006736c2c5271
cdf83d5332fc8390324289b81ac68ba11ac89ba21d51b58506b6ceb8af2d512c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf48600ea5d1427fe7bd10d9234731c3f36265f044a9c29ef2ad8f69efbd8b87
d05a47071f5b2ac2126e07bf7a15783be0352bc951138afadb839ca98be00ee2
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2d7a6cf0b575659dff91570f7871c63a95eecc59a08b710b8fc44bd85a7b4f5
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d9caa3b8b22355ca3cf4ab4a42bde2fbcf10d7ae1f7bdeea40b92dcd51ea1907
e00548bfe15c85611f90330ee6cfa24cbed01f42e241a63bb26a4f353e3d2352
e242be2edd8eb6220661282d41f66a87ff90db36618a3f83911eb0c4777499bb
e3361a64b56f7a5ef3750a563afb7f4412ccd33d1dc6b0e422e5c7b81ff36980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6319442692dd4fc73547a3c23c0cf533ccffff8e14f9a6743bb3ebddb499313
e7c29a6aafafa891b8ed82a4a604629789ba94f8715a95e651f734b6dd705305
e802d6d22630534638a9dea69680e613749c3fd9ba8e43d03ff573122e1fb6a4
e86a38c11354c3dd3366b7736d6acd5e66fe77bfa57be6272514215ed96763b7
ea2588cf0c54b79c64e76bc4b0e91e3ab6ab959f4789940ec130a6726483bed6
ea30e5715d94e75c970f174ca4860f103557816e36fe83b24247343404582f27
eb72b1d68afdbb0f6ba7c0c429624dc01a3017b94fd25de34362ad297dd73f6a
ed964e8aa4636851968b32e78851e4c45abc2d69b14af040f4ced779af6a7285
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f598127eaff64f97312f924cba7129e164c56b2895371ce39d9db5cecf2b743b
f83b8d317eb315f598ede73d8ea5919666d323942f6bbcd0d1ece63bbd899363
f9299e6a9b1a3106e1489f974221459cf31a78258192b00cf9653f6a9df4b290
fb7ef06a5ab20566b7c26ba27665d2269a3da7bfc37373b39a8c623cf856a78d
fc6d8640aabd007b143ea654320b064a6fdeb8ed69808a626d1245a7aa6aeec7
fdbf7d69dcc7f90017540ace7c0760da7996850936385f0664eacecde7bd360f
fdd88d8f9b0e927dddc8f28d03d72cf29f41abf5e3ca3cb7f40902904754e1c7
fe201906829d5ca22866adc52b47082c334f7d2fcae6348645714d45645fa7ce
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffa4826b06f1505a9a4d31a723b1adb4c5189e0eb5cf5cd99be274afb1bfc6c9