www.zulubet.com Open in urlscan Pro
2600:9000:2156:6e00:17:8017:6440:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zulubet.com/
Submission: On October 19 via manual (October 19th 2023, 9:07:38 am UTC) from ID — Scanned from DE

Summary HTTP 163 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 20 domains to perform 163 HTTP transactions. The main IP is 2600:9000:2156:6e00:17:8017:6440:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.zulubet.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 25th 2023. Valid for: a year.

This is the only time www.zulubet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2600:9000:215... 2600:9000:2156:6e00:17:8017:6440:93a1	16509 (AMAZON-02) (AMAZON-02)
29	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	23.212.201.72 23.212.201.72	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.7.5 108.138.7.5	16509 (AMAZON-02) (AMAZON-02)
2 17	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6 8	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3 7	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
8	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 5	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
2	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
7	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	13.41.39.134 13.41.39.134	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	18.66.147.41 18.66.147.41	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
4	13.43.78.194 13.43.78.194	16509 (AMAZON-02) (AMAZON-02)
163	36

3 2600:9000:2156:6e00:17:8017:6440:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.zulubet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.201.72 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-201-72.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-5.fra56.r.cloudfront.net

cdn.zulubet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.2 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.27.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.211.84 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.238.55 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.41.39.134 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-39-134.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.43.78.194 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-78-194.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	642 KB
31	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 ad.doubleclick.net — Cisco Umbrella Rank: 173 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 286096	197 KB
17	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41903 hal900021.redintelligence.net — Cisco Umbrella Rank: 311107 hal900025.redintelligence.net — Cisco Umbrella Rank: 345434	140 KB
11	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com	191 KB
8	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 51750 medialead.de — Cisco Umbrella Rank: 51384	4 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	5 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 33897 api.webgains.io — Cisco Umbrella Rank: 91885	37 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	5 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	455 KB
6	zulubet.com www.zulubet.com cdn.zulubet.com	37 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	295 KB
5	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	601 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 109006	4 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 59583	4 KB
2	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 270642	2 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 16179 c.statcounter.com — Cisco Umbrella Rank: 10381	15 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 3381	362 B
163	20

	Domain	Requested by
29	pagead2.googlesyndication.com	www.zulubet.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
26	tpc.googlesyndication.com	googleads.g.doubleclick.net www.zulubet.com tpc.googlesyndication.com pagead2.googlesyndication.com
17	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.zulubet.com
8	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900021.redintelligence.net hal900025.redintelligence.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	pv.medialead.de	hal900021.redintelligence.net googleads.g.doubleclick.net hal900025.redintelligence.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.googletagmanager.com	www.zulubet.com www.googletagmanager.com adv.office-partner.de
5	hal900021.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900021.redintelligence.net
5	www.googletagservices.com	googleads.g.doubleclick.net www.zulubet.com
4	api.webgains.io	analytics.webgains.io
4	8019191.fls.doubleclick.net	2 redirects www.zulubet.com googleads.g.doubleclick.net
4	hal900025.redintelligence.net	hal9000.redintelligence.net googleads.g.doubleclick.net hal900025.redintelligence.net
4	www.googleadservices.com	googleads.g.doubleclick.net www.zulubet.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net hal900021.redintelligence.net hal900025.redintelligence.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	cdn.zulubet.com	www.zulubet.com cdn.zulubet.com
3	www.zulubet.com	www.zulubet.com
2	adservice.google.com	8019191.fls.doubleclick.net
2	cdn.track.production.webgains.team	googleads.g.doubleclick.net
2	analytics.webgains.io	track.webgains.com
2	fonts.gstatic.com	fonts.googleapis.com
2	track.webgains.com	www.zulubet.com
2	adv.office-partner.de	hal900021.redintelligence.net hal900025.redintelligence.net
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	medialead.de	1 redirects
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	www.zulubet.com
1	s7.addthis.com	www.zulubet.com
163	38

This site contains links to these domains. Also see Links.

Domain
es.zulubet.com
de.zulubet.com
ru.zulubet.com
pl.zulubet.com
ro.zulubet.com
gr.zulubet.com
bg.zulubet.com
nl.zulubet.com
it.zulubet.com
fr.zulubet.com
pt.zulubet.com
cz.zulubet.com
hr.zulubet.com
rs.zulubet.com
tr.zulubet.com
hu.zulubet.com
dk.zulubet.com
se.zulubet.com
ua.zulubet.com
id.zulubet.com
vn.zulubet.com

Subject Issuer	Validity	Valid
*.zulubet.com Amazon RSA 2048 M02	`2023-06-25` - `2024-07-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
adv.office-partner.de R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
pv.medialead.de R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://www.zulubet.com/
Frame ID: 4C54D7727CE860A567B1DB86425CD45F
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 4BE59F01CABD9A49F6C794EBA9CD5337
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&adk=1812271804&adf=3025194257&lmt=1697699253&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fwww.zulubet.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453378&bpp=5&bdt=169&idt=283&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1177806398676&frm=20&pv=2&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=311
Frame ID: 78F91BA48791CF1851FAF6BF28D81E95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=280&slotname=7474555108&adk=2099416891&adf=1207574245&pi=t.ma~as.7474555108&w=790&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=790x280&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453383&bpp=2&bdt=173&idt=313&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=257&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kYFTk09gYG&p=https%3A//www.zulubet.com&dtd=319
Frame ID: 5910AD0A3B70D67239170B096B3665BB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=280&slotname=8951288301&adk=1796454816&adf=2642671560&pi=t.ma~as.8951288301&w=790&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=790x280&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=320&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=257&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Hzu08WcGwZ&p=https%3A//www.zulubet.com&dtd=326
Frame ID: 2AEEC45E52D6F38FC0480F09B5F632E3
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=600&slotname=8551118301&adk=949524668&adf=1677439725&pi=t.ma~as.8551118301&w=163&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=163x600&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=331&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=SRv9sLNbEf&p=https%3A//www.zulubet.com&dtd=335
Frame ID: 0653F5B26F43562F29B12B09220A5E17
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWEx91KVBu5WLSiQmzUlEikPMSSa5eWuK4_1OfOnLrpc9XvUXOi03YEuZgKvO_KyTNfVPEYHchF2RUetYMuZEp7YgRuafPF_iPkWusPbmCQM-BBqFW5HvHyV4vLqx1sqbZ06Rxpy6-yvXPjbirtinMR_874tUBA03fb-IuZ0jlktzcEfzg
Frame ID: FD0AE27EC790341BA047F33339E3B40E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: F5003C7A025FF1FDF6C4099D5FA5871E
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: DC73103E502B10CF92CB5DF1187ECC73
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2210C456AD0C065313C1813CB9ABCFC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXqCF2guIVKZCmKomY7v9FRtLcDPiWdz4JBx1JnoGr03toyMf7veUTZ2yRiQnsDbzhdNCRx3JEOZc-NeszF5vAgP2FsrtHAYChTYPQD6kpcReC6g1rGkB9WbYcRySzSqzWnApvRCS5FDF3THSjIu1yiRVKEzRheBZZjT6cZRWzff4ZnUBc
Frame ID: B00B94A5F79A434BB7EA18F1ECE90A9E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: D02568A97FD6DB96546B74B9087BD0D5
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 029031E2F4F84E23E96BD862092AF73E
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8BF4C2C8111E4422FD35CAB89596579D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FB337FAB0CE554537489E22FAC4DCFD7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9B54DA5B750B1211633E965747315120
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 40E2633C0942A292476A5ED23C1F277E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8E96FECF5A47AFE828E9049E27BBBBFD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 524BC9BCE0998B385D598B340B6DD8C8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js
Frame ID: 9349A6A23065F4E8FDFCE163D67038CA
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 487BD8914D7AF030FAC61B5842DEC068
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=93078200051456404444556012482021&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: D4F61C80F6B5B865B2699901982E3833
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=93078200051456404444556012482021&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 80E819FC5B9C16C823B37C1A826BE06A
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CM_m4rHhgYIDFZKHsgod6XMGDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6982907269076.819
Frame ID: D0FC5A4F5E3C6770ABC3E91F767F8E53
Requests: 2 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=93078200051456404444556012482021&a=71334c54
Frame ID: 48673DCA44B7BCBD3586B1A1CE6E02EA
Requests: 9 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 3B7932F7B086876191FF45357C4469CE
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=52595300048088304444550012482025&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 0FA104A87D33257B736B35ADB739295C
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52595300048088304444550012482025&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 05E54B82B091DCE48C1CE7DEF994793F
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLbX97HhgYIDFSJVkQUdTo4BEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5427878095601.148
Frame ID: 3F63D4DE61FDDAE96EFA87013B9B11FF
Requests: 2 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=52595300048088304444550012482025&a=41e97468
Frame ID: E40E7635F512A5F51343EF244D7C384A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6E004597B9DAED1FE7727B1122F8505C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9CE901AD0319EC5671DD4E5ABDD0FD6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ZuluBet - Soccer Predictions, Football Tips for Today

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

163
Requests

93 %
HTTPS

50 %
IPv6

20
Domains

38
Subdomains

36
IPs

7
Countries

2048 kB
Transfer

5165 kB
Size

21
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://es.zulubet.com/

Search URL Search Domain Scan URL

URL: https://de.zulubet.com/

Search URL Search Domain Scan URL

URL: https://ru.zulubet.com/

Search URL Search Domain Scan URL

URL: https://pl.zulubet.com/

Search URL Search Domain Scan URL

URL: https://ro.zulubet.com/

Search URL Search Domain Scan URL

URL: https://gr.zulubet.com/

Search URL Search Domain Scan URL

URL: https://bg.zulubet.com/

Search URL Search Domain Scan URL

URL: https://nl.zulubet.com/

Search URL Search Domain Scan URL

URL: https://it.zulubet.com/

Search URL Search Domain Scan URL

URL: https://fr.zulubet.com/

Search URL Search Domain Scan URL

URL: https://pt.zulubet.com/

Search URL Search Domain Scan URL

URL: https://cz.zulubet.com/

Search URL Search Domain Scan URL

URL: https://hr.zulubet.com/

Search URL Search Domain Scan URL

URL: https://rs.zulubet.com/

Search URL Search Domain Scan URL

URL: https://tr.zulubet.com/

Search URL Search Domain Scan URL

URL: https://hu.zulubet.com/

Search URL Search Domain Scan URL

URL: https://dk.zulubet.com/

Search URL Search Domain Scan URL

URL: https://se.zulubet.com/

Search URL Search Domain Scan URL

URL: https://ua.zulubet.com/

Search URL Search Domain Scan URL

URL: https://id.zulubet.com/

Search URL Search Domain Scan URL

URL: https://vn.zulubet.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1

Request Chain 32

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTDx1qfc0swVYRQAwS-eXwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1

Request Chain 33

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGD32IhTxRYJaQ4fZccwhac&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGD32IhTxRYJaQ4fZccwhac%26google_cver%3D1

Request Chain 34

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM1Mzc5MzkzNTYyMzA5NTQ2MA%3D%3D

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1

Request Chain 66

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTDx1qfc0swVYRQAwS-eXwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGD32IhTxRYJaQ4fZccwhac&google_cver=1

Request Chain 68

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM1Mzc5MzkzNTYyMzA5NTQ2MA%3D%3D

Request Chain 76

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmope1fEwZcuSLv2M-cAP38mIgAaNxdbVc9b28bz_Efnc7cXaQBABIJvF0QlglYKAgLAHoAGDwK6VAsgBAqgDAcgDyQSqBPgBT9De7ydh11gEtNsYI_pgs3zSQcTo6ejUKi0Mw03SpOnPTeHioSh8rEoUsbnIPKFh7anEUM9bTrDLDOueMmUIS6YoVebxb8Rj5PcB2AWYJjqVqiDqSAOCw_j-h03ETXonDTuv2GA-aqlWaciW1ZXuA6cwpoe3Oxnun4HpK6r8JYHZ7Or7xwLxHt7crDh8OmB5Gof8DreVTCay_fF-HB6J_z0JHNdT8rzArUrrBuyx_3DRJPC91vG2gEYQvQVZtqr9stZigtnp8HmI2YTGDQ55Oy9OsIgFcv5VP3cBOVdH8x0h__Jv50bRIqnqjfdEOWM8IUtUqwr8okrABMmVori4BIgFwILigE2SBQQIBBgBkgUECAUYBKAGAoAH5b_R6gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCz4BTSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgm2AWh0dHBzOi8vd3d3LmNvdG9zZW4uY29tL2FjdGl2aXR5L2hvdC1zYWxlLTY4MTEvP3RzcHU9U1AyMzEwMTI2UEJMLFNQMjMxMDEyV0QzNixTUDIzMDkxM1VCWTMsU1AyMzA5MjFQV0lMLFNQMjMxMDEySkdXUCxTUDIyMTIxM09BS1YsU1AyMzA3MjBLTEhQLFNQMjEwOTI1U0E1MixTUDIzMTAxMlJFVkQsU1AyMTA5MTE4Qkc5gAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTg5ODIxNTM3Mzk1MTY4MzcYAA&sigh=PZzvyqUEo1o&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNL3mmrkzfwNSIuBe7Om4iTiFdrla-eTQkqBMBgt6qXLx_5x6zmfnuGRgcn3kTNqaAFVvp1WrYeazDLrovtAqKBt_QB-lr5hgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215185676101211556728%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581672963%22],%224%22:[%2210-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217881773035992943761%22}&andc=true

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 92

https://hal900021.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=63a2be29f4&subid=&uid=08080716f7966840&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLcP41fEwZdXnMfapn88Ppc2PwASm5b2gaZ2cnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoElgJP0NUokusLABmllSIzQCvShqCnYZYv3ArYuAZJVGZD-uIY2Nikr0B5YCtR_X1gr9VQk2uD0RAeXo4ny-bAhEyyCillqgAYjzyrNhR7isct57G8Q6F16_P0dQrnTe9Ya4ccn7oF7WukSpEBQim3ME7S9zlowcYx5k-Bc3lXaP5loTaCP0y98J5NhfeUpTTttHKpHCf4zNcDMQut51a4CUZwj4hD9WAN7GICL_MY2LYhlJJtBYemuBS-HhehE7OmU_iN7cJF6hkO8ExjDX-dQv43iruFRNyRNuBjOdV14YRoqPJaC9DzrW6GnTs1km0ONik7697NzF35cm-oxOSQyQlOvc83Y4OrN7sKysGrX_p2mFe88T7EmMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlabzsOGBggMV9tTnAx2l5gNIEAEYASAAEgIHHfD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNbBw0YE_sXqI6qiY4OP07Zo-AMLOdX4fzBXaD1ZnynEcr0EE4Zf-lGdhE7N-nvMKnxrejdwhZMsi1vzVec5E12VTttCLkBxgB%26sig%3DAOD64_35A3QCZDr7vBpDm98qDJjPUEk6tw%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AmXHdX19VxkpYybv_yvabjlfVscOZO8I3pb5Kd5htyMq_2Uz9tGQ7P-Kw9EhVo2pdPhBFUB4YN8Lk69QMvoahvZK6LSs2SQRhr-FoPut9mIYgQEzoeR_9JaTrDsjlvXr1bWGtbcaq5eb0ivVj42hE8Iqvb7py75l6lk2YfbyC7FuTvLzE%26cry%3D1%26dbm_d%3DAKAmf-ASPjzaKzac0Tke-VXxGL1x-DYM_NvVt4OuOrUmgI9Q4LWjY8b_iO4ed1hI9k-RPD6zZZNftIf8dmRv9_IlYNnEJonkwHFFtPTkijsjwf1I0rn1EvkzbipgeYs_EsNo_wjqMDMVaxtXuGALR09W5ETRyYXruV_gxUgPqw2MCpZR5k_rY2Hr7c2jnE-7M-prHoKgg6h_ES0pBEgCcQT30_QWszXJSByT1z-pb51CD5x0dnz2DalVu5T952sQIBY_enV3p5Il5_2CCuwkQQCsENgZYhChUEdR8DWsPI9oH1lcJ53PeDk8enbYtWEVC877XbDAcyj-CB6tfZTq1gf2dXvNLkaRFsGDIOcC-0Sexje8vhboiJevKOUvBCoJtuCOPCnvy9jt4SZHorqSRpnq1KBBYwthzn4IzT_Iokut4Y_I5q17onqjXeZ5tPAqf-rWnViqzzjTWiTT3QBFEqjpXEAbIf9_HB14f_qerFnQg1ZK-7hyKtbPIEJ0eX1McKPcLsarh4p-LILy00Igy3mhL9xgSNJdPaZ8FLYRWljUdBulaHKN-bg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8982153739516837%26output%3Dhtml%26h%3D600%26slotname%3D8551118301%26adk%3D949524668%26adf%3D1677439725%26pi%3Dt.ma~as.8551118301%26w%3D163%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697699253%26rafmt%3D1%26format%3D163x600%26url%3Dhttps%253A%252F%252Fwww.zulubet.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697706453387%26bpp%3D1%26bdt%3D177%26idt%3D331%26shv%3Dr20231011%26mjsv%3Dm202310180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C790x280%252C790x280%26nras%3D1%26correlator%3D1177806398676%26frm%3D20%26pv%3D1%26ga_vid%3D519388589.1697706454%26ga_sid%3D1697706454%26ga_hid%3D281170332%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1180%26ady%3D447%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078831%252C42531706%252C44795921%252C44805112%252C44805533%252C44805681%252C44805921%252C44805931%252C31078301%252C31078965%26oid%3D2%26pvsid%3D2704896093098797%26tmod%3D524980490%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DSRv9sLNbEf%26p%3Dhttps%253A%2F%2Fwww.zulubet.com%26dtd%3D335&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.zulubet.com&random=5261103813532&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=63a2be29f4&subid=&uid=08080716f7966840&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLcP41fEwZdXnMfapn88Ppc2PwASm5b2gaZ2cnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoElgJP0NUokusLABmllSIzQCvShqCnYZYv3ArYuAZJVGZD-uIY2Nikr0B5YCtR_X1gr9VQk2uD0RAeXo4ny-bAhEyyCillqgAYjzyrNhR7isct57G8Q6F16_P0dQrnTe9Ya4ccn7oF7WukSpEBQim3ME7S9zlowcYx5k-Bc3lXaP5loTaCP0y98J5NhfeUpTTttHKpHCf4zNcDMQut51a4CUZwj4hD9WAN7GICL_MY2LYhlJJtBYemuBS-HhehE7OmU_iN7cJF6hkO8ExjDX-dQv43iruFRNyRNuBjOdV14YRoqPJaC9DzrW6GnTs1km0ONik7697NzF35cm-oxOSQyQlOvc83Y4OrN7sKysGrX_p2mFe88T7EmMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlabzsOGBggMV9tTnAx2l5gNIEAEYASAAEgIHHfD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNbBw0YE_sXqI6qiY4OP07Zo-AMLOdX4fzBXaD1ZnynEcr0EE4Zf-lGdhE7N-nvMKnxrejdwhZMsi1vzVec5E12VTttCLkBxgB%26sig%3DAOD64_35A3QCZDr7vBpDm98qDJjPUEk6tw%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AmXHdX19VxkpYybv_yvabjlfVscOZO8I3pb5Kd5htyMq_2Uz9tGQ7P-Kw9EhVo2pdPhBFUB4YN8Lk69QMvoahvZK6LSs2SQRhr-FoPut9mIYgQEzoeR_9JaTrDsjlvXr1bWGtbcaq5eb0ivVj42hE8Iqvb7py75l6lk2YfbyC7FuTvLzE%26cry%3D1%26dbm_d%3DAKAmf-ASPjzaKzac0Tke-VXxGL1x-DYM_NvVt4OuOrUmgI9Q4LWjY8b_iO4ed1hI9k-RPD6zZZNftIf8dmRv9_IlYNnEJonkwHFFtPTkijsjwf1I0rn1EvkzbipgeYs_EsNo_wjqMDMVaxtXuGALR09W5ETRyYXruV_gxUgPqw2MCpZR5k_rY2Hr7c2jnE-7M-prHoKgg6h_ES0pBEgCcQT30_QWszXJSByT1z-pb51CD5x0dnz2DalVu5T952sQIBY_enV3p5Il5_2CCuwkQQCsENgZYhChUEdR8DWsPI9oH1lcJ53PeDk8enbYtWEVC877XbDAcyj-CB6tfZTq1gf2dXvNLkaRFsGDIOcC-0Sexje8vhboiJevKOUvBCoJtuCOPCnvy9jt4SZHorqSRpnq1KBBYwthzn4IzT_Iokut4Y_I5q17onqjXeZ5tPAqf-rWnViqzzjTWiTT3QBFEqjpXEAbIf9_HB14f_qerFnQg1ZK-7hyKtbPIEJ0eX1McKPcLsarh4p-LILy00Igy3mhL9xgSNJdPaZ8FLYRWljUdBulaHKN-bg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8982153739516837%26output%3Dhtml%26h%3D600%26slotname%3D8551118301%26adk%3D949524668%26adf%3D1677439725%26pi%3Dt.ma~as.8551118301%26w%3D163%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697699253%26rafmt%3D1%26format%3D163x600%26url%3Dhttps%253A%252F%252Fwww.zulubet.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697706453387%26bpp%3D1%26bdt%3D177%26idt%3D331%26shv%3Dr20231011%26mjsv%3Dm202310180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C790x280%252C790x280%26nras%3D1%26correlator%3D1177806398676%26frm%3D20%26pv%3D1%26ga_vid%3D519388589.1697706454%26ga_sid%3D1697706454%26ga_hid%3D281170332%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1180%26ady%3D447%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078831%252C42531706%252C44795921%252C44805112%252C44805533%252C44805681%252C44805921%252C44805931%252C31078301%252C31078965%26oid%3D2%26pvsid%3D2704896093098797%26tmod%3D524980490%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DSRv9sLNbEf%26p%3Dhttps%253A%2F%2Fwww.zulubet.com%26dtd%3D335&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.zulubet.com&random=5261103813532&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://googleads.g.doubleclick.net/pagead/adview?ai=CSrf51fEwZbuwLZipiQbZyarIAeX-sMhzkKywpakQ4OH78s0wEAEgm8XRCWCVgoCAsAegAbyz9rkpyAEJqQIHHZwZ4KuxPqgDAcgDywSqBIICT9BDIqtkZ6WDrpxfojmrmnxuHt692ehzD7ceRu-YjvlSPxPlYWMBVmRdE-2-Nz7VvnqaGxtddjkYL8FW-s4Lix-9iKX2IZa_4O6FnFKGpuFBrzlwE8bBWBNQNGYGBrGrHX8GIVlb1LHW8z0CM8xyZFaCu6MvUk5TpCO1sr_4n_28GxOKLfUX8RmTuBnRfiadvWJWxzITH3DeEWO78zUJPJSWaE8VfnUYU5Lw2VK30fbcqai7gFuQUoasFXb2vyjIycSgAhkEaMLN-NYfSnVhBwckkEFfMERsZ2W3hzOxmru0QHgPTeeDKazVXvbFYZ-fz7d7o-WVKYqhXyzO24D7R1ndwAT4yoP4iQSIBfKb3IBBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8qpnNkBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJqdHdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCRRodHRwczovL2xlc2x1bmVzLmRlL4AKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi04OTgyMTUzNzM5NTE2ODM3GAA&sigh=y6rOTUpPO18&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNhGaqVqUb-MYghhOogpFmUXSzJkrfkE3FyRzfcuyEtipg7docibM6ERf-CVY-Nh5p6XkTvDpYO0L5h-3H7WQCWGDNW2A-CxgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212343433556008677704%22,%22debug_reporting%22:true,%22destination%22:%22https://leslunes.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211127331260%22],%224%22:[%2210-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217486080939820666625%22}&andc=true

Request Chain 109

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6982907269076.819 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CM_m4rHhgYIDFZKHsgod6XMGDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6982907269076.819

Request Chain 111

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93078200051456404444556012482021&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93078200051456404444556012482021&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 137

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5427878095601.148 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLbX97HhgYIDFSJVkQUdTo4BEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5427878095601.148

163 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.zulubet.com/ 70 KB
9 KB 551ms
26ms Document
text/html 2600:9000:2156:6e00:17:8017:6440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zulubet.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6e00:17:8017:6440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

516d73bcb7131e8b992cdb46f3ce8b6e18cbc617cb13d6d063006dd5352da5dd

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20
cache-control: max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 19 Oct 2023 09:07:13 GMT
server: Apache
vary: Accept-Encoding
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
x-amz-cf-id: 0-FQq9rZTBYxD7uO8nZJdoH46TAG1tElP2XTsRlLN_xWxYqyCk8mcA==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-frame-options: DENY

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 119ms
71ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7697fa1795284477b1a6ecad67f6fcae56a66c23a6cb1ea967f9430a96d9694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51058
x-xss-protection: 0
server: cafe
etag: 10495877712430246821
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 09:07:33 GMT

GET
H2 200 flag-empty.png
www.zulubet.com/flags/ 95 B
401 B 20ms
20ms Image
image/png 2600:9000:2156:6e00:17:8017:6440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zulubet.com/flags/flag-empty.png

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6e00:17:8017:6440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a07cdc724363d091108add2cae0fcea6144bf72d292ef1a8b8e09e42b61a0709

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 22:24:28 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 1507384
x-frame-options: DENY
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=7776000, public
accept-ranges: bytes
content-length: 95
x-amz-cf-id: I_Da5XUxmTCmpAbnG7ujffx4xdvcuI7Gt0Z0zfR1ZYU27Vb6pk07vQ==

GET
H2 200 z-live.gif
www.zulubet.com/images/ 559 B
867 B 21ms
20ms Image
image/gif 2600:9000:2156:6e00:17:8017:6440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zulubet.com/images/z-live.gif

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:6e00:17:8017:6440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b2f395085e824edd731fd42a9315d376cf94a79ed655ee88a9b9d74c97a3b5b0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 08:48:13 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
age: 1729160
x-frame-options: DENY
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=7776000, public
accept-ranges: bytes
content-length: 559
x-amz-cf-id: PIIfEDpIgI62oN0-SSLwE4dVF1z0VyITBkZAUpZ3DXlTlFqCq0s8Og==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
362 B 258ms
38ms Script
text/javascript 23.212.201.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.201.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-201-72.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Oct 2023 09:07:33 GMT
server: Oracle API Gateway
opc-request-id: /1DB7CB4EFC8F9EF176CFA0654D37758B/8BA53360706CBD8C82E678BE8DE05E15
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 92ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-20543524-1

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af72552898acd7208ab9261c2c6d2d105bfdc1d5ca7f3c50ddae431d2b2f163d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69236
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 09:07:33 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 96ms
34ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.zulubet.com
URL: https://www.zulubet.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2023 15:09:24 GMT
server: cloudflare
age: 21405
etag: W/"652ff524-a1eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8187df152cb10378-FRA
expires: Thu, 19 Oct 2023 15:10:48 GMT

GET
H/1.1 200
OK z-cookieconsent.js Show response
cdn.zulubet.com/cc2/ 4 KB
2 KB 311ms
22ms Script
application/javascript 108.138.7.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zulubet.com/cc2/z-cookieconsent.js

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

d0cbcdac438ad5a7f7df3bb3e7d00d8845a8dabaa37980ba37f94834d3284d42

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 02:34:59 GMT
Content-Encoding: gzip
Via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
Server: Apache
X-Amz-Cf-Pop: FRA56-P6
Age: 2010754
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: tYifKOTDPdPZcCbjfS1f19EsAYuWnsCgpGSCQZVWM9vo1Wj3Fb50eg==

GET
H/1.1 200
OK z-flags-sprite.png
cdn.zulubet.com/flags/ 22 KB
22 KB 305ms
25ms Image
image/png 108.138.7.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.zulubet.com/flags/z-flags-sprite.png

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

62da44bec3568be531be450582e05f697dec119a7d3ceb6ae0040e86344adca8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 23:03:06 GMT
Via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
Server: Apache
X-Amz-Cf-Pop: FRA56-P6
Age: 4269867
X-Frame-Options: DENY
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22521
X-Amz-Cf-Id: ckJ1tJdlMv82voAJlLPIDMB163G5yRXa-ao-uGdSdqHQG4UvE7-muA==

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/ 394 KB
134 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8982153739516837&plah=www.zulubet.com&bust=31078965

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67d4fa2f6b38c509136763f3547b7f50d848f81c3ce8c20f1ad3a751745613c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136922
x-xss-protection: 0
server: cafe
etag: 4630282200460691907
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 09:07:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 4BE5 10 KB
5 KB 66ms
18ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zulubet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Wed, 01 Nov 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KK1P5MH3YQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20543524-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91c19099e080c2ab1ff99b371116afdc6f1d3dda0eeaa125ea680d1a810a3dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 09:07:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 65ms
18ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20543524-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Oct 2023 07:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4560
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 19 Oct 2023 09:51:33 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 193 B
472 B 166ms
149ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=6491974&u1=18CACE53B0DD4F2D1DBBAEEE4F48AC7E&java=1&security=6134fe38&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.zulubet.com/&t=ZuluBet%20-%20Soccer%20Predictions%2C%20Football%20Tips%20for%20Today&invisible=1&sc_rum_e_s=840&sc_rum_e_e=845&sc_rum_f_s=0&sc_rum_f_e=677&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a07987493f5b2be92201c334e482cdd6a9d27983037bac3c70ac2a48b96e9702

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.zulubet.com
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 8187df168e620378-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 73ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KK1P5MH3YQ&gtm=45je3ai0&_p=281170332&cid=519388589.1697706454&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1697706453&sct=1&seg=0&dl=https%3A%2F%2Fwww.zulubet.com%2F&dt=ZuluBet%20-%20Soccer%20Predictions%2C%20Football%20Tips%20for%20Today&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KK1P5MH3YQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zulubet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 26ms
25ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=281170332&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zulubet.com%2F&ul=en-us&de=UTF-8&dt=ZuluBet%20-%20Soccer%20Predictions%2C%20Football%20Tips%20for%20Today&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2077712267&gjid=1046946769&cid=519388589.1697706454&tid=UA-20543524-1&_gid=704344941.1697706454&_r=1&gtm=457e3ai0&jsscut=1&z=1143733361

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zulubet.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zulubet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 86ms
27ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20543524-1&cid=519388589.1697706454&jid=2077712267&gjid=1046946769&_gid=704344941.1697706454&_u=YADAAUAAAAAAACAAI~&z=189759390

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zulubet.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 19 Oct 2023 09:07:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zulubet.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
601 B 91ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.zulubet.com&callback=_gfp_s_&client=ca-pub-8982153739516837

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8982153739516837&plah=www.zulubet.com&bust=31078965

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8eb79ebfb95ffabade7c71885bdae45b952e9ab832837fb3ebb41bd6df056594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 78F9 224 KB
59 KB 481ms
480ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&adk=1812271804&adf=3025194257&lmt=1697699253&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fwww.zulubet.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453378&bpp=5&bdt=169&idt=283&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1177806398676&frm=20&pv=2&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=311

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2ab6ade9cae5c26414e78666a0949ddc645748b0b6db20e4c2f5f5967b15eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zulubet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 60354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:34 GMT
expires: Thu, 19 Oct 2023 09:07:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5910 140 KB
43 KB 928ms
928ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=280&slotname=7474555108&adk=2099416891&adf=1207574245&pi=t.ma~as.7474555108&w=790&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=790x280&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453383&bpp=2&bdt=173&idt=313&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=257&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kYFTk09gYG&p=https%3A//www.zulubet.com&dtd=319

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

009946f841e477de16f0f5c0739c8879a5ac8647faa6223f5a050f0d1ecb1cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zulubet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43597
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:34 GMT
expires: Thu, 19 Oct 2023 09:07:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AEE 114 KB
40 KB 722ms
722ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=280&slotname=8951288301&adk=1796454816&adf=2642671560&pi=t.ma~as.8951288301&w=790&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=790x280&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=320&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=257&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Hzu08WcGwZ&p=https%3A//www.zulubet.com&dtd=326

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

364d2c3c102a6141e06cc7e14f105591e6ee13b787c84df090a8c40719684ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zulubet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40707
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:34 GMT
expires: Thu, 19 Oct 2023 09:07:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0653 28 KB
11 KB 503ms
503ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=600&slotname=8551118301&adk=949524668&adf=1677439725&pi=t.ma~as.8551118301&w=163&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=163x600&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=331&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=SRv9sLNbEf&p=https%3A//www.zulubet.com&dtd=335

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97822fb89eb778082da07672d6f5bb2a5617f787b2ee54b6536a188fd870e562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zulubet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11572
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:34 GMT
expires: Thu, 19 Oct 2023 09:07:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/ 159 KB
54 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310180101/reactive_library_fy2021.js?bust=31078965

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e4ee580d3b85b57f2c1d323d04eb4482fd5ea5a7c3e57d3dde7ee7df5846208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55343
x-xss-protection: 0
server: cafe
etag: 16295804411356627243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 09:07:34 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FD0A 624 B
246 B 63ms
61ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWEx91KVBu5WLSiQmzUlEikPMSSa5eWuK4_1OfOnLrpc9XvUXOi03YEuZgKvO_KyTNfVPEYHchF2RUetYMuZEp7YgRuafPF_iPkWusPbmCQM-BBqFW5HvHyV4vLqx1sqbZ06Rxpy6-yvXPjbirtinMR_874tUBA03fb-IuZ0jlktzcEfzg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=600&slotname=8551118301&adk=949524668&adf=1677439725&pi=t.ma~as.8551118301&w=163&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=163x600&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=331&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=SRv9sLNbEf&p=https%3A//www.zulubet.com&dtd=335

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=600&slotname=8551118301&adk=949524668&adf=1677439725&pi=t.ma~as.8551118301&w=163&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=163x600&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=331&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=SRv9sLNbEf&p=https%3A//www.zulubet.com&dtd=335
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:34 GMT
expires: Thu, 19 Oct 2023 09:07:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F500 89 KB
31 KB 144ms
143ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 09:07:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame F500 3 KB
1 KB 115ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:21:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame F500 20 KB
9 KB 112ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:21:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F500 187 KB
59 KB 104ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 09:07:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F500 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AbD2K2vL5S0ENWOhkLfc4jB2OoTdzQOhxRjq2NmnxfEeT6DD7ImJ7A8nTRPlo4Cu0LkHZgCIVxZNtoM1SD1HG-7SGgcyhn2jyCnD_ObcZ9HLWFtXw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F500 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4505687086479100199&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame DC73 10 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zulubet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 10:26:49 GMT
etag: 2603938475786422795
expires: Wed, 01 Nov 2023 10:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 2210 10 KB
4 KB 19ms
18ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zulubet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 10:26:49 GMT
etag: 2603938475786422795
expires: Wed, 01 Nov 2023 10:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame FD0A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1

43 B
336 B

44ms
44ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWEx91KVBu5WLSiQmzUlEikPMSSa5eWuK4_1OfOnLrpc9XvUXOi03YEuZgKvO_KyTNfVPEYHchF2RUetYMuZEp7YgRuafPF_iPkWusPbmCQM-BBqFW5HvHyV4vLqx1sqbZ06Rxpy6-yvXPjbirtinMR_874tUBA03fb-IuZ0jlktzcEfzg
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BCWoQs%2FoxluiXqsuP6qSmeg6ZPV9lR%2BsqkrOhPHdVjCV2WduTVN0S%2FaVsulouWOeKfJLevmkV6Sy9mMle7tYmvcMK463aVb76Fme8mpQfJ4meM7faY8yDUnPTlc0ZjrD6oViYg5JssuKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8187df1cda19690f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD0A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTDx1qfc0swVYRQAwS-eXwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1

43 B
738 B

35ms
35ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWEx91KVBu5WLSiQmzUlEikPMSSa5eWuK4_1OfOnLrpc9XvUXOi03YEuZgKvO_KyTNfVPEYHchF2RUetYMuZEp7YgRuafPF_iPkWusPbmCQM-BBqFW5HvHyV4vLqx1sqbZ06Rxpy6-yvXPjbirtinMR_874tUBA03fb-IuZ0jlktzcEfzg
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJvgkJsRJYEYLU7jGMeRN0PPZqYVAy3G%2B2Kve4ik3RrGoxmQOPT98qvFgQYZ%2BEgVSTreY6Y8xRCPTDwJJWtMP1EcoKS2BGOdGiIZnxD8vbH9F%2B8SI34%2BV%2FIZ5V2XtPXA328O6d4Fequ5EA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8187df1d6e293a3e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame FD0A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGD32IhTxRYJaQ4fZccwhac&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGD32IhTxRYJaQ4fZccwhac%26google_cver%3D1

43 B
893 B

35ms
35ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGD32IhTxRYJaQ4fZccwhac%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWEx91KVBu5WLSiQmzUlEikPMSSa5eWuK4_1OfOnLrpc9XvUXOi03YEuZgKvO_KyTNfVPEYHchF2RUetYMuZEp7YgRuafPF_iPkWusPbmCQM-BBqFW5HvHyV4vLqx1sqbZ06Rxpy6-yvXPjbirtinMR_874tUBA03fb-IuZ0jlktzcEfzg

Protocol

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
an-x-request-uuid: 0a60b806-913c-4348-a250-d7bc40e50ade
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.20; 217.114.218.20; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
an-x-request-uuid: f4dac2e4-10db-4db4-8cda-e928e07b795e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEGD32IhTxRYJaQ4fZccwhac%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.20; 217.114.218.20; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD0A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM1Mzc5MzkzNTYyMzA5NTQ2MA%3D%3D

170 B
188 B

30ms
29ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM1Mzc5MzkzNTYyMzA5NTQ2MA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
an-x-request-uuid: 3e6dab23-3ecb-490f-86e9-47bb3324314c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM1Mzc5MzkzNTYyMzA5NTQ2MA%3D%3D
x-proxy-origin: 217.114.218.20; 217.114.218.20; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame DC73 4 KB
1 KB 108ms
29ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 08:20:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Oct 2023 09:07:34 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DC73 205 B
650 B 97ms
21ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 01:08:26 GMT
x-content-type-options: nosniff
age: 28748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 18 Oct 2024 01:08:26 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DC73 604 B
695 B 98ms
22ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 21:48:20 GMT
x-content-type-options: nosniff
age: 40754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 17 Oct 2024 21:48:20 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame DC73 15 KB
7 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70edd2297ecb201306acff5be959f7251f0b8402706bd52e138b6663f2d40c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 10:38:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6575
x-xss-protection: 0
server: cafe
etag: 17858602555770451360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 10:38:56 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame DC73 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8568
x-xss-protection: 0
server: cafe
etag: 3657364187347500438
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 22:58:05 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B00B 624 B
245 B 76ms
64ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXqCF2guIVKZCmKomY7v9FRtLcDPiWdz4JBx1JnoGr03toyMf7veUTZ2yRiQnsDbzhdNCRx3JEOZc-NeszF5vAgP2FsrtHAYChTYPQD6kpcReC6g1rGkB9WbYcRySzSqzWnApvRCS5FDF3THSjIu1yiRVKEzRheBZZjT6cZRWzff4ZnUBc

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:34 GMT
expires: Thu, 19 Oct 2023 09:07:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D025 89 KB
31 KB 88ms
79ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 09:07:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame D025 3 KB
1 KB 32ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:21:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame D025 20 KB
8 KB 29ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:21:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D025 187 KB
59 KB 42ms
33ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 09:07:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D025 42 B
63 B 71ms
63ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AaZf0O5ajcxXu1epvLdq0lBSACaUHQhx-GP1a-fMwo62VPo52PJ3g743QzaYjC7FK1k-oCwIZ1S8799Yq0ZsOUx3dZeYqCAoLskq7CCjfYka2Q0XI

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D025 0
20 B 66ms
62ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10645762170863964067&x=1&ct=77

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 15191665052080578389
tpc.googlesyndication.com/simgad/ Frame 2AEE 78 KB
79 KB 40ms
25ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15191665052080578389?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkJJJSTIPLgS7g-gvjj2EcHnewEPw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=280&slotname=8951288301&adk=1796454816&adf=2642671560&pi=t.ma~as.8951288301&w=790&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=790x280&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=320&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=257&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Hzu08WcGwZ&p=https%3A//www.zulubet.com&dtd=326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887973df5bae56efd3c902e3b297c875c8eda9696c0a997aa45c2d72c8a6a139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 13:24:51 GMT
x-content-type-options: nosniff
age: 70963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80249
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 09:50:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 13:24:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 2AEE 23 KB
9 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 14:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 14:03:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 2AEE 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:21:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 2AEE 20 KB
8 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:21:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AEE 187 KB
59 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 09:07:34 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 2AEE 35 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73e3191e8775f3d00119696caa79759b2ae87b5bf058bf6a66b626eb04580244

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14188
x-xss-protection: 0
server: cafe
etag: 9007259302920372400
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 23:20:43 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F500 0
20 B 57ms
55ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=562430780494&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F500 0
20 B 57ms
55ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=562430780494&version=m202309260101&ct=77&x=1&cor=4505687086479100400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F500 19 KB
14 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bw7M9K7lxSGji2xesCbP3VoFQF0IFGix2DQrIT9lwXcyDtBmR7ZxiOxCEF0UU34iFwI9Y3-_pdr8j-1U8wJYun_vDvWFYmTRY09wzKSJYz8ct2ju85_pRSC75ONxQ2obnR-X2xP5IeWTo30AC9c0M-11WI0zMaX0ByHj6CKoCCvF5s9oY&cry=1&dbm_d=AKAmf-Dq7Uq818reHaFDo3X-d4k4qWkd0SjCqOLmcr3qXJ8qlRHtULMEseukjfzLYW-BEYDeMFtK4ojZDm-1O7DaWZS8HPNbPDm3lcQ_TaV9BNuWJShzRvIA2bf7iR4yn49Um1CCIKY-Y6CTvwwYLZf8SpcRG3-EMj7nKlkfJ1oxmHV1qT1RXAtx8zzfcV6HYe0DKyfo7DVHNS2VsfKQK-OCDCEztUgV1zLhUtcEx5KoZxRM5HgpyHXtuuxjjnHpNhxc8Hi6xisco1vBTvjHg11ZRJLTbqmNG1GFcVx3IYZrANeyPft8mLkC3IRr0KmbTRUIrWQeRtWNF1ICgOb3klfJv46sxOKEN9K5CiRPSk5n5wP9h2-8zg_dpPFC3nGLBeUaac1wqZRWTWYtNuWU1Mc3i1JX0LU4gcrdDPTBmq1pa8Zujbd2laXOeykxfSMyq92aYgTy0akWxXIKeP0LzaK0UCQNbT1MGO1ggbOKaGJuEXSVijFviaVwN2EsjD_uuGwr1RR0Ip0h1YIKakzjW-k-aMCwKLnc8f6RjewxbGdi-eWrmwbyECgRcrhw9ynOQ25-A1aqgmG-LAuOg7MVtmht1nrmqzbWtHE8xajCm1zo6_HogFEJvLcgZ22giAm_vlFjhZ0SU4U8xKCl2P7Dt19HY5k-XugFN9LLPUo8aOhbXU8V8CaGQig95vUAH2Ou0_ItIAs7XKl8GETKpvD0h6Q1T_xikebZHuGWz48tdtCDYqKVi9jChCt9pC5DRXubbnN6RaCGbNKDVajJjmjkuS3-s41GjbkJ5cwDqap-vfNXvBqsRXh1WF7vcNX434QQp9pZz0ejR9mT5_sWMxCvnspHtAg-mUSWO-5WceW-dQetVSgGhg_zHPkXLr1_sY1w4AJWiGwmCBGH9DuTrkcrzbGOedgWFXM0WK-7NZjh1SaGiXlcJEjjnVF9X9mOGMYXj9a__L3b_umL2HvJtA1YeLMa3xaSVYQyYyT6wwrA4-eVBCe9Rje3Oh3ZKNxfwwCnxGY9PNNvJrx6aaPQ8umh_ggbOwgXE3RTF-qR3il-S6TviAfKVDjd2Cpp4yroCRqiysvrqHXROaLoi_FatZ1ki8KfTa6cUU2mtbEOGI8qfCUDdzGcuB8XuOrmtS5Ffr3eYOWQosOvFYa0m92XEZjBDUtb6AqF4fHoJOWBNse-XEQPZGenOVxu1X3L3jCfkzC6b8wOlOE4QiMttdkUXAbZSO7ljyM032cYuvdsWXH_A_wBaMOT1wiy3XBPkrrFqvGyE0QvY1zjWt92dafxsmGvyHsQdmlHp15aiUDCrRx3Ssn4-fVH3YMrn6KzUN87WXagmrP7aIyir4lTTfuXAed6d2Mw2r1OmWXAmMUBOgA2xU1qr7xUwsXKhDdclW1hL0A6vxbRtMgm5WGMH1DneroGyTDmcB-BuUrVNtVSVBVj96cbBbDP2iJ_DfoZe4NJxnXSkiE0ognHe5zPeegnMgxcq4mOhGKffB8MDHEoC2NlM1msR7d5pUPl8baOOhQAzxs48CKWn4TycqcWCiTP4FRR5VQIM38JnA84F0AzgpSUn-5MSTcfPlN42oU7dcyNZ6msnjd86AYz-pUl0_GCnLzCiPhahuXEVUKA54i6uPGDWT4_TWKWdHIvHKVRHR29vzKIYUmlwZZCZRUthicHU-jOFPDt-vXd4klaeZfEMJZkWZbTn-HVajZWX0M4OStqIs7LqgObhnznQ6IJUij0fFBOrNkF1FexOezJ4DpKeZYfnfAiDNnYXRrlGv_kLVa2yDkNlfmKTDFCQ5Vpwc2qsrVlRxJ9Qr0tL7wMEX32CqDUaCTm3ssAUhVPt7_Stfk4Z58GZQH_xnT5Vuo8F1Qt6mpMg352jWtD56JmUxcM7NOUbhbqFLxNWDqVf9Lp8S34Z3BTCxO1qGEkjYWZdiNorbug2BewRAH191hmCdBD_NC22UpkstB1sWsPmRsLSNHfIX3uENwhoDMkknBd-IvtmxJLhDewljZ6QvL8oVSgrHpnAyTwlMPTeMyRVwcDjUnGeaHGWNfCj1t5vT3dqr13wRjKUuFDlKihSgniNBxHPi49IZlPSIRaoVGyvK8W_i7IlXzSWH0Lm8yuZY03s6niXHTcMh647SMfqgQtaQOF0-VFGUTZNETgOUegPuVlX9rvAkbihdLOteJQp7w3lRhbC7M5XLPfcDwkWtPuQS91ci0UdwWrJq_DxnxcyJxV-jEgWiJDGzy3A9wHqocIKnucp2RVqdo3C_HxfeYFGGJBMjFWwWVbTN_LJd1ue2-8EJmBJiJiKtTAH3zNgoDpv3GDiKY68bUhOGWm9yGvAg0MzNMBdAg3qnxGNsjRcPSZtKlZ-megbFcNdtszVUd7TRVFAJqdDnmA6kEnFH1_DQONT6s9PedYGPx1akZZOW2Lt9fKmo2NNMZQfqeeAk6vxFHgcRTxKdDCG6_GsuQ4s2HsDq49eMhAdZXVRPykVCX-eu_m7KRL4e84FPy--ZtrjmeZh8GAT943Bg4UA9_gBZKW9ppihwAScU-B1ct3kgK6vCDUPjzBn9U_f62m8i-UwbCb_lH6qD5cgPxrR20mHidH3LWGElECraBodGY101nGItSA3RywzbugbndkQ_cGj53YnNEXAA0RASzmwKF-Vp4wpREjmUD0apoZYwx7RLs6n3zxSI25IoczYkLUC8IkHHraLXLEDw6VLbpPduoreVVQNCIrnt3rlQKZzoxVtMGMfyszFwK_UKT8ryMZ3qkM5SaPs4kBQ1ExliRv5H9URp2NhLHDsO_nYaZ5a1Zb6nzv4eA2i2eSTGLAD5vSLHseKwQqXzs_5hRYaPBgCs_uk79XFIl0-92eaFESWJWBIXkImYSRzMfpiFTENGMkpkDH0tXBY6h_W5Qx1nQT1GWRkYIHkEQ2fEDtZOjocTxHOIfo0YHbFMtBfS4gW_TTntGsAe5_amAPJb9U7cHams80jp74iEU8DDFPzaIjzKcsiN9zs-gmh_abLXwZVmeHxo_Rs8XvrXVTkJjFYaGRvxRde0QpqhdK0KXzUq1x5saNjEMBO2-8C--qXDryoOsVvjMeX9pMQNEW1-nW55eLfW02CHx8vMVylenk9CBlhc2Jzs-Y2ERRgJc7laJVYj6I23rUx3al42_5faJJTWq0Alv7Skfr3hSySUyNUG3lHvWyXmnzhitMSf6nu055f1Yu9xbtNtWcCSjRMc3iMqx-z8aXiMEmkI0blUze45blNrWePrUT--P7y0CsCzLcdIY6DcYyKG4-Cl_6-Q8PLcvWdIv2CWr5CkK_iMklMmUysb0FevbX-WByYLTtZzIgRYWwOgWz25bexKf2JdHfg6r0Ozl1C0H4Y-fHDAFCh7c5R_c2LZ79cvTpu3lnUUiTL2xvJ8mtkCE0wDk3OFRG-XNN1-UfeIvW1OAR6NgRMrJSbsMeODPajm6xKZY8TvBNj5rKZ8lym1jVGBhc3fpEUt0ApcxqOso_da3D0jRCVlHzG9MPqoJBJe9La0FxzDiW71S-Z3dPYwK-rHyna5dQa_HL-w034MjJQhPRi4e2Ogjzi6MrBakxodisuO0DoAv6dVBs6G7uXH_PChraOCxkNYrXUl9oinahzX3NNTSOpz4XYGwoKCMP_3ETe10bK28oxxn-U2rbDxUrSZBfMXor0yTJMUHtJcm3J9xm1PcFR-1aBQWJAxxTRf9M4QuCXKG6D3IdvQwBD0o7rzvgf4xdztzUldkFTXsANykqyxttJURNBQ0yh1-z8XV-4yEES81FQSaAM6qBPn_Y9Itp5-5Fi3KBIYD3PV1BQT4FoNOhCd-Xm9loaYvZjWt8YTAtq8XugCXsEgh4QsfRLSvnzPQBFsbM7w92heph0ZioXHhDUQypmXYhi-uM8TV_7VO7kwlc90dCXSY_ruDREOyvsP0Vq6bZsAm3ZQ&cid=CAQSSwDICaaNbBw0YE_sXqI6qiY4OP07Zo-AMLOdX4fzBXaD1ZnynEcr0EE4Zf-lGdhE7N-nvMKnxrejdwhZMsi1vzVec5E12VTttCLkBxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zulubet.com%2F&ds=l&xdt=1&iif=1&cor=4505687086479100400&adk=1761367587&idt=150&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72c86c40840b984e8df9f1d45157af2e7fe84c93abe7ea61fcd939383bebf1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=600&slotname=8551118301&adk=949524668&adf=1677439725&pi=t.ma~as.8551118301&w=163&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=163x600&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=331&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=SRv9sLNbEf&p=https%3A//www.zulubet.com&dtd=335
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13843
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0290 143 B
166 B 24ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=280&slotname=8951288301&adk=1796454816&adf=2642671560&pi=t.ma~as.8951288301&w=790&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=790x280&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=320&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=257&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Hzu08WcGwZ&p=https%3A//www.zulubet.com&dtd=326
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 08:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 8BF4 14 KB
1 KB 35ms
32ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 08:00:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Oct 2023 09:07:34 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 8BF4 2 KB
892 B 18ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 22:52:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 8BF4 23 KB
9 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 14:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 14:03:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB33 143 B
166 B 23ms
21ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 08:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 8BF4 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:21:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 8BF4 20 KB
8 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:21:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8BF4 187 KB
59 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 09:07:34 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 8BF4 35 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B00B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1

43 B
735 B

39ms
38ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXqCF2guIVKZCmKomY7v9FRtLcDPiWdz4JBx1JnoGr03toyMf7veUTZ2yRiQnsDbzhdNCRx3JEOZc-NeszF5vAgP2FsrtHAYChTYPQD6kpcReC6g1rGkB9WbYcRySzSqzWnApvRCS5FDF3THSjIu1yiRVKEzRheBZZjT6cZRWzff4ZnUBc
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WZt24oLZ5gvLea%2B6zKY4rP2CMS5Fnbvtr7YakcpDKBupE3NURgkWB9CeTwUfY6EximWZHl%2FOSfUBhpSL3xOTJCGehzJY6KaaXqQpfaamxo2wKDETeBFCDbT8%2F7lT%2Fvz2bDMPJteZNHezw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8187df1d6e2a3a3e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B00B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTDx1qfc0swVYRQAwS-eXwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1

43 B
819 B

37ms
37ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXqCF2guIVKZCmKomY7v9FRtLcDPiWdz4JBx1JnoGr03toyMf7veUTZ2yRiQnsDbzhdNCRx3JEOZc-NeszF5vAgP2FsrtHAYChTYPQD6kpcReC6g1rGkB9WbYcRySzSqzWnApvRCS5FDF3THSjIu1yiRVKEzRheBZZjT6cZRWzff4ZnUBc
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upftlgd0RsWjWsDu7DP5V9okJwcPswc9mvgcdG3BnOOyidqeHtPszkBxrlrcHJPZ2TadKN9s95KaHh5oLfTJQ1Dqwyqy4qvHdaTF25YJBsMpxHF6FGWhJm5wchlCzg4W3pfAwTWnTxvlAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8187df1e1ef63a3e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHslBkMwji6CKfrLwO5C6aU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B00B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGD32IhTxRYJaQ4fZccwhac&google_cver=1

43 B
842 B

41ms
40ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGD32IhTxRYJaQ4fZccwhac&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXqCF2guIVKZCmKomY7v9FRtLcDPiWdz4JBx1JnoGr03toyMf7veUTZ2yRiQnsDbzhdNCRx3JEOZc-NeszF5vAgP2FsrtHAYChTYPQD6kpcReC6g1rGkB9WbYcRySzSqzWnApvRCS5FDF3THSjIu1yiRVKEzRheBZZjT6cZRWzff4ZnUBc

Protocol

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
an-x-request-uuid: e9ab05b4-6d4c-4342-a3e0-2a777efff17c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.20; 217.114.218.20; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGD32IhTxRYJaQ4fZccwhac&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B00B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM1Mzc5MzkzNTYyMzA5NTQ2MA%3D%3D

170 B
188 B

32ms
31ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM1Mzc5MzkzNTYyMzA5NTQ2MA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
an-x-request-uuid: e6bb5c5b-2719-4755-aa2c-04c7d00a3d17
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM1Mzc5MzkzNTYyMzA5NTQ2MA%3D%3D
x-proxy-origin: 217.114.218.20; 217.114.218.20; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2AEE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec96718e2907a7f6d12b7e8f3d9228e0436145a5be898700d817fb152f96d6ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F500 41 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bw7M9K7lxSGji2xesCbP3VoFQF0IFGix2DQrIT9lwXcyDtBmR7ZxiOxCEF0UU34iFwI9Y3-_pdr8j-1U8wJYun_vDvWFYmTRY09wzKSJYz8ct2ju85_pRSC75ONxQ2obnR-X2xP5IeWTo30AC9c0M-11WI0zMaX0ByHj6CKoCCvF5s9oY&cry=1&dbm_d=AKAmf-Dq7Uq818reHaFDo3X-d4k4qWkd0SjCqOLmcr3qXJ8qlRHtULMEseukjfzLYW-BEYDeMFtK4ojZDm-1O7DaWZS8HPNbPDm3lcQ_TaV9BNuWJShzRvIA2bf7iR4yn49Um1CCIKY-Y6CTvwwYLZf8SpcRG3-EMj7nKlkfJ1oxmHV1qT1RXAtx8zzfcV6HYe0DKyfo7DVHNS2VsfKQK-OCDCEztUgV1zLhUtcEx5KoZxRM5HgpyHXtuuxjjnHpNhxc8Hi6xisco1vBTvjHg11ZRJLTbqmNG1GFcVx3IYZrANeyPft8mLkC3IRr0KmbTRUIrWQeRtWNF1ICgOb3klfJv46sxOKEN9K5CiRPSk5n5wP9h2-8zg_dpPFC3nGLBeUaac1wqZRWTWYtNuWU1Mc3i1JX0LU4gcrdDPTBmq1pa8Zujbd2laXOeykxfSMyq92aYgTy0akWxXIKeP0LzaK0UCQNbT1MGO1ggbOKaGJuEXSVijFviaVwN2EsjD_uuGwr1RR0Ip0h1YIKakzjW-k-aMCwKLnc8f6RjewxbGdi-eWrmwbyECgRcrhw9ynOQ25-A1aqgmG-LAuOg7MVtmht1nrmqzbWtHE8xajCm1zo6_HogFEJvLcgZ22giAm_vlFjhZ0SU4U8xKCl2P7Dt19HY5k-XugFN9LLPUo8aOhbXU8V8CaGQig95vUAH2Ou0_ItIAs7XKl8GETKpvD0h6Q1T_xikebZHuGWz48tdtCDYqKVi9jChCt9pC5DRXubbnN6RaCGbNKDVajJjmjkuS3-s41GjbkJ5cwDqap-vfNXvBqsRXh1WF7vcNX434QQp9pZz0ejR9mT5_sWMxCvnspHtAg-mUSWO-5WceW-dQetVSgGhg_zHPkXLr1_sY1w4AJWiGwmCBGH9DuTrkcrzbGOedgWFXM0WK-7NZjh1SaGiXlcJEjjnVF9X9mOGMYXj9a__L3b_umL2HvJtA1YeLMa3xaSVYQyYyT6wwrA4-eVBCe9Rje3Oh3ZKNxfwwCnxGY9PNNvJrx6aaPQ8umh_ggbOwgXE3RTF-qR3il-S6TviAfKVDjd2Cpp4yroCRqiysvrqHXROaLoi_FatZ1ki8KfTa6cUU2mtbEOGI8qfCUDdzGcuB8XuOrmtS5Ffr3eYOWQosOvFYa0m92XEZjBDUtb6AqF4fHoJOWBNse-XEQPZGenOVxu1X3L3jCfkzC6b8wOlOE4QiMttdkUXAbZSO7ljyM032cYuvdsWXH_A_wBaMOT1wiy3XBPkrrFqvGyE0QvY1zjWt92dafxsmGvyHsQdmlHp15aiUDCrRx3Ssn4-fVH3YMrn6KzUN87WXagmrP7aIyir4lTTfuXAed6d2Mw2r1OmWXAmMUBOgA2xU1qr7xUwsXKhDdclW1hL0A6vxbRtMgm5WGMH1DneroGyTDmcB-BuUrVNtVSVBVj96cbBbDP2iJ_DfoZe4NJxnXSkiE0ognHe5zPeegnMgxcq4mOhGKffB8MDHEoC2NlM1msR7d5pUPl8baOOhQAzxs48CKWn4TycqcWCiTP4FRR5VQIM38JnA84F0AzgpSUn-5MSTcfPlN42oU7dcyNZ6msnjd86AYz-pUl0_GCnLzCiPhahuXEVUKA54i6uPGDWT4_TWKWdHIvHKVRHR29vzKIYUmlwZZCZRUthicHU-jOFPDt-vXd4klaeZfEMJZkWZbTn-HVajZWX0M4OStqIs7LqgObhnznQ6IJUij0fFBOrNkF1FexOezJ4DpKeZYfnfAiDNnYXRrlGv_kLVa2yDkNlfmKTDFCQ5Vpwc2qsrVlRxJ9Qr0tL7wMEX32CqDUaCTm3ssAUhVPt7_Stfk4Z58GZQH_xnT5Vuo8F1Qt6mpMg352jWtD56JmUxcM7NOUbhbqFLxNWDqVf9Lp8S34Z3BTCxO1qGEkjYWZdiNorbug2BewRAH191hmCdBD_NC22UpkstB1sWsPmRsLSNHfIX3uENwhoDMkknBd-IvtmxJLhDewljZ6QvL8oVSgrHpnAyTwlMPTeMyRVwcDjUnGeaHGWNfCj1t5vT3dqr13wRjKUuFDlKihSgniNBxHPi49IZlPSIRaoVGyvK8W_i7IlXzSWH0Lm8yuZY03s6niXHTcMh647SMfqgQtaQOF0-VFGUTZNETgOUegPuVlX9rvAkbihdLOteJQp7w3lRhbC7M5XLPfcDwkWtPuQS91ci0UdwWrJq_DxnxcyJxV-jEgWiJDGzy3A9wHqocIKnucp2RVqdo3C_HxfeYFGGJBMjFWwWVbTN_LJd1ue2-8EJmBJiJiKtTAH3zNgoDpv3GDiKY68bUhOGWm9yGvAg0MzNMBdAg3qnxGNsjRcPSZtKlZ-megbFcNdtszVUd7TRVFAJqdDnmA6kEnFH1_DQONT6s9PedYGPx1akZZOW2Lt9fKmo2NNMZQfqeeAk6vxFHgcRTxKdDCG6_GsuQ4s2HsDq49eMhAdZXVRPykVCX-eu_m7KRL4e84FPy--ZtrjmeZh8GAT943Bg4UA9_gBZKW9ppihwAScU-B1ct3kgK6vCDUPjzBn9U_f62m8i-UwbCb_lH6qD5cgPxrR20mHidH3LWGElECraBodGY101nGItSA3RywzbugbndkQ_cGj53YnNEXAA0RASzmwKF-Vp4wpREjmUD0apoZYwx7RLs6n3zxSI25IoczYkLUC8IkHHraLXLEDw6VLbpPduoreVVQNCIrnt3rlQKZzoxVtMGMfyszFwK_UKT8ryMZ3qkM5SaPs4kBQ1ExliRv5H9URp2NhLHDsO_nYaZ5a1Zb6nzv4eA2i2eSTGLAD5vSLHseKwQqXzs_5hRYaPBgCs_uk79XFIl0-92eaFESWJWBIXkImYSRzMfpiFTENGMkpkDH0tXBY6h_W5Qx1nQT1GWRkYIHkEQ2fEDtZOjocTxHOIfo0YHbFMtBfS4gW_TTntGsAe5_amAPJb9U7cHams80jp74iEU8DDFPzaIjzKcsiN9zs-gmh_abLXwZVmeHxo_Rs8XvrXVTkJjFYaGRvxRde0QpqhdK0KXzUq1x5saNjEMBO2-8C--qXDryoOsVvjMeX9pMQNEW1-nW55eLfW02CHx8vMVylenk9CBlhc2Jzs-Y2ERRgJc7laJVYj6I23rUx3al42_5faJJTWq0Alv7Skfr3hSySUyNUG3lHvWyXmnzhitMSf6nu055f1Yu9xbtNtWcCSjRMc3iMqx-z8aXiMEmkI0blUze45blNrWePrUT--P7y0CsCzLcdIY6DcYyKG4-Cl_6-Q8PLcvWdIv2CWr5CkK_iMklMmUysb0FevbX-WByYLTtZzIgRYWwOgWz25bexKf2JdHfg6r0Ozl1C0H4Y-fHDAFCh7c5R_c2LZ79cvTpu3lnUUiTL2xvJ8mtkCE0wDk3OFRG-XNN1-UfeIvW1OAR6NgRMrJSbsMeODPajm6xKZY8TvBNj5rKZ8lym1jVGBhc3fpEUt0ApcxqOso_da3D0jRCVlHzG9MPqoJBJe9La0FxzDiW71S-Z3dPYwK-rHyna5dQa_HL-w034MjJQhPRi4e2Ogjzi6MrBakxodisuO0DoAv6dVBs6G7uXH_PChraOCxkNYrXUl9oinahzX3NNTSOpz4XYGwoKCMP_3ETe10bK28oxxn-U2rbDxUrSZBfMXor0yTJMUHtJcm3J9xm1PcFR-1aBQWJAxxTRf9M4QuCXKG6D3IdvQwBD0o7rzvgf4xdztzUldkFTXsANykqyxttJURNBQ0yh1-z8XV-4yEES81FQSaAM6qBPn_Y9Itp5-5Fi3KBIYD3PV1BQT4FoNOhCd-Xm9loaYvZjWt8YTAtq8XugCXsEgh4QsfRLSvnzPQBFsbM7w92heph0ZioXHhDUQypmXYhi-uM8TV_7VO7kwlc90dCXSY_ruDREOyvsP0Vq6bZsAm3ZQ&cid=CAQSSwDICaaNbBw0YE_sXqI6qiY4OP07Zo-AMLOdX4fzBXaD1ZnynEcr0EE4Zf-lGdhE7N-nvMKnxrejdwhZMsi1vzVec5E12VTttCLkBxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zulubet.com%2F&ds=l&xdt=1&iif=1&cor=4505687086479100400&adk=1761367587&idt=150&cac=0&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 16:21:57 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5NzcwNjQ1NDUxNjcwNAogIHNlcnZlcl9pcDogMTM5NzkzNjYwCiAgcHJvY2Vzc19pZDogMjY1MTcyMzc5Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame F500 0
851 B 122ms
56ms Image
image/png 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTY5NzcwNjQ1NDUxNjcwNAogIHNlcnZlcl9pcDogMTM5NzkzNjYwCiAgcHJvY2Vzc19pZDogMjY1MTcyMzc5Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vc29iZXJiZXJsaW4uY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDc4NjM1MjU3MzIwNzUzNzE3MjUKZGVidWdfa2V5OiA0MzkwOTkwMTcxOTc5NzMzNDYwCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMC0xOSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc1NDM3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTY3ODcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9zb2JlcmJlcmxpbi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x80f2d4a0c8c8180000000000000000","3":"0xad4de8da63d11a9d0000000000000000","4":"0xe56937d329686530000000000000000","5":"0x5e350041687312950000000000000000"},"debug_key":"4390990171979733460","debug_reporting":true,"destination":"https://soberberlin.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"7863525732075371725"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 33lgkyejwpt3 Show response
hal9000.redintelligence.net/zone/ Frame F500 12 KB
4 KB 88ms
32ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1697706453816085&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLcP41fEwZdXnMfapn88Ppc2PwASm5b2gaZ2cnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoElgJP0NUokusLABmllSIzQCvShqCnYZYv3ArYuAZJVGZD-uIY2Nikr0B5YCtR_X1gr9VQk2uD0RAeXo4ny-bAhEyyCillqgAYjzyrNhR7isct57G8Q6F16_P0dQrnTe9Ya4ccn7oF7WukSpEBQim3ME7S9zlowcYx5k-Bc3lXaP5loTaCP0y98J5NhfeUpTTttHKpHCf4zNcDMQut51a4CUZwj4hD9WAN7GICL_MY2LYhlJJtBYemuBS-HhehE7OmU_iN7cJF6hkO8ExjDX-dQv43iruFRNyRNuBjOdV14YRoqPJaC9DzrW6GnTs1km0ONik7697NzF35cm-oxOSQyQlOvc83Y4OrN7sKysGrX_p2mFe88T7EmMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlabzsOGBggMV9tTnAx2l5gNIEAEYASAAEgIHHfD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNbBw0YE_sXqI6qiY4OP07Zo-AMLOdX4fzBXaD1ZnynEcr0EE4Zf-lGdhE7N-nvMKnxrejdwhZMsi1vzVec5E12VTttCLkBxgB%26sig%3DAOD64_35A3QCZDr7vBpDm98qDJjPUEk6tw%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AmXHdX19VxkpYybv_yvabjlfVscOZO8I3pb5Kd5htyMq_2Uz9tGQ7P-Kw9EhVo2pdPhBFUB4YN8Lk69QMvoahvZK6LSs2SQRhr-FoPut9mIYgQEzoeR_9JaTrDsjlvXr1bWGtbcaq5eb0ivVj42hE8Iqvb7py75l6lk2YfbyC7FuTvLzE%26cry%3D1%26dbm_d%3DAKAmf-ASPjzaKzac0Tke-VXxGL1x-DYM_NvVt4OuOrUmgI9Q4LWjY8b_iO4ed1hI9k-RPD6zZZNftIf8dmRv9_IlYNnEJonkwHFFtPTkijsjwf1I0rn1EvkzbipgeYs_EsNo_wjqMDMVaxtXuGALR09W5ETRyYXruV_gxUgPqw2MCpZR5k_rY2Hr7c2jnE-7M-prHoKgg6h_ES0pBEgCcQT30_QWszXJSByT1z-pb51CD5x0dnz2DalVu5T952sQIBY_enV3p5Il5_2CCuwkQQCsENgZYhChUEdR8DWsPI9oH1lcJ53PeDk8enbYtWEVC877XbDAcyj-CB6tfZTq1gf2dXvNLkaRFsGDIOcC-0Sexje8vhboiJevKOUvBCoJtuCOPCnvy9jt4SZHorqSRpnq1KBBYwthzn4IzT_Iokut4Y_I5q17onqjXeZ5tPAqf-rWnViqzzjTWiTT3QBFEqjpXEAbIf9_HB14f_qerFnQg1ZK-7hyKtbPIEJ0eX1McKPcLsarh4p-LILy00Igy3mhL9xgSNJdPaZ8FLYRWljUdBulaHKN-bg%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=600&slotname=8551118301&adk=949524668&adf=1677439725&pi=t.ma~as.8551118301&w=163&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=163x600&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=331&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=SRv9sLNbEf&p=https%3A//www.zulubet.com&dtd=335
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7cdc6517c2c65f2a3abdd9c7508600086b66db6aa6591827337af9d19ec2e0c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4237
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D025 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4320840604477&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D025 0
20 B 61ms
61ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4320840604477&version=m202309260101&ct=77&x=1&cor=10645762170863964000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D025 16 KB
12 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmqBwYOM_EZkIC4cmouUIV02FfDrUWH2MZ-tvlUsfqq9jWQ67BMTEDwEkWm0MAAVrXubXTDLKxBRL7LFua14uacH4VLp1xQA1sZ153RP5WPrxrJaqA8Dp9aKmorCblvdhMv7S66jwk-mGnA-cipz_Sh7_q1MU5pHxOYdTs9HvKWAT2wd8&cry=1&dbm_d=AKAmf-DkJJB08WTgwJEcstVrsMs9VmxXdWpor4k9CqzNFS6ZHTbIiE0mAq7oQOzhf0-JBY84yZVu6ek9Vp9HcqaT4YvwrYj9BR9tPP558eVof6Wevcss-db-o8HZKv7XpYKOO73Npa0GwkJVG3GzWUGDRdDmJPcCvWt5bBrnEz3kqIcDGvaIaNpZ7vNEFVW5kS_C74NyBBHFJ5vKWwRDTqP9_a-xPxKRgxa_Rsskogp-KtWQSRHCokUfTiB8yBcQJREE4dDRSB5u5yMUgX7lty7tnCX4ys0LFfBd3pi0xeExi60kNUQc6ZbSseGvQRn88UClCJa_lr6I48bKI7k5BRI_JLzaHEJfn3LHykzZnct1ewMdaiAwwz_im6RCBNDgE_WktHYlMhEzUFzY3imP7ZJrN3GgMJFr-K4mZNEP6AJX5bWhZmXBixnkFlCsSSaA7_L-nLBZ8uoLuW4gkZK44RK8wLkkxCc01X-yp7JFPLeu2eaYqc5ltWg6GoglaSSe5s7iv6VxdtJqSpP-VSz_wdv8r1O4E__C1UXK71-1W6VdJvpUh-PCB_yz2-_6JQci7_FcUPML_I7M2m21mKaWif3PgF1miea5s6x76MGobWSRXJaeesDpmun_FBlPo70NSIQhyMgLiIS-3IHTsViqDfwE-wUIe30Iyv7b8ZiLUW0AJ_Q3cCMLSqMe4EWKOR11pmkBY00bNpHDRqHUHnuBMA23uryCOi0EjE4iGTCwuZF08Vd8LogrusjLRGTvF3jxvp1bKmAGQVt4Kjhv051-48NQ8l_cY-R_tuUXSypzRXdZSuENOUw1q3OAaP_Na5O7t7G4oNurJYqG7AWgLaYcop1Yyqljsgl3sS1YhnZutWoaBdmzKUZynbIc-jYCW3_M7ttONWL5YvHntiWrm25v8r9CWzl6Juvk0Tk_2ohovRguJVT9hImONpRmcaF89cDzXSNfXo8D2KhBAK3FGWopp8NzDZOKXqj8OqSUquYc9tomFMpZmIeualVG4nKPd1IZqNEfrUOHxDWzZ0Lbzz-qKYErzipXF9BBcOeg__xuj3-PhEUFTfnNyMumg1YbWXMI4WSy4er5dVqgYlAzY-LsTLvIeV_pplq_SkdNJ1ZL3e1NotePfag2xXr6WZOQYIHOH1q0sTbTQw6YBnx7V3kdNM0M90QPoPLM8rV9lia3KShpx4CF5bqtLzi41j1G3-LH3OKoPo3WycH-VkskF_CigJSsB674UdojzpREftYJTzLwgugEL-Pj4rCHkexCaGdY2qadQ3pTyGaAUXIPhyyNqxcGXGUfxrJ3Rw6ZJeeab3CJAA2heGbXeGKNS0q0MecfVi4FaHKF5jtCwbp_cAXBT2vD3SzPh_IqmaVim5dEiI5exuQHX6OFbQuPlt7HcGk4j6pIfEzh6B1Ij1SdRMW9N9hzXvc0aZkVfiR5JxU65IP_r-WTemCO44HoagOd-iuCtD17uHZ_pfaUgFhKnUM573V9gXnf-ReszPugxikdzl6xJznsCMxWZT23EC3URTEh0LN1fBbOaxHs7Zp-v96-jTAJuwb9uqObTW_8N7-ttpK1ROyIVa2g4YEC6AyqJtR7DpU-u_antWsqsC5BzUingmW9jbeugwaIbuOUJWVTKldBCthKc0fb19JB9OvONJ5kxykyL4Q8X5bXlny6MWk4UurFxqrLKRxg5ubMXwgkxpzrHSjzK9wn9oxrl7FrS97weYILVTDbTPO3x03qmlRXrdEtqn2VwgnosBR50mQ3AQKOmkFS99IjmxcIKwfUMcmJJqoY5U-mt1bvxYxTkONoD3rD2OsZvivNfTw8s81rUV8_fXZ2dACJR8hsk2TfXCrd5L5i-TlSnE6rlBvfvaeqmdkGvFRpFdcq0khFkYxIlORw_-Lz683sYZtEidbXSKclTKpoLyMASjq_y43aiYy55sd043QpAHA-0zgIWs3MoNKd-tuqvy7HdUJjjRkLpwiifNkovdM7jfKAoJxu4JV4EJGw6vNChdBcNobT74zP01rOJYfPQJ8cFkXPpUsKbVHG1UmEdPRJ6WFA4uNls15E-s1D4Tm7gbEYibJUOkJV7F8Zk3swS1-3UUX7B5woIE5ZkEKQPeHeX8Z_tGhYYkSriyq_qDextHBgMe7wbQBplYVmB_LYkl5T9FxyOQ6tgWDDs7Hp-xt2YylWEmBEES0uwBC-ohV_4LVPyp-BYDUPsCH-lSn2uoG7RsK8PqcjfGTxBr4JqwehNGVkPYsa5Z_XCFXneMT053QoG5ZQh7Y5_V3k5S4QfaB4Lg25-4h0tYxhmmptX9Yy1R8alxjT5PqJxceZSFhp5DeWJHyzQLSVCUkrCzDHew0nD0z6eZ5Pqx-xSUIgegoydXN9wGFlzUOC0xQVTpdsuM_5MYomX09U5qE3Bg6XZ8bp1UFla7hIMF0yN2e3uBC5CtJpeZxEQJ7AbrItK6oralwgaifA-4wdkIExTli2V5VAQUGxqOnp69zYJlwSgtJPJEFJHwW3tOLLpjlPpB7KHaGUHhUXdbOFxKCKsgdMIUWosxOyif15HeEKO1SpfLiTz-AwREdlMEhfcnU__5SXb2bqZeVeGIyATerlZk7hrcBpzexdgljH1Li_kF4GKQhhi1ZciJn4CLQkNW5hzRZFUr-8_ob2w228HusJ6XNyJ6QHdlnpLKWa-eYQSa1fVKm48U3TL44NIZ7gPfUI3Su9qow7bm3PjWghO484xcEexe7QqfoGp81nvmX1kepQ-pcN6Mcg6k5Ye09NQfFKv2DYg94K_LFBEUii8a7TipCiPS-46CxYf1JcjyK11m6uUP450OgfwCngmrUjeoU9Kv8a2gpIcuZNVOog55Ch0YyuNmaHlYKgaLyy0CbEpE-6Jxr3E09RtounAswhosZepkuiG4glYOM7xsARMWYlIx1yNe9NNQXw1NZdqu_iorFLbGSx1Y3btlcyxUDyLr7ClI7MhMLRBNeh6F7Uj-rhMWSKObZJ_xDrszqLBuIOsl947qWe5bALW4kWD6Yik9OptHhbYWqH-LZ0MICiSmK5QeY8-wr_WM62CAnBeSbd-SGFMiab6DNYu2dKoH3Xa1gy8jC8pm-8fxTOzW_g4xyJbZuURct4sGh5j3Y1kChrmGJ8Wzzp-5vC4QXJfOBTactxdxTOZOT275CDyMdlkfW5myziNPUqOBI69SM63Y52DggrS7a8UJD1RZQ9OeUP-47kWKu59D7zxRJF-t8S4fs2hZoZ6xOBNI9c2__fyJLHTjO59ytPPt3pzBvbOH89LfPh25gCnAKVSt4qgDHifFCq8xQEFKpNphwGLTn_I5in4ZorhxTQaLZ75DpwfgGCVPU_N2H1EY_BlWT2kpKxZNPXBh1jXx54-EoeXTD4Xld5RsJCfMo2c8AhGpl8_XPOEYZjaMKEed5LgDlpX1IIfPF6-tC5RL-mvxLxrzqowU793AoGXpwh8kg1o5oDQwsYhpKZ3tS5wabV7wf33eignUOT6nzyZDBEidzljh_ZC7clLzbM8H57cZMiKfhbhwDC9A19ADJZo020zNwgWCKEG2Jju1PPqhyVX6lJ9xt0o3r9-99Co7a_sPCHpJYixbMTyk0V394_GAMcgA-T42hCah0dmbBnohAnouRHjx3dWbb1XzLt6arbVSLbtOz5g5SnLTJP86XzFDVKw3gOZbcFNnEUZ0uzuupIQ_f-nsbrRipYsSlEtec_UlbTlGyHuRfFoz1NytBXLHwy-NwatRLrlQtKcr21CXjdOw-FvNsNFlOnVXbIR9L3LUe59pyqJFaxire07r0ZbeoI7e2skJNYpsZPhAwEZevm06uCvkywQWdB2QfS0NqOhzhEkKl-vlz0GwAO5w83gehJGKVh-AZ2FHj7O8zd6rU-sn1a1RpylA5TVI4a37Nvq3JR&cid=CAQSSwDICaaNIBgUylEJ_vTnR8_XwBhHR8DrZJnSwd6yjt-nM6bCmo-y0xRfoPeP4uq4-q3b4RUAWl20WbHndv7OxhvBCGYfHqobH83TsRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zulubet.com%2F&ds=l&xdt=1&iif=1&cor=10645762170863964000&adk=521587874&idt=127&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a5fe37663c7ec74b80ba81f3c79ddb3d1830181e97f9b394c01f940d3ff2958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12338
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2AEE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmope1fEwZcuSLv2M-cAP38mIgAaNxdbVc9b28bz_Efnc7cXaQBABIJvF0QlglYKAgLAHoAGDwK6VAsgBAqgDAcgDyQSqBPgBT9De7ydh11gEtNsYI_pgs3zSQcTo6ejUKi0Mw03SpOnPTeH...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215185676101211556728%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%...

0
0

94ms
53ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215185676101211556728%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581672963%22],%224%22:[%2210-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217881773035992943761%22}&andc=true

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15185676101211556728","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581672963"],"4":["10-19"],"6":["true"]},"priority":"500","source_event_id":"17881773035992943761"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Oct 2023 09:07:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Oct 2023 09:07:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15185676101211556728","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581672963"],"4":["10-19"],"6":["true"]},"priority":"500","source_event_id":"17881773035992943761"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 5910 2 KB
892 B 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=280&slotname=7474555108&adk=2099416891&adf=1207574245&pi=t.ma~as.7474555108&w=790&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=790x280&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453383&bpp=2&bdt=173&idt=313&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=257&ady=111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=kYFTk09gYG&p=https%3A//www.zulubet.com&dtd=319

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 22:52:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 5910 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 14:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 14:03:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 5910 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:21:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 5910 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 16:21:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5910 187 KB
59 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 09:07:34 GMT

GET
H3 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 5910 35 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0290
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:34 GMT
expires: Thu, 19 Oct 2023 09:07:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 117ms
54ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 19 Oct 2023 09:07:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 5910 24 KB
25 KB 102ms
20ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTT8ovlaKfJF1H8K6nV_faC1yKkoFz5d5XiOhAdGYMz0T72COURzIBcPN-2Us4&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ff07a9c9090794341fe97d494426a8b06472f64f52b8aac507132bb92d5d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:02:09 GMT
x-content-type-options: nosniff
age: 565525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24749
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 03:46:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 11 Oct 2024 20:02:09 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 5910 25 KB
25 KB 119ms
38ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQTgtRI2I0Jqym7vwmabZx55Nc-uLUu5n1vR1MzF0d-mpHtE2_2pnV-0MBmqg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b7249c6d06141077a64d7270cd095bd6f3bf5196eb4939bb252827309003d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 14:35:28 GMT
x-content-type-options: nosniff
age: 412326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25651
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 02:33:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 13 Oct 2024 14:35:28 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 5910 10 KB
10 KB 99ms
40ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQmnJJanRiz5Tx1rFpXlszTWuMJTPP7OaXxWEf1_mnz85DexNyGp1LkBbXCkg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9e14f2871c4fd7651fea58568d351022005c31f01a69ad2e3536b1184f33804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 12:36:30 GMT
x-content-type-options: nosniff
age: 592264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10423
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 00:14:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 11 Oct 2024 12:36:30 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 5910 25 KB
26 KB 79ms
21ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSpBFYaj8a4vxICddi7Oj_b0BZAaJfPlFsZO0PKIJ4panL9w69fw2GU9HNYrQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d543d8a4f078929ac02cef84ee84622eb87e9951121c69f5bbce7c1057c68fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 14:09:58 GMT
x-content-type-options: nosniff
age: 241056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25960
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 03:27:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 15 Oct 2024 14:09:58 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 5910 44 KB
45 KB 78ms
19ms Image
image/png 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTnWtgur2jrgVWMpR81bfoyEym3PJOGSETcFhf7AfsvvvhMVB7E&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd638405d0d55950ef600f4ec344840851c4077b93e50d09ee28bb6a6d0ebdcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 17:43:18 GMT
x-content-type-options: nosniff
age: 141856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45337
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 21:24:18 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 16 Oct 2024 17:43:18 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D025 41 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmqBwYOM_EZkIC4cmouUIV02FfDrUWH2MZ-tvlUsfqq9jWQ67BMTEDwEkWm0MAAVrXubXTDLKxBRL7LFua14uacH4VLp1xQA1sZ153RP5WPrxrJaqA8Dp9aKmorCblvdhMv7S66jwk-mGnA-cipz_Sh7_q1MU5pHxOYdTs9HvKWAT2wd8&cry=1&dbm_d=AKAmf-DkJJB08WTgwJEcstVrsMs9VmxXdWpor4k9CqzNFS6ZHTbIiE0mAq7oQOzhf0-JBY84yZVu6ek9Vp9HcqaT4YvwrYj9BR9tPP558eVof6Wevcss-db-o8HZKv7XpYKOO73Npa0GwkJVG3GzWUGDRdDmJPcCvWt5bBrnEz3kqIcDGvaIaNpZ7vNEFVW5kS_C74NyBBHFJ5vKWwRDTqP9_a-xPxKRgxa_Rsskogp-KtWQSRHCokUfTiB8yBcQJREE4dDRSB5u5yMUgX7lty7tnCX4ys0LFfBd3pi0xeExi60kNUQc6ZbSseGvQRn88UClCJa_lr6I48bKI7k5BRI_JLzaHEJfn3LHykzZnct1ewMdaiAwwz_im6RCBNDgE_WktHYlMhEzUFzY3imP7ZJrN3GgMJFr-K4mZNEP6AJX5bWhZmXBixnkFlCsSSaA7_L-nLBZ8uoLuW4gkZK44RK8wLkkxCc01X-yp7JFPLeu2eaYqc5ltWg6GoglaSSe5s7iv6VxdtJqSpP-VSz_wdv8r1O4E__C1UXK71-1W6VdJvpUh-PCB_yz2-_6JQci7_FcUPML_I7M2m21mKaWif3PgF1miea5s6x76MGobWSRXJaeesDpmun_FBlPo70NSIQhyMgLiIS-3IHTsViqDfwE-wUIe30Iyv7b8ZiLUW0AJ_Q3cCMLSqMe4EWKOR11pmkBY00bNpHDRqHUHnuBMA23uryCOi0EjE4iGTCwuZF08Vd8LogrusjLRGTvF3jxvp1bKmAGQVt4Kjhv051-48NQ8l_cY-R_tuUXSypzRXdZSuENOUw1q3OAaP_Na5O7t7G4oNurJYqG7AWgLaYcop1Yyqljsgl3sS1YhnZutWoaBdmzKUZynbIc-jYCW3_M7ttONWL5YvHntiWrm25v8r9CWzl6Juvk0Tk_2ohovRguJVT9hImONpRmcaF89cDzXSNfXo8D2KhBAK3FGWopp8NzDZOKXqj8OqSUquYc9tomFMpZmIeualVG4nKPd1IZqNEfrUOHxDWzZ0Lbzz-qKYErzipXF9BBcOeg__xuj3-PhEUFTfnNyMumg1YbWXMI4WSy4er5dVqgYlAzY-LsTLvIeV_pplq_SkdNJ1ZL3e1NotePfag2xXr6WZOQYIHOH1q0sTbTQw6YBnx7V3kdNM0M90QPoPLM8rV9lia3KShpx4CF5bqtLzi41j1G3-LH3OKoPo3WycH-VkskF_CigJSsB674UdojzpREftYJTzLwgugEL-Pj4rCHkexCaGdY2qadQ3pTyGaAUXIPhyyNqxcGXGUfxrJ3Rw6ZJeeab3CJAA2heGbXeGKNS0q0MecfVi4FaHKF5jtCwbp_cAXBT2vD3SzPh_IqmaVim5dEiI5exuQHX6OFbQuPlt7HcGk4j6pIfEzh6B1Ij1SdRMW9N9hzXvc0aZkVfiR5JxU65IP_r-WTemCO44HoagOd-iuCtD17uHZ_pfaUgFhKnUM573V9gXnf-ReszPugxikdzl6xJznsCMxWZT23EC3URTEh0LN1fBbOaxHs7Zp-v96-jTAJuwb9uqObTW_8N7-ttpK1ROyIVa2g4YEC6AyqJtR7DpU-u_antWsqsC5BzUingmW9jbeugwaIbuOUJWVTKldBCthKc0fb19JB9OvONJ5kxykyL4Q8X5bXlny6MWk4UurFxqrLKRxg5ubMXwgkxpzrHSjzK9wn9oxrl7FrS97weYILVTDbTPO3x03qmlRXrdEtqn2VwgnosBR50mQ3AQKOmkFS99IjmxcIKwfUMcmJJqoY5U-mt1bvxYxTkONoD3rD2OsZvivNfTw8s81rUV8_fXZ2dACJR8hsk2TfXCrd5L5i-TlSnE6rlBvfvaeqmdkGvFRpFdcq0khFkYxIlORw_-Lz683sYZtEidbXSKclTKpoLyMASjq_y43aiYy55sd043QpAHA-0zgIWs3MoNKd-tuqvy7HdUJjjRkLpwiifNkovdM7jfKAoJxu4JV4EJGw6vNChdBcNobT74zP01rOJYfPQJ8cFkXPpUsKbVHG1UmEdPRJ6WFA4uNls15E-s1D4Tm7gbEYibJUOkJV7F8Zk3swS1-3UUX7B5woIE5ZkEKQPeHeX8Z_tGhYYkSriyq_qDextHBgMe7wbQBplYVmB_LYkl5T9FxyOQ6tgWDDs7Hp-xt2YylWEmBEES0uwBC-ohV_4LVPyp-BYDUPsCH-lSn2uoG7RsK8PqcjfGTxBr4JqwehNGVkPYsa5Z_XCFXneMT053QoG5ZQh7Y5_V3k5S4QfaB4Lg25-4h0tYxhmmptX9Yy1R8alxjT5PqJxceZSFhp5DeWJHyzQLSVCUkrCzDHew0nD0z6eZ5Pqx-xSUIgegoydXN9wGFlzUOC0xQVTpdsuM_5MYomX09U5qE3Bg6XZ8bp1UFla7hIMF0yN2e3uBC5CtJpeZxEQJ7AbrItK6oralwgaifA-4wdkIExTli2V5VAQUGxqOnp69zYJlwSgtJPJEFJHwW3tOLLpjlPpB7KHaGUHhUXdbOFxKCKsgdMIUWosxOyif15HeEKO1SpfLiTz-AwREdlMEhfcnU__5SXb2bqZeVeGIyATerlZk7hrcBpzexdgljH1Li_kF4GKQhhi1ZciJn4CLQkNW5hzRZFUr-8_ob2w228HusJ6XNyJ6QHdlnpLKWa-eYQSa1fVKm48U3TL44NIZ7gPfUI3Su9qow7bm3PjWghO484xcEexe7QqfoGp81nvmX1kepQ-pcN6Mcg6k5Ye09NQfFKv2DYg94K_LFBEUii8a7TipCiPS-46CxYf1JcjyK11m6uUP450OgfwCngmrUjeoU9Kv8a2gpIcuZNVOog55Ch0YyuNmaHlYKgaLyy0CbEpE-6Jxr3E09RtounAswhosZepkuiG4glYOM7xsARMWYlIx1yNe9NNQXw1NZdqu_iorFLbGSx1Y3btlcyxUDyLr7ClI7MhMLRBNeh6F7Uj-rhMWSKObZJ_xDrszqLBuIOsl947qWe5bALW4kWD6Yik9OptHhbYWqH-LZ0MICiSmK5QeY8-wr_WM62CAnBeSbd-SGFMiab6DNYu2dKoH3Xa1gy8jC8pm-8fxTOzW_g4xyJbZuURct4sGh5j3Y1kChrmGJ8Wzzp-5vC4QXJfOBTactxdxTOZOT275CDyMdlkfW5myziNPUqOBI69SM63Y52DggrS7a8UJD1RZQ9OeUP-47kWKu59D7zxRJF-t8S4fs2hZoZ6xOBNI9c2__fyJLHTjO59ytPPt3pzBvbOH89LfPh25gCnAKVSt4qgDHifFCq8xQEFKpNphwGLTn_I5in4ZorhxTQaLZ75DpwfgGCVPU_N2H1EY_BlWT2kpKxZNPXBh1jXx54-EoeXTD4Xld5RsJCfMo2c8AhGpl8_XPOEYZjaMKEed5LgDlpX1IIfPF6-tC5RL-mvxLxrzqowU793AoGXpwh8kg1o5oDQwsYhpKZ3tS5wabV7wf33eignUOT6nzyZDBEidzljh_ZC7clLzbM8H57cZMiKfhbhwDC9A19ADJZo020zNwgWCKEG2Jju1PPqhyVX6lJ9xt0o3r9-99Co7a_sPCHpJYixbMTyk0V394_GAMcgA-T42hCah0dmbBnohAnouRHjx3dWbb1XzLt6arbVSLbtOz5g5SnLTJP86XzFDVKw3gOZbcFNnEUZ0uzuupIQ_f-nsbrRipYsSlEtec_UlbTlGyHuRfFoz1NytBXLHwy-NwatRLrlQtKcr21CXjdOw-FvNsNFlOnVXbIR9L3LUe59pyqJFaxire07r0ZbeoI7e2skJNYpsZPhAwEZevm06uCvkywQWdB2QfS0NqOhzhEkKl-vlz0GwAO5w83gehJGKVh-AZ2FHj7O8zd6rU-sn1a1RpylA5TVI4a37Nvq3JR&cid=CAQSSwDICaaNIBgUylEJ_vTnR8_XwBhHR8DrZJnSwd6yjt-nM6bCmo-y0xRfoPeP4uq4-q3b4RUAWl20WbHndv7OxhvBCGYfHqobH83TsRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zulubet.com%2F&ds=l&xdt=1&iif=1&cor=10645762170863964000&adk=521587874&idt=127&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 23:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 23:39:12 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame D025 12 KB
4 KB 74ms
24ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1697706453787943&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjgRZ1fEwZeeLMLqvn88PotKw4AWm5b2gaYWVnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoEkQJP0OQ2qk3UfRe45JOo360tcz_urxPuNQVwBSjh7zqAzMX2Cxfno6AMiAEuXRT3ZqYLGiUsp0-nkAF8m3gL9lokv1zE-0V1BkqhOVOMrnzifvvzfGtyEeRDMl7ffIQQ0X9-UK0eTRf_YXBdApM3r35GZFhEFld4F1tBHJIzadf3uyun2b0xwmGYqTSR1GYZccUxyb09_W8nqRsQmgq1G3MCeEHgD5hAg4ZSTl88akJxHwppnbaDvX_zOdBz682AWCcjppUIdoB7njVrcRRNDsR9OCUfMWUzA0WTjEmlr_HTQjjgalYy4GaVh4pTHobGKLpHcJM41MtTBxQfw11gYym4RL9Ey1Q3mKKVoDciyvSUKlzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIp8rxsOGBggMVutfnAx0iKQxcEAEYASAAEgKpqvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIBgUylEJ_vTnR8_XwBhHR8DrZJnSwd6yjt-nM6bCmo-y0xRfoPeP4uq4-q3b4RUAWl20WbHndv7OxhvBCGYfHqobH83TsRgB%26sig%3DAOD64_0efX0lrL9nX2WJHbShnLt9Y8QbLg%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AGBMV_eDCqijRBw-467VTmsohJNan60Qr89vqxCZmquGhudKT9qq_elGe6m_p724DnsRfG2BX89dHhucTvdH4HxnzANdkE-Y1UDBjUdbJW4M4T-FN1Vm24ASH6zG2JK2Dj6VtJEoeRXUOCGn0VKs2xFupfQ2qrqGK3Gc3xReDNy6if3Hw%26cry%3D1%26dbm_d%3DAKAmf-C76y0wXm-8b7I9HTQ7UK7-8iBOudt7f59cCtXN5N95xi-GWhXv4S0NP7iEOiji2N5-HYq4fbi02v_yWzuNk6LkZIGx8PuES5hOa0A1iYLhdsIMAP8mxHE4-PWw-fwYfw6HMn53LXd1rhpD7VLWtFVwrB1KNTBQP2k-P-VAAZ_IpYyp56i9yazavhjGc5pYW9IeJm1ubUsubVJjBOLpR-WFCvl1v4lv50jznEXYJJRcmxYwrWkmYHgifWdYrdBXL5sf_SQUZbB7A5vQa_UcyQ2-NOn0d-jr1Z4q5dNP1g9BdgumLG_zGdLB-XZciYZVQtOAACUcVLW_fDE1KEpTCZ_Z_BLVN97e0dWCoTSldP9mPvB9YojxTSijbReF5b_CmlfEs5t8cjvqAmDudYGiAAVUJsCkEcIhlLkGEd2U0cTgdq2N5tn_oQFtTUT58KKVVgzdV4ZRVvKds-DFa9TbvInS04wVPKQSH7NRT0zwG38dpoIluAkKs67BJukojFYPRLxM9p4VQrPuxDyMBOGSiV8cm9sj8gE5_QY3PCo8Zzhhw1jLOZY%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2ba6e14f43ee59f6c6f8e3bb68c6487d2cc70432e07d599c19ea2e23013126af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:34 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4233
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame F500
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=63a2be29f4&subid=&uid=08080716f7966840&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=63a2be29f4&subid=&uid=08080716f7966840&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

149ms
93ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=63a2be29f4&subid=&uid=08080716f7966840&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLcP41fEwZdXnMfapn88Ppc2PwASm5b2gaZ2cnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoElgJP0NUokusLABmllSIzQCvShqCnYZYv3ArYuAZJVGZD-uIY2Nikr0B5YCtR_X1gr9VQk2uD0RAeXo4ny-bAhEyyCillqgAYjzyrNhR7isct57G8Q6F16_P0dQrnTe9Ya4ccn7oF7WukSpEBQim3ME7S9zlowcYx5k-Bc3lXaP5loTaCP0y98J5NhfeUpTTttHKpHCf4zNcDMQut51a4CUZwj4hD9WAN7GICL_MY2LYhlJJtBYemuBS-HhehE7OmU_iN7cJF6hkO8ExjDX-dQv43iruFRNyRNuBjOdV14YRoqPJaC9DzrW6GnTs1km0ONik7697NzF35cm-oxOSQyQlOvc83Y4OrN7sKysGrX_p2mFe88T7EmMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlabzsOGBggMV9tTnAx2l5gNIEAEYASAAEgIHHfD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNbBw0YE_sXqI6qiY4OP07Zo-AMLOdX4fzBXaD1ZnynEcr0EE4Zf-lGdhE7N-nvMKnxrejdwhZMsi1vzVec5E12VTttCLkBxgB%26sig%3DAOD64_35A3QCZDr7vBpDm98qDJjPUEk6tw%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AmXHdX19VxkpYybv_yvabjlfVscOZO8I3pb5Kd5htyMq_2Uz9tGQ7P-Kw9EhVo2pdPhBFUB4YN8Lk69QMvoahvZK6LSs2SQRhr-FoPut9mIYgQEzoeR_9JaTrDsjlvXr1bWGtbcaq5eb0ivVj42hE8Iqvb7py75l6lk2YfbyC7FuTvLzE%26cry%3D1%26dbm_d%3DAKAmf-ASPjzaKzac0Tke-VXxGL1x-DYM_NvVt4OuOrUmgI9Q4LWjY8b_iO4ed1hI9k-RPD6zZZNftIf8dmRv9_IlYNnEJonkwHFFtPTkijsjwf1I0rn1EvkzbipgeYs_EsNo_wjqMDMVaxtXuGALR09W5ETRyYXruV_gxUgPqw2MCpZR5k_rY2Hr7c2jnE-7M-prHoKgg6h_ES0pBEgCcQT30_QWszXJSByT1z-pb51CD5x0dnz2DalVu5T952sQIBY_enV3p5Il5_2CCuwkQQCsENgZYhChUEdR8DWsPI9oH1lcJ53PeDk8enbYtWEVC877XbDAcyj-CB6tfZTq1gf2dXvNLkaRFsGDIOcC-0Sexje8vhboiJevKOUvBCoJtuCOPCnvy9jt4SZHorqSRpnq1KBBYwthzn4IzT_Iokut4Y_I5q17onqjXeZ5tPAqf-rWnViqzzjTWiTT3QBFEqjpXEAbIf9_HB14f_qerFnQg1ZK-7hyKtbPIEJ0eX1McKPcLsarh4p-LILy00Igy3mhL9xgSNJdPaZ8FLYRWljUdBulaHKN-bg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8982153739516837%26output%3Dhtml%26h%3D600%26slotname%3D8551118301%26adk%3D949524668%26adf%3D1677439725%26pi%3Dt.ma~as.8551118301%26w%3D163%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697699253%26rafmt%3D1%26format%3D163x600%26url%3Dhttps%253A%252F%252Fwww.zulubet.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697706453387%26bpp%3D1%26bdt%3D177%26idt%3D331%26shv%3Dr20231011%26mjsv%3Dm202310180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C790x280%252C790x280%26nras%3D1%26correlator%3D1177806398676%26frm%3D20%26pv%3D1%26ga_vid%3D519388589.1697706454%26ga_sid%3D1697706454%26ga_hid%3D281170332%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1180%26ady%3D447%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078831%252C42531706%252C44795921%252C44805112%252C44805533%252C44805681%252C44805921%252C44805931%252C31078301%252C31078965%26oid%3D2%26pvsid%3D2704896093098797%26tmod%3D524980490%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DSRv9sLNbEf%26p%3Dhttps%253A%2F%2Fwww.zulubet.com%26dtd%3D335&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.zulubet.com&random=5261103813532&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=600&slotname=8551118301&adk=949524668&adf=1677439725&pi=t.ma~as.8551118301&w=163&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=163x600&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=331&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=SRv9sLNbEf&p=https%3A//www.zulubet.com&dtd=335
Protocol: HTTP/1.1
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: d6087acaa274a3252f6d52ddb3582e93e369aee84b15b50bc7846ca9d55776be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Oct 2023 09:07:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 93078200051456404444556012482021
Connection: close
Content-Length: 1306
Expires: Thu, 19 Oct 2023 10:07:35 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 19 Oct 2023 09:07:34 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=63a2be29f4&subid=&uid=08080716f7966840&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLcP41fEwZdXnMfapn88Ppc2PwASm5b2gaZ2cnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoElgJP0NUokusLABmllSIzQCvShqCnYZYv3ArYuAZJVGZD-uIY2Nikr0B5YCtR_X1gr9VQk2uD0RAeXo4ny-bAhEyyCillqgAYjzyrNhR7isct57G8Q6F16_P0dQrnTe9Ya4ccn7oF7WukSpEBQim3ME7S9zlowcYx5k-Bc3lXaP5loTaCP0y98J5NhfeUpTTttHKpHCf4zNcDMQut51a4CUZwj4hD9WAN7GICL_MY2LYhlJJtBYemuBS-HhehE7OmU_iN7cJF6hkO8ExjDX-dQv43iruFRNyRNuBjOdV14YRoqPJaC9DzrW6GnTs1km0ONik7697NzF35cm-oxOSQyQlOvc83Y4OrN7sKysGrX_p2mFe88T7EmMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlabzsOGBggMV9tTnAx2l5gNIEAEYASAAEgIHHfD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNbBw0YE_sXqI6qiY4OP07Zo-AMLOdX4fzBXaD1ZnynEcr0EE4Zf-lGdhE7N-nvMKnxrejdwhZMsi1vzVec5E12VTttCLkBxgB%26sig%3DAOD64_35A3QCZDr7vBpDm98qDJjPUEk6tw%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AmXHdX19VxkpYybv_yvabjlfVscOZO8I3pb5Kd5htyMq_2Uz9tGQ7P-Kw9EhVo2pdPhBFUB4YN8Lk69QMvoahvZK6LSs2SQRhr-FoPut9mIYgQEzoeR_9JaTrDsjlvXr1bWGtbcaq5eb0ivVj42hE8Iqvb7py75l6lk2YfbyC7FuTvLzE%26cry%3D1%26dbm_d%3DAKAmf-ASPjzaKzac0Tke-VXxGL1x-DYM_NvVt4OuOrUmgI9Q4LWjY8b_iO4ed1hI9k-RPD6zZZNftIf8dmRv9_IlYNnEJonkwHFFtPTkijsjwf1I0rn1EvkzbipgeYs_EsNo_wjqMDMVaxtXuGALR09W5ETRyYXruV_gxUgPqw2MCpZR5k_rY2Hr7c2jnE-7M-prHoKgg6h_ES0pBEgCcQT30_QWszXJSByT1z-pb51CD5x0dnz2DalVu5T952sQIBY_enV3p5Il5_2CCuwkQQCsENgZYhChUEdR8DWsPI9oH1lcJ53PeDk8enbYtWEVC877XbDAcyj-CB6tfZTq1gf2dXvNLkaRFsGDIOcC-0Sexje8vhboiJevKOUvBCoJtuCOPCnvy9jt4SZHorqSRpnq1KBBYwthzn4IzT_Iokut4Y_I5q17onqjXeZ5tPAqf-rWnViqzzjTWiTT3QBFEqjpXEAbIf9_HB14f_qerFnQg1ZK-7hyKtbPIEJ0eX1McKPcLsarh4p-LILy00Igy3mhL9xgSNJdPaZ8FLYRWljUdBulaHKN-bg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8982153739516837%26output%3Dhtml%26h%3D600%26slotname%3D8551118301%26adk%3D949524668%26adf%3D1677439725%26pi%3Dt.ma~as.8551118301%26w%3D163%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697699253%26rafmt%3D1%26format%3D163x600%26url%3Dhttps%253A%252F%252Fwww.zulubet.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697706453387%26bpp%3D1%26bdt%3D177%26idt%3D331%26shv%3Dr20231011%26mjsv%3Dm202310180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C790x280%252C790x280%26nras%3D1%26correlator%3D1177806398676%26frm%3D20%26pv%3D1%26ga_vid%3D519388589.1697706454%26ga_sid%3D1697706454%26ga_hid%3D281170332%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1180%26ady%3D447%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078831%252C42531706%252C44795921%252C44805112%252C44805533%252C44805681%252C44805921%252C44805931%252C31078301%252C31078965%26oid%3D2%26pvsid%3D2704896093098797%26tmod%3D524980490%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DSRv9sLNbEf%26p%3Dhttps%253A%2F%2Fwww.zulubet.com%26dtd%3D335&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.zulubet.com&random=5261103813532&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 19 Oct 2023 10:07:34 +0200

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9B54 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 60336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 16:21:58 GMT
expires: Thu, 17 Oct 2024 16:21:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FB33
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
29ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:34 GMT
expires: Thu, 19 Oct 2023 09:07:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:34 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js Show response
pagead2.googlesyndication.com/bg/ Frame 40E2 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:00:03 GMT

GET
DATA 200
OK truncated
/ Frame 5910 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 077384909cbb42379ffef2a592cd07d4006c0525fb1d585e51f0a07fdb2b3761

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8E96 38 KB
13 KB 31ms
20ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 540035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Oct 2023 03:06:59 GMT
expires: Sat, 12 Oct 2024 03:06:59 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5910
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CSrf51fEwZbuwLZipiQbZyarIAeX-sMhzkKywpakQ4OH78s0wEAEgm8XRCWCVgoCAsAegAbyz9rkpyAEJqQIHHZwZ4KuxPqgDAcgDywSqBIICT9BDIqtkZ6WDrpxfojmrmnxuHt692ehzD7c...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212343433556008677704%22,%22debug_reporting%22:true,%22destination%22:%22https://leslunes.de%22,%22event_report_window%22:%...

0
0

59ms
59ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212343433556008677704%22,%22debug_reporting%22:true,%22destination%22:%22https://leslunes.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211127331260%22],%224%22:[%2210-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217486080939820666625%22}&andc=true

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12343433556008677704","debug_reporting":true,"destination":"https://leslunes.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11127331260"],"4":["10-19"],"6":["true"]},"priority":"500","source_event_id":"17486080939820666625"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Oct 2023 09:07:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 19 Oct 2023 09:07:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12343433556008677704","debug_reporting":true,"destination":"https://leslunes.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11127331260"],"4":["10-19"],"6":["true"]},"priority":"500","source_event_id":"17486080939820666625"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js Show response
pagead2.googlesyndication.com/bg/ Frame 524B 37 KB
14 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:00:03 GMT

GET
H/1.1 200
OK request.php Show response
hal900025.redintelligence.net/ Frame D025 4 KB
2 KB 161ms
94ms Script
application/x-javascript 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4039593d95&subid=&uid=682ec01cba19238c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjgRZ1fEwZeeLMLqvn88PotKw4AWm5b2gaYWVnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoEkQJP0OQ2qk3UfRe45JOo360tcz_urxPuNQVwBSjh7zqAzMX2Cxfno6AMiAEuXRT3ZqYLGiUsp0-nkAF8m3gL9lokv1zE-0V1BkqhOVOMrnzifvvzfGtyEeRDMl7ffIQQ0X9-UK0eTRf_YXBdApM3r35GZFhEFld4F1tBHJIzadf3uyun2b0xwmGYqTSR1GYZccUxyb09_W8nqRsQmgq1G3MCeEHgD5hAg4ZSTl88akJxHwppnbaDvX_zOdBz682AWCcjppUIdoB7njVrcRRNDsR9OCUfMWUzA0WTjEmlr_HTQjjgalYy4GaVh4pTHobGKLpHcJM41MtTBxQfw11gYym4RL9Ey1Q3mKKVoDciyvSUKlzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIp8rxsOGBggMVutfnAx0iKQxcEAEYASAAEgKpqvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIBgUylEJ_vTnR8_XwBhHR8DrZJnSwd6yjt-nM6bCmo-y0xRfoPeP4uq4-q3b4RUAWl20WbHndv7OxhvBCGYfHqobH83TsRgB%26sig%3DAOD64_0efX0lrL9nX2WJHbShnLt9Y8QbLg%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AGBMV_eDCqijRBw-467VTmsohJNan60Qr89vqxCZmquGhudKT9qq_elGe6m_p724DnsRfG2BX89dHhucTvdH4HxnzANdkE-Y1UDBjUdbJW4M4T-FN1Vm24ASH6zG2JK2Dj6VtJEoeRXUOCGn0VKs2xFupfQ2qrqGK3Gc3xReDNy6if3Hw%26cry%3D1%26dbm_d%3DAKAmf-C76y0wXm-8b7I9HTQ7UK7-8iBOudt7f59cCtXN5N95xi-GWhXv4S0NP7iEOiji2N5-HYq4fbi02v_yWzuNk6LkZIGx8PuES5hOa0A1iYLhdsIMAP8mxHE4-PWw-fwYfw6HMn53LXd1rhpD7VLWtFVwrB1KNTBQP2k-P-VAAZ_IpYyp56i9yazavhjGc5pYW9IeJm1ubUsubVJjBOLpR-WFCvl1v4lv50jznEXYJJRcmxYwrWkmYHgifWdYrdBXL5sf_SQUZbB7A5vQa_UcyQ2-NOn0d-jr1Z4q5dNP1g9BdgumLG_zGdLB-XZciYZVQtOAACUcVLW_fDE1KEpTCZ_Z_BLVN97e0dWCoTSldP9mPvB9YojxTSijbReF5b_CmlfEs5t8cjvqAmDudYGiAAVUJsCkEcIhlLkGEd2U0cTgdq2N5tn_oQFtTUT58KKVVgzdV4ZRVvKds-DFa9TbvInS04wVPKQSH7NRT0zwG38dpoIluAkKs67BJukojFYPRLxM9p4VQrPuxDyMBOGSiV8cm9sj8gE5_QY3PCo8Zzhhw1jLOZY%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-8982153739516837%26fa%3D1%26ifi%3D6%26uci%3Da!6%26btvi%3D2%26xpc%3DCM3lSmUccX%26p%3Dhttps%253A%2F%2Fwww.zulubet.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.zulubet.com&random=7174766040300&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1697706453787943&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjgRZ1fEwZeeLMLqvn88PotKw4AWm5b2gaYWVnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoEkQJP0OQ2qk3UfRe45JOo360tcz_urxPuNQVwBSjh7zqAzMX2Cxfno6AMiAEuXRT3ZqYLGiUsp0-nkAF8m3gL9lokv1zE-0V1BkqhOVOMrnzifvvzfGtyEeRDMl7ffIQQ0X9-UK0eTRf_YXBdApM3r35GZFhEFld4F1tBHJIzadf3uyun2b0xwmGYqTSR1GYZccUxyb09_W8nqRsQmgq1G3MCeEHgD5hAg4ZSTl88akJxHwppnbaDvX_zOdBz682AWCcjppUIdoB7njVrcRRNDsR9OCUfMWUzA0WTjEmlr_HTQjjgalYy4GaVh4pTHobGKLpHcJM41MtTBxQfw11gYym4RL9Ey1Q3mKKVoDciyvSUKlzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIp8rxsOGBggMVutfnAx0iKQxcEAEYASAAEgKpqvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIBgUylEJ_vTnR8_XwBhHR8DrZJnSwd6yjt-nM6bCmo-y0xRfoPeP4uq4-q3b4RUAWl20WbHndv7OxhvBCGYfHqobH83TsRgB%26sig%3DAOD64_0efX0lrL9nX2WJHbShnLt9Y8QbLg%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AGBMV_eDCqijRBw-467VTmsohJNan60Qr89vqxCZmquGhudKT9qq_elGe6m_p724DnsRfG2BX89dHhucTvdH4HxnzANdkE-Y1UDBjUdbJW4M4T-FN1Vm24ASH6zG2JK2Dj6VtJEoeRXUOCGn0VKs2xFupfQ2qrqGK3Gc3xReDNy6if3Hw%26cry%3D1%26dbm_d%3DAKAmf-C76y0wXm-8b7I9HTQ7UK7-8iBOudt7f59cCtXN5N95xi-GWhXv4S0NP7iEOiji2N5-HYq4fbi02v_yWzuNk6LkZIGx8PuES5hOa0A1iYLhdsIMAP8mxHE4-PWw-fwYfw6HMn53LXd1rhpD7VLWtFVwrB1KNTBQP2k-P-VAAZ_IpYyp56i9yazavhjGc5pYW9IeJm1ubUsubVJjBOLpR-WFCvl1v4lv50jznEXYJJRcmxYwrWkmYHgifWdYrdBXL5sf_SQUZbB7A5vQa_UcyQ2-NOn0d-jr1Z4q5dNP1g9BdgumLG_zGdLB-XZciYZVQtOAACUcVLW_fDE1KEpTCZ_Z_BLVN97e0dWCoTSldP9mPvB9YojxTSijbReF5b_CmlfEs5t8cjvqAmDudYGiAAVUJsCkEcIhlLkGEd2U0cTgdq2N5tn_oQFtTUT58KKVVgzdV4ZRVvKds-DFa9TbvInS04wVPKQSH7NRT0zwG38dpoIluAkKs67BJukojFYPRLxM9p4VQrPuxDyMBOGSiV8cm9sj8gE5_QY3PCo8Zzhhw1jLOZY%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: bc59dcc3eb5e32df0bec16cd2e1d59d9fb1375e5b16235e0a19cda478ffb3419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Oct 2023 09:07:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 52595300048088304444550012482025
Connection: close
Content-Length: 1332
Expires: Thu, 19 Oct 2023 10:07:35 +0200

GET
H3 200 QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B54 37 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:00:03 GMT

GET
H3 200 QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9349 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:00:03 GMT

GET
H3 200 QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E96 37 KB
14 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVp2p3XlSy0Ioz_C1lJtz692ywMRVbbwNCkeEp2HkD0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14709
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Oct 2024 22:00:03 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
54ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 19 Oct 2023 09:07:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adv.office-partner.de/ Frame 487B 930 B
931 B 441ms
19ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=63a2be29f4&subid=&uid=08080716f7966840&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLcP41fEwZdXnMfapn88Ppc2PwASm5b2gaZ2cnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoElgJP0NUokusLABmllSIzQCvShqCnYZYv3ArYuAZJVGZD-uIY2Nikr0B5YCtR_X1gr9VQk2uD0RAeXo4ny-bAhEyyCillqgAYjzyrNhR7isct57G8Q6F16_P0dQrnTe9Ya4ccn7oF7WukSpEBQim3ME7S9zlowcYx5k-Bc3lXaP5loTaCP0y98J5NhfeUpTTttHKpHCf4zNcDMQut51a4CUZwj4hD9WAN7GICL_MY2LYhlJJtBYemuBS-HhehE7OmU_iN7cJF6hkO8ExjDX-dQv43iruFRNyRNuBjOdV14YRoqPJaC9DzrW6GnTs1km0ONik7697NzF35cm-oxOSQyQlOvc83Y4OrN7sKysGrX_p2mFe88T7EmMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlabzsOGBggMV9tTnAx2l5gNIEAEYASAAEgIHHfD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNbBw0YE_sXqI6qiY4OP07Zo-AMLOdX4fzBXaD1ZnynEcr0EE4Zf-lGdhE7N-nvMKnxrejdwhZMsi1vzVec5E12VTttCLkBxgB%26sig%3DAOD64_35A3QCZDr7vBpDm98qDJjPUEk6tw%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AmXHdX19VxkpYybv_yvabjlfVscOZO8I3pb5Kd5htyMq_2Uz9tGQ7P-Kw9EhVo2pdPhBFUB4YN8Lk69QMvoahvZK6LSs2SQRhr-FoPut9mIYgQEzoeR_9JaTrDsjlvXr1bWGtbcaq5eb0ivVj42hE8Iqvb7py75l6lk2YfbyC7FuTvLzE%26cry%3D1%26dbm_d%3DAKAmf-ASPjzaKzac0Tke-VXxGL1x-DYM_NvVt4OuOrUmgI9Q4LWjY8b_iO4ed1hI9k-RPD6zZZNftIf8dmRv9_IlYNnEJonkwHFFtPTkijsjwf1I0rn1EvkzbipgeYs_EsNo_wjqMDMVaxtXuGALR09W5ETRyYXruV_gxUgPqw2MCpZR5k_rY2Hr7c2jnE-7M-prHoKgg6h_ES0pBEgCcQT30_QWszXJSByT1z-pb51CD5x0dnz2DalVu5T952sQIBY_enV3p5Il5_2CCuwkQQCsENgZYhChUEdR8DWsPI9oH1lcJ53PeDk8enbYtWEVC877XbDAcyj-CB6tfZTq1gf2dXvNLkaRFsGDIOcC-0Sexje8vhboiJevKOUvBCoJtuCOPCnvy9jt4SZHorqSRpnq1KBBYwthzn4IzT_Iokut4Y_I5q17onqjXeZ5tPAqf-rWnViqzzjTWiTT3QBFEqjpXEAbIf9_HB14f_qerFnQg1ZK-7hyKtbPIEJ0eX1McKPcLsarh4p-LILy00Igy3mhL9xgSNJdPaZ8FLYRWljUdBulaHKN-bg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8982153739516837%26output%3Dhtml%26h%3D600%26slotname%3D8551118301%26adk%3D949524668%26adf%3D1677439725%26pi%3Dt.ma~as.8551118301%26w%3D163%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697699253%26rafmt%3D1%26format%3D163x600%26url%3Dhttps%253A%252F%252Fwww.zulubet.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697706453387%26bpp%3D1%26bdt%3D177%26idt%3D331%26shv%3Dr20231011%26mjsv%3Dm202310180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C790x280%252C790x280%26nras%3D1%26correlator%3D1177806398676%26frm%3D20%26pv%3D1%26ga_vid%3D519388589.1697706454%26ga_sid%3D1697706454%26ga_hid%3D281170332%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1180%26ady%3D447%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078831%252C42531706%252C44795921%252C44805112%252C44805533%252C44805681%252C44805921%252C44805931%252C31078301%252C31078965%26oid%3D2%26pvsid%3D2704896093098797%26tmod%3D524980490%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DSRv9sLNbEf%26p%3Dhttps%253A%2F%2Fwww.zulubet.com%26dtd%3D335&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.zulubet.com&random=5261103813532&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 19 Oct 2023 09:07:35 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 26 Oct 2023 09:07:35 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK 89f7480c0afa0150827cf163f8728151 Show response
pv.medialead.de/trck/epv/ Frame D4F6 0
616 B 599ms
184ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=93078200051456404444556012482021&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=63a2be29f4&subid=&uid=08080716f7966840&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLcP41fEwZdXnMfapn88Ppc2PwASm5b2gaZ2cnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoElgJP0NUokusLABmllSIzQCvShqCnYZYv3ArYuAZJVGZD-uIY2Nikr0B5YCtR_X1gr9VQk2uD0RAeXo4ny-bAhEyyCillqgAYjzyrNhR7isct57G8Q6F16_P0dQrnTe9Ya4ccn7oF7WukSpEBQim3ME7S9zlowcYx5k-Bc3lXaP5loTaCP0y98J5NhfeUpTTttHKpHCf4zNcDMQut51a4CUZwj4hD9WAN7GICL_MY2LYhlJJtBYemuBS-HhehE7OmU_iN7cJF6hkO8ExjDX-dQv43iruFRNyRNuBjOdV14YRoqPJaC9DzrW6GnTs1km0ONik7697NzF35cm-oxOSQyQlOvc83Y4OrN7sKysGrX_p2mFe88T7EmMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlabzsOGBggMV9tTnAx2l5gNIEAEYASAAEgIHHfD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNbBw0YE_sXqI6qiY4OP07Zo-AMLOdX4fzBXaD1ZnynEcr0EE4Zf-lGdhE7N-nvMKnxrejdwhZMsi1vzVec5E12VTttCLkBxgB%26sig%3DAOD64_35A3QCZDr7vBpDm98qDJjPUEk6tw%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AmXHdX19VxkpYybv_yvabjlfVscOZO8I3pb5Kd5htyMq_2Uz9tGQ7P-Kw9EhVo2pdPhBFUB4YN8Lk69QMvoahvZK6LSs2SQRhr-FoPut9mIYgQEzoeR_9JaTrDsjlvXr1bWGtbcaq5eb0ivVj42hE8Iqvb7py75l6lk2YfbyC7FuTvLzE%26cry%3D1%26dbm_d%3DAKAmf-ASPjzaKzac0Tke-VXxGL1x-DYM_NvVt4OuOrUmgI9Q4LWjY8b_iO4ed1hI9k-RPD6zZZNftIf8dmRv9_IlYNnEJonkwHFFtPTkijsjwf1I0rn1EvkzbipgeYs_EsNo_wjqMDMVaxtXuGALR09W5ETRyYXruV_gxUgPqw2MCpZR5k_rY2Hr7c2jnE-7M-prHoKgg6h_ES0pBEgCcQT30_QWszXJSByT1z-pb51CD5x0dnz2DalVu5T952sQIBY_enV3p5Il5_2CCuwkQQCsENgZYhChUEdR8DWsPI9oH1lcJ53PeDk8enbYtWEVC877XbDAcyj-CB6tfZTq1gf2dXvNLkaRFsGDIOcC-0Sexje8vhboiJevKOUvBCoJtuCOPCnvy9jt4SZHorqSRpnq1KBBYwthzn4IzT_Iokut4Y_I5q17onqjXeZ5tPAqf-rWnViqzzjTWiTT3QBFEqjpXEAbIf9_HB14f_qerFnQg1ZK-7hyKtbPIEJ0eX1McKPcLsarh4p-LILy00Igy3mhL9xgSNJdPaZ8FLYRWljUdBulaHKN-bg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8982153739516837%26output%3Dhtml%26h%3D600%26slotname%3D8551118301%26adk%3D949524668%26adf%3D1677439725%26pi%3Dt.ma~as.8551118301%26w%3D163%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697699253%26rafmt%3D1%26format%3D163x600%26url%3Dhttps%253A%252F%252Fwww.zulubet.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697706453387%26bpp%3D1%26bdt%3D177%26idt%3D331%26shv%3Dr20231011%26mjsv%3Dm202310180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C790x280%252C790x280%26nras%3D1%26correlator%3D1177806398676%26frm%3D20%26pv%3D1%26ga_vid%3D519388589.1697706454%26ga_sid%3D1697706454%26ga_hid%3D281170332%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1180%26ady%3D447%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078831%252C42531706%252C44795921%252C44805112%252C44805533%252C44805681%252C44805921%252C44805931%252C31078301%252C31078965%26oid%3D2%26pvsid%3D2704896093098797%26tmod%3D524980490%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DSRv9sLNbEf%26p%3Dhttps%253A%2F%2Fwww.zulubet.com%26dtd%3D335&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.zulubet.com&random=5261103813532&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"SourceEventId":"25200521800103636","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Thu, 19 Oct 2023 09:07:35 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: D972DA14:D800_91EFC182:01BB_6530F1D7_25E2D30:19773

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 80E8 0
616 B 603ms
188ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=93078200051456404444556012482021&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Thu, 19 Oct 2023 09:07:35 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: D972DA14:D802_91EFC182:01BB_6530F1D7_25DE134:19774

GET
H2 200 link.html Show response
track.webgains.com/ Frame F500 2 KB
2 KB 528ms
110ms Script
text/html 13.41.39.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=93078200051456404444556012482021&nw=1
Requested by: Host: www.zulubet.com
URL: https://www.zulubet.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.39.134 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-39-134.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: d352be99a0ea148d76243b6e5f8307dea8f876963b01623d277d6478fd0adf45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:35 GMT
last-modified: Thu, 19 Oct 2023 09:07:35 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 19 Oct 2023 09:08:35 GMT

GET
H2

200

activityi;dc_pre=CM_m4rHhgYIDFZKHsgod6XMGDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6982907269076.819 Show response
8019191.fls.doubleclick.net/ Frame D0FC
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6982907269076.819?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CM_m4rHhgYIDFZKHsgod6XMGDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6982907269076.819?

391 B
327 B

75ms
73ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CM_m4rHhgYIDFZKHsgod6XMGDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6982907269076.819?

Requested by

Host: www.zulubet.com
URL: https://www.zulubet.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

4911c72e64973b56dacda1199b1acec330fc2f151c0bddeca39401b272036aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:35 GMT
expires: Thu, 19 Oct 2023 09:07:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CM_m4rHhgYIDFZKHsgod6XMGDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6982907269076.819?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame 4867 7 KB
2 KB 67ms
23ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=93078200051456404444556012482021&a=71334c54
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=63a2be29f4&subid=&uid=08080716f7966840&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCLcP41fEwZdXnMfapn88Ppc2PwASm5b2gaZ2cnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoElgJP0NUokusLABmllSIzQCvShqCnYZYv3ArYuAZJVGZD-uIY2Nikr0B5YCtR_X1gr9VQk2uD0RAeXo4ny-bAhEyyCillqgAYjzyrNhR7isct57G8Q6F16_P0dQrnTe9Ya4ccn7oF7WukSpEBQim3ME7S9zlowcYx5k-Bc3lXaP5loTaCP0y98J5NhfeUpTTttHKpHCf4zNcDMQut51a4CUZwj4hD9WAN7GICL_MY2LYhlJJtBYemuBS-HhehE7OmU_iN7cJF6hkO8ExjDX-dQv43iruFRNyRNuBjOdV14YRoqPJaC9DzrW6GnTs1km0ONik7697NzF35cm-oxOSQyQlOvc83Y4OrN7sKysGrX_p2mFe88T7EmMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIlabzsOGBggMV9tTnAx2l5gNIEAEYASAAEgIHHfD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNbBw0YE_sXqI6qiY4OP07Zo-AMLOdX4fzBXaD1ZnynEcr0EE4Zf-lGdhE7N-nvMKnxrejdwhZMsi1vzVec5E12VTttCLkBxgB%26sig%3DAOD64_35A3QCZDr7vBpDm98qDJjPUEk6tw%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AmXHdX19VxkpYybv_yvabjlfVscOZO8I3pb5Kd5htyMq_2Uz9tGQ7P-Kw9EhVo2pdPhBFUB4YN8Lk69QMvoahvZK6LSs2SQRhr-FoPut9mIYgQEzoeR_9JaTrDsjlvXr1bWGtbcaq5eb0ivVj42hE8Iqvb7py75l6lk2YfbyC7FuTvLzE%26cry%3D1%26dbm_d%3DAKAmf-ASPjzaKzac0Tke-VXxGL1x-DYM_NvVt4OuOrUmgI9Q4LWjY8b_iO4ed1hI9k-RPD6zZZNftIf8dmRv9_IlYNnEJonkwHFFtPTkijsjwf1I0rn1EvkzbipgeYs_EsNo_wjqMDMVaxtXuGALR09W5ETRyYXruV_gxUgPqw2MCpZR5k_rY2Hr7c2jnE-7M-prHoKgg6h_ES0pBEgCcQT30_QWszXJSByT1z-pb51CD5x0dnz2DalVu5T952sQIBY_enV3p5Il5_2CCuwkQQCsENgZYhChUEdR8DWsPI9oH1lcJ53PeDk8enbYtWEVC877XbDAcyj-CB6tfZTq1gf2dXvNLkaRFsGDIOcC-0Sexje8vhboiJevKOUvBCoJtuCOPCnvy9jt4SZHorqSRpnq1KBBYwthzn4IzT_Iokut4Y_I5q17onqjXeZ5tPAqf-rWnViqzzjTWiTT3QBFEqjpXEAbIf9_HB14f_qerFnQg1ZK-7hyKtbPIEJ0eX1McKPcLsarh4p-LILy00Igy3mhL9xgSNJdPaZ8FLYRWljUdBulaHKN-bg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8982153739516837%26output%3Dhtml%26h%3D600%26slotname%3D8551118301%26adk%3D949524668%26adf%3D1677439725%26pi%3Dt.ma~as.8551118301%26w%3D163%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1697699253%26rafmt%3D1%26format%3D163x600%26url%3Dhttps%253A%252F%252Fwww.zulubet.com%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1697706453387%26bpp%3D1%26bdt%3D177%26idt%3D331%26shv%3Dr20231011%26mjsv%3Dm202310180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C790x280%252C790x280%26nras%3D1%26correlator%3D1177806398676%26frm%3D20%26pv%3D1%26ga_vid%3D519388589.1697706454%26ga_sid%3D1697706454%26ga_hid%3D281170332%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1180%26ady%3D447%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31078831%252C42531706%252C44795921%252C44805112%252C44805533%252C44805681%252C44805921%252C44805931%252C31078301%252C31078965%26oid%3D2%26pvsid%3D2704896093098797%26tmod%3D524980490%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Dd%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DSRv9sLNbEf%26p%3Dhttps%253A%2F%2Fwww.zulubet.com%26dtd%3D335&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.zulubet.com&random=5261103813532&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 22df92a529f9166f6734f918331ea87f64fa454df1ebed4f6b2b30b3a0e6602a

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2062
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Oct 2023 09:07:35 GMT
Expires: Thu, 19 Oct 2023 10:07:35 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame F500
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93078200051456404444556012482021&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93078200051456404444556012482021&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
632 B

347ms
194ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93078200051456404444556012482021&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:35 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"SourceEventId":"17200521800104416","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server: nginx
host: pv.medialead.de
x-iplb-request-id: D972DA14:D80E_91EFC182:01BB_6530F1D7_25B4B97:1193B
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93078200051456404444556012482021&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Thu, 19 Oct 2023 09:07:35 GMT
server: nginx
content-length: 154
content-type: text/html

GET
DATA 200
OK truncated
/ Frame F500 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f2b10fa1f69006ed6fbdf45a61fc7ca3aedd53673216860027f020e38a97a31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
adv.office-partner.de/ Frame 3B79 930 B
930 B 28ms
20ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4039593d95&subid=&uid=682ec01cba19238c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjgRZ1fEwZeeLMLqvn88PotKw4AWm5b2gaYWVnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoEkQJP0OQ2qk3UfRe45JOo360tcz_urxPuNQVwBSjh7zqAzMX2Cxfno6AMiAEuXRT3ZqYLGiUsp0-nkAF8m3gL9lokv1zE-0V1BkqhOVOMrnzifvvzfGtyEeRDMl7ffIQQ0X9-UK0eTRf_YXBdApM3r35GZFhEFld4F1tBHJIzadf3uyun2b0xwmGYqTSR1GYZccUxyb09_W8nqRsQmgq1G3MCeEHgD5hAg4ZSTl88akJxHwppnbaDvX_zOdBz682AWCcjppUIdoB7njVrcRRNDsR9OCUfMWUzA0WTjEmlr_HTQjjgalYy4GaVh4pTHobGKLpHcJM41MtTBxQfw11gYym4RL9Ey1Q3mKKVoDciyvSUKlzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIp8rxsOGBggMVutfnAx0iKQxcEAEYASAAEgKpqvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIBgUylEJ_vTnR8_XwBhHR8DrZJnSwd6yjt-nM6bCmo-y0xRfoPeP4uq4-q3b4RUAWl20WbHndv7OxhvBCGYfHqobH83TsRgB%26sig%3DAOD64_0efX0lrL9nX2WJHbShnLt9Y8QbLg%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AGBMV_eDCqijRBw-467VTmsohJNan60Qr89vqxCZmquGhudKT9qq_elGe6m_p724DnsRfG2BX89dHhucTvdH4HxnzANdkE-Y1UDBjUdbJW4M4T-FN1Vm24ASH6zG2JK2Dj6VtJEoeRXUOCGn0VKs2xFupfQ2qrqGK3Gc3xReDNy6if3Hw%26cry%3D1%26dbm_d%3DAKAmf-C76y0wXm-8b7I9HTQ7UK7-8iBOudt7f59cCtXN5N95xi-GWhXv4S0NP7iEOiji2N5-HYq4fbi02v_yWzuNk6LkZIGx8PuES5hOa0A1iYLhdsIMAP8mxHE4-PWw-fwYfw6HMn53LXd1rhpD7VLWtFVwrB1KNTBQP2k-P-VAAZ_IpYyp56i9yazavhjGc5pYW9IeJm1ubUsubVJjBOLpR-WFCvl1v4lv50jznEXYJJRcmxYwrWkmYHgifWdYrdBXL5sf_SQUZbB7A5vQa_UcyQ2-NOn0d-jr1Z4q5dNP1g9BdgumLG_zGdLB-XZciYZVQtOAACUcVLW_fDE1KEpTCZ_Z_BLVN97e0dWCoTSldP9mPvB9YojxTSijbReF5b_CmlfEs5t8cjvqAmDudYGiAAVUJsCkEcIhlLkGEd2U0cTgdq2N5tn_oQFtTUT58KKVVgzdV4ZRVvKds-DFa9TbvInS04wVPKQSH7NRT0zwG38dpoIluAkKs67BJukojFYPRLxM9p4VQrPuxDyMBOGSiV8cm9sj8gE5_QY3PCo8Zzhhw1jLOZY%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-8982153739516837%26fa%3D1%26ifi%3D6%26uci%3Da!6%26btvi%3D2%26xpc%3DCM3lSmUccX%26p%3Dhttps%253A%2F%2Fwww.zulubet.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.zulubet.com&random=7174766040300&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 19 Oct 2023 09:07:35 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 26 Oct 2023 09:07:35 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK 89f7480c0afa0150827cf163f8728151 Show response
pv.medialead.de/trck/epv/ Frame 0FA1 0
616 B 188ms
183ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=52595300048088304444550012482025&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=4039593d95&subid=&uid=682ec01cba19238c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCjgRZ1fEwZeeLMLqvn88PotKw4AWm5b2gaYWVnKfJD_AuEAEgm8XRCWCVgoCAsAfIAQmpAgcdnBngq7E-qAMByAObBKoEkQJP0OQ2qk3UfRe45JOo360tcz_urxPuNQVwBSjh7zqAzMX2Cxfno6AMiAEuXRT3ZqYLGiUsp0-nkAF8m3gL9lokv1zE-0V1BkqhOVOMrnzifvvzfGtyEeRDMl7ffIQQ0X9-UK0eTRf_YXBdApM3r35GZFhEFld4F1tBHJIzadf3uyun2b0xwmGYqTSR1GYZccUxyb09_W8nqRsQmgq1G3MCeEHgD5hAg4ZSTl88akJxHwppnbaDvX_zOdBz682AWCcjppUIdoB7njVrcRRNDsR9OCUfMWUzA0WTjEmlr_HTQjjgalYy4GaVh4pTHobGKLpHcJM41MtTBxQfw11gYym4RL9Ey1Q3mKKVoDciyvSUKlzABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgGYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIp8rxsOGBggMVutfnAx0iKQxcEAEYASAAEgKpqvD_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIBgUylEJ_vTnR8_XwBhHR8DrZJnSwd6yjt-nM6bCmo-y0xRfoPeP4uq4-q3b4RUAWl20WbHndv7OxhvBCGYfHqobH83TsRgB%26sig%3DAOD64_0efX0lrL9nX2WJHbShnLt9Y8QbLg%26client%3Dca-pub-8982153739516837%26dbm_c%3DAKAmf-AGBMV_eDCqijRBw-467VTmsohJNan60Qr89vqxCZmquGhudKT9qq_elGe6m_p724DnsRfG2BX89dHhucTvdH4HxnzANdkE-Y1UDBjUdbJW4M4T-FN1Vm24ASH6zG2JK2Dj6VtJEoeRXUOCGn0VKs2xFupfQ2qrqGK3Gc3xReDNy6if3Hw%26cry%3D1%26dbm_d%3DAKAmf-C76y0wXm-8b7I9HTQ7UK7-8iBOudt7f59cCtXN5N95xi-GWhXv4S0NP7iEOiji2N5-HYq4fbi02v_yWzuNk6LkZIGx8PuES5hOa0A1iYLhdsIMAP8mxHE4-PWw-fwYfw6HMn53LXd1rhpD7VLWtFVwrB1KNTBQP2k-P-VAAZ_IpYyp56i9yazavhjGc5pYW9IeJm1ubUsubVJjBOLpR-WFCvl1v4lv50jznEXYJJRcmxYwrWkmYHgifWdYrdBXL5sf_SQUZbB7A5vQa_UcyQ2-NOn0d-jr1Z4q5dNP1g9BdgumLG_zGdLB-XZciYZVQtOAACUcVLW_fDE1KEpTCZ_Z_BLVN97e0dWCoTSldP9mPvB9YojxTSijbReF5b_CmlfEs5t8cjvqAmDudYGiAAVUJsCkEcIhlLkGEd2U0cTgdq2N5tn_oQFtTUT58KKVVgzdV4ZRVvKds-DFa9TbvInS04wVPKQSH7NRT0zwG38dpoIluAkKs67BJukojFYPRLxM9p4VQrPuxDyMBOGSiV8cm9sj8gE5_QY3PCo8Zzhhw1jLOZY%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-8982153739516837%26fa%3D1%26ifi%3D6%26uci%3Da!6%26btvi%3D2%26xpc%3DCM3lSmUccX%26p%3Dhttps%253A%2F%2Fwww.zulubet.com&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwww.zulubet.com&random=7174766040300&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"SourceEventId":"25200521800103636","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Thu, 19 Oct 2023 09:07:35 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: D972DA14:D80E_91EFC182:01BB_6530F1D7_25B4B7E:1193B

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 05E5 0
616 B 191ms
187ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52595300048088304444550012482025&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Thu, 19 Oct 2023 09:07:35 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: D972DA14:D810_91EFC182:01BB_6530F1D7_25DE135:19774

GET
H2 200 link.html Show response
track.webgains.com/ Frame D025 2 KB
2 KB 472ms
85ms Script
text/html 13.41.39.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=52595300048088304444550012482025&nw=1
Requested by: Host: www.zulubet.com
URL: https://www.zulubet.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.39.134 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-39-134.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 62358501855a09305666a117588c3d27612e207dc5cb26404af453ae2ee38ea2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:35 GMT
last-modified: Thu, 19 Oct 2023 09:07:35 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 19 Oct 2023 09:08:35 GMT

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame D025 0
616 B 626ms
198ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=52595300048088304444550012482025&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:35 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server: nginx
host: pv.medialead.de
x-iplb-request-id: D972DA14:D9FE_91EFC182:01BB_6530F1D7_25B469F:1193C
x-iplb-instance: 40027
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame D025 43 B
632 B 685ms
252ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=52595300048088304444550012482025&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:35 GMT
strict-transport-security: max-age=15768000
attribution-reporting-register-source: {"SourceEventId":"17200521800103984","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server: nginx
host: pv.medialead.de
x-iplb-request-id: D972DA14:DA00_91EFC182:01BB_6530F1D7_25B6450:1193E
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H3 200 css
fonts.googleapis.com/ Frame 4867 5 KB
682 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=93078200051456404444556012482021&a=71334c54

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Oct 2023 09:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 07:15:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Oct 2023 09:07:35 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4867 25 KB
25 KB 78ms
32ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=93078200051456404444556012482021&a=71334c54
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ed714a245e54150311f80467ac514cb655c1f2c5bd054c6d81d12a00cf1c4f54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 25830
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4867 19 KB
19 KB 81ms
33ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=93078200051456404444556012482021&a=71334c54
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3d51b95e0334e6ddb4dfa92933cc185a1c58d9b3b8c8be65f2302831f72ea873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 19696
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4867 27 KB
27 KB 89ms
39ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=93078200051456404444556012482021&a=71334c54
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1b0044f65be47e82c66ca5343961b7f949154df02118e65b61f82fa948d3f8b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:35 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 27705
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 487B 175 KB
63 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8be39718183bf045e1c2805e714943742847b5d9ec1c3cde2528b29edaf6d898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 09:07:35 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 3B79 175 KB
63 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90a318d3ba3b123a8fb64fc5a9d9035dca71d736d3cd1a8210469ba81635253a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 09:07:35 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B54 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuV5F1vEwZeDEH_yp1PIPkbC48AkAAAAAOAHgBAI&bg=!-fql-rXNAAZy-tsgUvo7ADQBe5WfOEnVPk3biyiqyWnCahzIVbc7b8OD5eSeauEtKC9y8qPpUnplFHrAWD8oiA5eLzoeAgAAAhZSAAAACGgBB5kDKIdtMAa7cV1ahqM6RqCM1w44e6lM1WBIPlSR5lbJR90SMPNJI2YkhmZ93TXf89P64DjjjUIVXlGKCdNuG9ICAK50vVMhfapB7wnueZD83v3ULEc9oajX0e_9qfQ9RRqx7U-GJKEu6vO9JVQOAS6UU28jd2EBTC6TDK3v5g8JGhF-qukItBLQziPjBLi4xYowa36sL7b1E_chnF-6OwTECDZHBLH70eTETA3rm0u_NCwqyPeynQH_dzweZko5IlA4CwWCX1slo0qbyA-xUL_X6tp4r1qMc1WwNQtokM826CVV85sxxMdNEg0hpZsrzoLK5eqA99iua2tmpMfkX1qToq1Q-02ES0LsbV0sOlH_69K5gnv5klIYUZEocDoS1q5x0tJNUDSOHsgt9o5AbeERJ9GIu6-PUagE_oabE3g3OmP_2-Xow2WC6MmFxmZtOm92osmP-KgYcwCWkZRlYHGINcCqF8-TmehbAHi0cV9sYMShftf-N8VUF_y7WHGWvc7x10p4sY0baBRsr0msA1OvPpGBNE0Nqz9mZihfWF8VCLQVjcPYvRlhzgQsnmVdZhOtqqjYY1pH9S8IMrJH6uJ4hrJ5LbfxYyEkajI8Wc-E1tRlQSTmpAcad0tTjwHaqzd0GR4mMn-u0_TNkPd25pJQt0fmNNu7kL0CCkBDJnrOHMypTvoxy5-Wfixe-qu0F6GwA6MRvOID-URC1qh3r3jylkdLnXABk4YqsOoZbjzsaMtdI2sm2J0TD-_jiqKXVR_H_1Z81ejOwKbEU76y19qUFIw5c0brzHyPCr2I3gfiNhekZ-dWYiQ2WvNWiTiPHI6uFpxQJlYoKDPamCCIP8OXMkNcKARc8VGCJYFhaW4GvTNQEOW9FWpj-8reHjevrgDOsCa6h-evYkCT7aHIWC3W5oT_kF62PevIf8Y_sk1M7n4c_rDxKJdAQD-sD3AZIJwRBP2Gx-P2VDZxUhVoabQqer9snl0la6aeiiAQmToVTg7SSBEVWmcq9cjsXdFl7FaFvkHfbdV788GQoG9xHeg1pPXV8aYaD6grL9SdeJwHch8IF1DXTxjCLgo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 4867 0
150 B 81ms
30ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=93078200051456404444556012482021&a=bc996c1a&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=93078200051456404444556012482021&a=71334c54
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=93078200051456404444556012482021&a=71334c54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:35 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E96 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSNp51vEwZdjVJoHT3gO4tomgBwAAAAA4AeAEAg&bg=!cHOlczzNAAZy-tsgUvo7ADQBe5WfOHCnFBLw2D0jWvYoDRW0UK6CDBxFjoAkjGXxwsYsywt2HYV9jlWoKjv0EKhuiCrEAgAAAdNSAAAABmgBB5kDVrPNBMQ1hSzBULo0Eg6msLluToO7e0OJqi_Q_-oYOnPFbLO1VKiJfyZnoqj0aKPzFN_Hc3nl3dYHsE6NMHx1Am0uRhOwtNUDisr-W1BzVe5PC9DnNlHBeA7YfkEfAcrJGNvDGjRG5BOYD6KG8fMOXPcZWpBryruy2SgBTY4qyXeaNmVvsG_UaA-2kaPvwny5rARj6rbLaec7Z2LB2PLsSCmfUhENhUjtJVBtdkF3BubfGA88xEF080vFei1JiHRX73r69GMgZm8DwqEGZ7UHFxsmoGCUYYjITNsEskSJx22-fq47mVyF_UPds1fP6WEE7aggjxa_o0WujFMCVyhoRu-vVOhATOWsWvXH5mBAoZEktLQlojde8ZO3ZsaTp-uwq_NEhzKHEPnX3W31yts1o4Adkvg3mxr0EWWgTUWT_YTu00Skh7CQebSV-lRVirn1Arqd34goyeXUugK_66eAundXFXVnJQKcTyKJms_xzU_Vo1i7GWrEIqC1L2npMt6MGDTOhsdVScU7HkSZiqdeZNms8aELS-0rxbjiby2PJ5n0ltRrniuwRsft1NyP0i4HiQxHZcDw_jJu0q6rtCJCzuUCVC-KX0IFClqqsbuOUSpH5X-GmZPBAl4OUATBheno5rDwss4dhbOR3q4Nv5S1sExUfb7XB16si8wK006EIoxD7-OKFRDXZRyP2TV8Y1jeqnqhX_ItU_IaYZpDEYDamXMLTLuUrMVFNNezxWSOl6lNf3jK-IEnOpIB3_ZiwnCFK-qLdc7rNDAR5dZPYbfhZQaJ0OT2jebuCNhf4c6WTH-2ghtLz7AhTxZtutaeNwyOKjabndjYNIoX_MkTdZkFsN_orh5yasC0QNPJn3rOzSNT6Le3R3eWqyz-f9gdvfJCEfOWOXirObSVRTprlWFQK1iWxmmU7pQvnxKbPYY2QvEww2mcWDCApLH_1_NnW3TNLmzffvXuGBvyIMrEtJjkuOgIZPa6ypOT5c_M7ewAAA5jceOyI0rN-LXxdXYuPaqThLCEK00zibvXhh7hbLvvAzBEy4szGJVXOAAuvDPKdaMkWmNZyJe5RFQw_1Zxy7znYeSwnSN3BcC5lZfL7UMy65w1Z85sOgXpreBuQdefQ1ysYTt9gEZ7

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 4867 14 KB
15 KB 80ms
28ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900021.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 468169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 23:04:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 4867 15 KB
15 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900021.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 537994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 03:41:01 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D025 53 KB
19 KB 269ms
25ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=52595300048088304444550012482025&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bff213874ce3d0ba3e7b2d018294c6f0145891a59ad5b1d0bf3ef1b65efe3292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 09:58:15 GMT
content-encoding: gzip
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 08:55:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 83361
x-amz-server-side-encryption: AES256
etag: W/"6aec565d06e446dcf33391d1dafb8b7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: C4jDFlvCMW4z0LnIGFntH6-S9c9nYF97kX-2fK880Uh_RZPtTeQxzg==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame D025 85 B
435 B 261ms
19ms Image
image/gif 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1697706755&Signature=B0f2yQIgw67YiCa52ijZ9vKSyA930m91DEfSCItQlfdIc3XF5KE235qJ9YoiSj~b1iXsvqaS44MNdnjAp7LLCyfNAE31MO3ti-jizONfkqZCpiAe0Reok6W4SVSku96rtrNzwlBxNaYVT3nwRmyI3ZcjcjFWrCyXXBDnK05mnpmY85gHZKQ1S-sLwAIA3EVY5WVsn3y4jPsLE0fVoGjikPkTCUVfyAP7GOiTYUe111jsmTjSXHzwkB~z68qKzFmm~aVZC8Ms5Zvfx9T~MoSS9oTtBlJKd~rJ2pD~JgWpe1BBo3BXz5H3DL3QOEElYgY9YXu4MNhdqPPGL8yJFiC58w__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 18 Oct 2023 23:03:21 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 36263
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: wVtto-Kk8gx0pKuCgc0M825VTVurbYtoP40xsfQY_BKGFnQzQ4m09g==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 487B 273 KB
91 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e6f2e33f21ae518d8623a491c2128a3042196a798eb8dd5f43e7f0886f68326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92834
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 09:07:35 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame F500 53 KB
19 KB 216ms
23ms Script
application/javascript 18.66.147.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=93078200051456404444556012482021&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-41.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bff213874ce3d0ba3e7b2d018294c6f0145891a59ad5b1d0bf3ef1b65efe3292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 09:58:15 GMT
content-encoding: gzip
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 08:55:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 83361
x-amz-server-side-encryption: AES256
etag: W/"6aec565d06e446dcf33391d1dafb8b7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 71bfULzRtsqYDSV_Nxhl4vHKDM39YQwjRLosRk1dXgp2YkMtTCTy-g==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame F500 3 KB
3 KB 212ms
21ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1697706755&Signature=U66BjdwGYxN5F-Mha~XnWQULYzINaD2OwITMENZFfYZfKTJ1oSrAWY1AO7q9c2MZrbQVGY54M9b9bW2OccKncsCkB8ywEVpi~6OWOme8RL7nKywG-H3pJkrn3EJsfOSx7e0ey5aWUu2wWUYhVKKRBgR3NiLHyIfqKOG8UgI-mVHSTrQI66nIiKxAYAMsoeH8QXcelRZ95TOebm-xHRx3TWWs6ICNFW7VPEVi5Uembzd8xoQ7PYFzrfDUlEhNdIP9xH~IeYmz~i1WAFS64noqJWWqROBXarc3KV4KKLrGDQBaPn7ZgFJcKTT2LpqALoJJtIe5~TJUWlU1-P6ZjUdEcw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8982153739516837&output=html&h=600&slotname=8551118301&adk=949524668&adf=1677439725&pi=t.ma~as.8551118301&w=163&fwrn=4&fwrnh=100&lmt=1697699253&rafmt=1&format=163x600&url=https%3A%2F%2Fwww.zulubet.com%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697706453387&bpp=1&bdt=177&idt=331&shv=r20231011&mjsv=m202310180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x280%2C790x280&nras=1&correlator=1177806398676&frm=20&pv=1&ga_vid=519388589.1697706454&ga_sid=1697706454&ga_hid=281170332&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1180&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078831%2C42531706%2C44795921%2C44805112%2C44805533%2C44805681%2C44805921%2C44805931%2C31078301%2C31078965&oid=2&pvsid=2704896093098797&tmod=524980490&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=SRv9sLNbEf&p=https%3A//www.zulubet.com&dtd=335
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 19 Oct 2023 05:49:44 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 11872
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: YcDByLeYNr8H1tiZkncUvPKELn9jaRBkQzOfI9Sf11hwAonaF1hkeQ==

GET
H2 200 dc_pre=CM_m4rHhgYIDFZKHsgod6XMGDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6982907269076.819
adservice.google.com/ddm/fls/z/ Frame D0FC 42 B
401 B 238ms
59ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM_m4rHhgYIDFZKHsgod6XMGDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6982907269076.819

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CM_m4rHhgYIDFZKHsgod6XMGDQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6982907269076.819?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3B79 273 KB
91 KB 35ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c98ad466c537bebcd591967be557612aade1579740907cef7d0f5199459fbc9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92953
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 09:07:35 GMT

GET
H3

200

activityi;dc_pre=CLbX97HhgYIDFSJVkQUdTo4BEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5427878095601.148 Show response
8019191.fls.doubleclick.net/ Frame 3F63
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5427878095601.148?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CLbX97HhgYIDFSJVkQUdTo4BEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5427878095601.148?

391 B
241 B

72ms
69ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CLbX97HhgYIDFSJVkQUdTo4BEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5427878095601.148?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

059b96de2a449a2a18bdacdc4259630778b92d6878d9c7b8a2f4272b126508ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:36 GMT
expires: Thu, 19 Oct 2023 09:07:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLbX97HhgYIDFSJVkQUdTo4BEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5427878095601.148?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900025.redintelligence.net/ Frame E40E 7 KB
2 KB 79ms
26ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request_content.php?s=52595300048088304444550012482025&a=41e97468
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f6d8ed6dc4662048577a87d8f90d08c65ef9865636ed6bca1de80455045974a6

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2100
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Oct 2023 09:07:36 GMT
Expires: Thu, 19 Oct 2023 10:07:36 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame D025 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bffab7ac13c746fdc6cdc8c314bf814fc7e4c224106195a007ff147170e2748

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5910 42 B
64 B 102ms
56ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdx-Z9L9EL1j3giRW8XVhqmPADsSysaliQsDdQBPZju3ij_P-GaOIebrVGnkpdWEJkHrBU1SHIsMkm6ZEcnb3vCvawntY9KyyXD5vIAIRaxd-aHIrqMOniEqf0agqqShHtD8x_AEpXv5ok&sai=AMfl-YTNokSnTBw0vYbsDEitTCxH5UmsTfAasHZWKY143UcnOKgY6i5O3KzwKM9Seu1yNXIUnv08io3zaNPuSyv9NyG_ud7H0PJaY2gOqYeOiuNsI5TKjZ0NBFf36RX8vpbuXPJBxkqOdJO6juCu&sig=Cg0ArKJSzECQSDuP5ZW2EAE&cid=CAQSSwDICaaNhGaqVqUb-MYghhOogpFmUXSzJkrfkE3FyRzfcuyEtipg7docibM6ERf-CVY-Nh5p6XkTvDpYO0L5h-3H7WQCWGDNW2A-CxgB&id=lidar2&mcvt=1067&p=0,0,280,790&mtos=1067,1067,1067,1067,1067&tos=1067,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2099416891&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697706453703&rpt=1280&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E40E 2 KB
434 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=52595300048088304444550012482025&a=41e97468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Oct 2023 09:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 09:00:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Oct 2023 09:07:36 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E40E 16 KB
16 KB 70ms
24ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=52595300048088304444550012482025&a=41e97468
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 81606a432859651a432d365e091f3ba09a384b102d88652e75e2497f5e4bca81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E40E 13 KB
13 KB 73ms
25ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=52595300048088304444550012482025&a=41e97468
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f1966d30d096c25dabd4a006486c455fe541221ef2f2b787501c1feda27f806e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13288
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E40E 17 KB
17 KB 72ms
24ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=52595300048088304444550012482025&a=41e97468
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b16a72aab5ab9441565e03b75f193012e53af453fbffabbec58b73e862eb4c76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16982
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 dc_pre=CLbX97HhgYIDFSJVkQUdTo4BEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5427878095601.148
adservice.google.com/ddm/fls/z/ Frame 3F63 42 B
107 B 58ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLbX97HhgYIDFSJVkQUdTo4BEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5427878095601.148

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CLbX97HhgYIDFSJVkQUdTo4BEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5427878095601.148?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame E40E 0
150 B 73ms
25ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=52595300048088304444550012482025&a=b0bab3c0&vb=m
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=52595300048088304444550012482025&a=41e97468
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/request_content.php?s=52595300048088304444550012482025&a=41e97468
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:36 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK z-dark-bottom.css
cdn.zulubet.com/cc2/styles/ 3 KB
1 KB 27ms
27ms Stylesheet
text/css 108.138.7.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zulubet.com/cc2/styles/z-dark-bottom.css

Requested by

Host: cdn.zulubet.com
URL: https://cdn.zulubet.com/cc2/z-cookieconsent.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-5.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

7f306d857bb5b152679fe902b847e4675d6e851b74df78d520758defc2158725

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 21:44:39 GMT
Content-Encoding: gzip
Via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
Server: Apache
X-Amz-Cf-Pop: FRA56-P6
Age: 732177
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: text/css
X-Cache: Hit from cloudfront
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 773
X-Amz-Cf-Id: 6A8AGFZREOk9AOtrqFq3n5olsJ3LuyfYr6oqjihFuZUfrooX7RWYzw==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
76ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de9dbf01d7c2e6c4c6b05e2086b5887c82d9abd417ff5657a37c489b8879b253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12268
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F500 42 B
64 B 60ms
58ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstipZRsxpECbK3e-RjbXEblLLlz9T_UQGuW_p4ylGmEZL0AfpannXu6RoIg0tNWr6VOwScubIuyZllp9IpYgVct_uNpTxHlVxhOgTgMSTwHj4l9pbeYSXKDXal0XqyWXQA&sai=AMfl-YRBcdilsV2Fj9Nf3XiP3llMGeC-0rLEyq6TpRNldlIiEWOizAWXEHAPlKj_6LGVTZV2qoQtPuHdTpMEXHl-jOOoqsnz2upluRY19muVa0BaVvJa7PQ-rUwiJe35dK55vM2cP-pnU3sLyWGJ&sig=Cg0ArKJSzIIyxWyKyh9BEAE&cid=CAQSSwDICaaNbBw0YE_sXqI6qiY4OP07Zo-AMLOdX4fzBXaD1ZnynEcr0EE4Zf-lGdhE7N-nvMKnxrejdwhZMsi1vzVec5E12VTttCLkBxgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=949524668&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697706454260&rpt=962&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 09:07:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6E00 13 KB
5 KB 28ms
19ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zulubet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 60324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 16:22:12 GMT
expires: Thu, 17 Oct 2024 16:22:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F9CE 829 B
558 B 30ms
29ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

372a8f7b7853766bb5b4ea4b6ad35b90454cc1d076019ced5698ada26f0c5533

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eay-n_UvhDmrD7J-cumlWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zulubet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-eay-n_UvhDmrD7J-cumlWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:07:36 GMT
expires: Thu, 19 Oct 2023 09:07:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F9CE 0
0 77ms
54ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=2704896093098797&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E00 37 KB
14 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 08:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Oct 2024 08:38:35 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6E00 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xff1Mw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:07:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 4867 0
150 B 72ms
25ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=93078200051456404444556012482021&a=bc996c1a&vb=v
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=93078200051456404444556012482021&a=71334c54
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=93078200051456404444556012482021&a=71334c54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:36 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D025 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYO9ZlFojZSfazEg7h0hP7NrM6rY5RPK6WFewz17GpuYuct4ZltSySLa3GLJfI8p5aukD_0Z-n0i6bqK0TW0w-bDF3tLmPJ04R4Z3VOtYRYd1BGecguUffcLcBr6Gn5LE&sai=AMfl-YR43s3yjMH3SE_YbOkKBDrykoZQt_sKf-ue9HkII1PS0Y9Axmpo1fJXTx15Nd0_Xyyvn4ma9VbqDBCG7R01QLQqZMHhp7peKOvm5vBmNoELjVgcmabsuU5dClEJ6i21fX0xHQb2sTkYPWP9&sig=Cg0ArKJSzCgmJLa1ho0tEAE&cid=CAQSSwDICaaNIBgUylEJ_vTnR8_XwBhHR8DrZJnSwd6yjt-nM6bCmo-y0xRfoPeP4uq4-q3b4RUAWl20WbHndv7OxhvBCGYfHqobH83TsRgB&id=lidar2&mcvt=1076&p=0,0,90,728&mtos=1076,1076,1076,1076,1076&tos=1076,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697706454425&rpt=1461&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame F500 16 B
209 B 84ms
83ms Fetch
application/json 13.43.78.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.43.78.194 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-43-78-194.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Oct 2023 09:07:37 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 134ms
34ms Preflight 13.43.78.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.43.78.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-43-78-194.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 19 Oct 2023 09:07:37 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 122ms
34ms Preflight 13.43.78.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.43.78.194 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-43-78-194.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 19 Oct 2023 09:07:37 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D025 16 B
209 B 87ms
86ms Fetch
application/json 13.43.78.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.43.78.194 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-43-78-194.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Oct 2023 09:07:37 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=2704896093098797&bg=!DQ6lDkHNAAbFpEfJ5aQ7ADQBe5WfODdWfuFMPhhhNAfDW3vYfZdL-brafWDLArSfVmemhxPTUDtKw5tMIZEhVokIsovrAgAAAElSAAAACWgBB5kC-NOQXzDPO6gKdaxjxrQvXC-sbid9FvV10BHnjkDzyLSVP1eeIJWt5uvKv-GZ7B0r8BYBhlPMrrF2N2ERpZCcOmS5-25KGuIGOwDIFzocbUlIf-3M6sTcrMcWtWAYMh1AyOl2abzC_8DeS66A_ZhW7f6Ix6G20jFjCBxiLL4W4EZGK8pTwsiROt140hB3gwObo12grRijtF5cTo3XZzR6KIhx8cqGv3b3JWUoT99Rr6qt-oSV5PFABYj2tXbf1-iIR6cpCv6dV_y45YsctRfNBqXLmxffjePkxKEnohQEbYLqNjcUk0il0AO7ZxIanbWiVzLuoQXtjbQsHoILHaNDL5xXuleNLEH6BJn1kUGzReNxwkw6tBArOMqKFbWyXCsPaPRSyYGlLZnpZWQPZW9desjgLA0bKpPLKtoJKTFf_95Dddb5nw-w9l3-oH7oZQgsCEVlekFlJ1kXzs394u5XgqNSkFnzITcFl2FCMLv21Joio-6c-OR44QxKxo-RRQvHZY8w1WKrOljQMXfBYRSQ0z5JVJiYxl3BSQhY1BZfB1FhgB2oqf1KYIuIqtwWz8AIIbnVnhST_M_cVOMPNQZ5zf4_zwrBO_MBr97buK1Od7M3_mUIByTwo7B3git0jTEshb3CQEwP5jRRU5Z_CaHyp3AP8UQfRTF6gHBx-MI0MYvtNkOs91rCCKyQPpNa5Hra2OmuNhCy39_OcE04xjO90x873yhvlRebMpqOaQAJWDJFAK1zc4wAQe-namiXaVXQpLH1iVmWzchjljzMqBOg4681CF81oZcIHWfVoZDrBTqJMevsu7e8ww0D3Bmj4eO7TALX8t8zMJY_GG0K-pZH8YZe1eB5tkpP_-VETgk31M_jTEW7RU3hUvqAFACbqLUZlAyC939PaUnQ2KqlCtlK4fhHRaonRyBPIkSDKndWAY4KDrx1m91F2Ll6DWQWOGoVz3e2QfdNPcsOlCCmVDoZ81Wr7sdy52urQHqnOdMepHLxiSP3QgMQA68
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zulubet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F500 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=562430780494&version=m202309260101&ct=77&x=1&cor=4505687086479100400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame E40E 0
150 B 73ms
24ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=52595300048088304444550012482025&a=b0bab3c0&vb=v
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=52595300048088304444550012482025&a=41e97468
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/request_content.php?s=52595300048088304444550012482025&a=41e97468
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 09:07:37 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D025 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4320840604477&version=m202309260101&ct=77&x=1&cor=10645762170863964000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 09:07:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zulubet.com/	1970-01-21 01:11:06	Name: sc_is_visitor_unique Value: rx6491974.1697706453.18CACE53B0DD4F2D1DBBAEEE4F48AC7E.1.1.1.1.1.1.1.1.1
.zulubet.com/	1970-01-21 01:11:06	Name: _ga Value: GA1.2.519388589.1697706454
.zulubet.com/	1970-01-20 15:36:32	Name: _gid Value: GA1.2.704344941.1697706454
.zulubet.com/	1970-01-20 15:35:06	Name: _gat_gtag_UA_20543524_1 Value: 1
.statcounter.com/	1970-01-21 01:11:06	Name: is_unique Value: sc6491974.1697706453.0
.doubleclick.net/	1970-01-21 00:56:42	Name: IDE Value: AHWqTUlT42juGdKY5SCH49EUTHh84t8poBY-EwJTjcu2ReCNqZnKE-E6LBvk1nDz
.casalemedia.com/	1970-01-21 00:20:42	Name: CMID Value: ZTDx1qfc0swVYRQAwS-eXwAA
.casalemedia.com/	1970-01-20 17:44:42	Name: CMPS Value: 5166
.casalemedia.com/	1970-01-20 17:44:42	Name: CMPRO Value: 5166
.doubleclick.net/	1970-01-20 19:54:18	Name: APC Value: AfxxVi4s3XWwJLLyjUA9pXsQvJt8N2JUq6adWPI-ByrN9b6WYxfjgQ
.adnxs.com/	1970-01-20 17:44:42	Name: uuid2 Value: 7353793935623095460
.adnxs.com/	1970-01-20 17:44:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVMKq+'s!@wnfH8K6pQK`!5=E<L5?%M<eVw9k/K_Q6iSV)!/Z>O.aRH+pAqE$tdcoGhbpRzqF1`b_3a*2An3
.zulubet.com/	1970-01-21 00:56:42	Name: __gads Value: ID=4b8d4fec617d1f1a:T=1697706453:RT=1697706453:S=ALNI_MawoK_aZ0Wan_u4X20ayqQzjtFHFg
.zulubet.com/	1970-01-21 00:56:42	Name: __gpi Value: UID=00000c9c793ffa89:T=1697706453:RT=1697706453:S=ALNI_MYldOjxsW5fg7_7_I-HHww_4rAJtg
.doubleclick.net/	1970-01-20 15:35:07	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 16:18:18	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 15:35:10	Name: DSID Value: NO_DATA
.redintelligence.net/	1970-01-20 17:44:42	Name: 8lcfmzhxc8d6_uid Value: 2b2a89d3968c1cd6
.googleadservices.com/	1970-01-20 17:44:42	Name: ar_debug Value: 1
.office-partner.de/	1970-01-21 01:11:06	Name: source Value: {"webgains_webgains":{"timestamp":1697706455802,"clickCookie":false}}
.zulubet.com/	1970-01-21 01:11:06	Name: _ga_KK1P5MH3YQ Value: GS1.1.1697706453.1.0.1697706455.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
c.statcounter.com
cdn.track.production.webgains.team
cdn.zulubet.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900021.redintelligence.net
hal900025.redintelligence.net
ib.adnxs.com
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pv.medialead.de
region1.google-analytics.com
s7.addthis.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
www.zulubet.com
104.18.27.193
104.20.219.77
108.138.7.5
13.41.39.134
13.43.78.194
138.201.220.30
138.201.84.245
142.250.185.70
142.250.186.34
144.76.238.55
145.239.193.130
172.217.18.102
172.217.18.2
18.66.147.41
185.89.211.84
2001:4860:4802:34::36
23.212.201.72
2600:9000:2156:6e00:17:8017:6440:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:801::2004
2a00:1450:4001:802::2002
2a00:1450:4001:806::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9c
2a0b:4d07:101::1
94.23.99.218
99.86.4.36
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
009946f841e477de16f0f5c0739c8879a5ac8647faa6223f5a050f0d1ecb1cc6
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
059b96de2a449a2a18bdacdc4259630778b92d6878d9c7b8a2f4272b126508ac
077384909cbb42379ffef2a592cd07d4006c0525fb1d585e51f0a07fdb2b3761
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4ee580d3b85b57f2c1d323d04eb4482fd5ea5a7c3e57d3dde7ee7df5846208
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a5fe37663c7ec74b80ba81f3c79ddb3d1830181e97f9b394c01f940d3ff2958
1b0044f65be47e82c66ca5343961b7f949154df02118e65b61f82fa948d3f8b5
22df92a529f9166f6734f918331ea87f64fa454df1ebed4f6b2b30b3a0e6602a
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2ba6e14f43ee59f6c6f8e3bb68c6487d2cc70432e07d599c19ea2e23013126af
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
364d2c3c102a6141e06cc7e14f105591e6ee13b787c84df090a8c40719684ba0
372a8f7b7853766bb5b4ea4b6ad35b90454cc1d076019ced5698ada26f0c5533
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d51b95e0334e6ddb4dfa92933cc185a1c58d9b3b8c8be65f2302831f72ea873
415a76a775e54b2d08a33fc2d6526dcfaf76cb031155b6f034291e129d87903d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4911c72e64973b56dacda1199b1acec330fc2f151c0bddeca39401b272036aef
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bffab7ac13c746fdc6cdc8c314bf814fc7e4c224106195a007ff147170e2748
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
516d73bcb7131e8b992cdb46f3ce8b6e18cbc617cb13d6d063006dd5352da5dd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62358501855a09305666a117588c3d27612e207dc5cb26404af453ae2ee38ea2
62da44bec3568be531be450582e05f697dec119a7d3ceb6ae0040e86344adca8
67d4fa2f6b38c509136763f3547b7f50d848f81c3ce8c20f1ad3a751745613c9
6b7249c6d06141077a64d7270cd095bd6f3bf5196eb4939bb252827309003d16
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6f2b10fa1f69006ed6fbdf45a61fc7ca3aedd53673216860027f020e38a97a31
70edd2297ecb201306acff5be959f7251f0b8402706bd52e138b6663f2d40c4a
72c86c40840b984e8df9f1d45157af2e7fe84c93abe7ea61fcd939383bebf1be
73e3191e8775f3d00119696caa79759b2ae87b5bf058bf6a66b626eb04580244
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7cdc6517c2c65f2a3abdd9c7508600086b66db6aa6591827337af9d19ec2e0c6
7f306d857bb5b152679fe902b847e4675d6e851b74df78d520758defc2158725
81606a432859651a432d365e091f3ba09a384b102d88652e75e2497f5e4bca81
887973df5bae56efd3c902e3b297c875c8eda9696c0a997aa45c2d72c8a6a139
8be39718183bf045e1c2805e714943742847b5d9ec1c3cde2528b29edaf6d898
8e6f2e33f21ae518d8623a491c2128a3042196a798eb8dd5f43e7f0886f68326
8eb79ebfb95ffabade7c71885bdae45b952e9ab832837fb3ebb41bd6df056594
90a318d3ba3b123a8fb64fc5a9d9035dca71d736d3cd1a8210469ba81635253a
91c19099e080c2ab1ff99b371116afdc6f1d3dda0eeaa125ea680d1a810a3dd0
97822fb89eb778082da07672d6f5bb2a5617f787b2ee54b6536a188fd870e562
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a07987493f5b2be92201c334e482cdd6a9d27983037bac3c70ac2a48b96e9702
a07cdc724363d091108add2cae0fcea6144bf72d292ef1a8b8e09e42b61a0709
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
af72552898acd7208ab9261c2c6d2d105bfdc1d5ca7f3c50ddae431d2b2f163d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16a72aab5ab9441565e03b75f193012e53af453fbffabbec58b73e862eb4c76
b2f395085e824edd731fd42a9315d376cf94a79ed655ee88a9b9d74c97a3b5b0
bc59dcc3eb5e32df0bec16cd2e1d59d9fb1375e5b16235e0a19cda478ffb3419
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
bff213874ce3d0ba3e7b2d018294c6f0145891a59ad5b1d0bf3ef1b65efe3292
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c98ad466c537bebcd591967be557612aade1579740907cef7d0f5199459fbc9b
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d0cbcdac438ad5a7f7df3bb3e7d00d8845a8dabaa37980ba37f94834d3284d42
d2ab6ade9cae5c26414e78666a0949ddc645748b0b6db20e4c2f5f5967b15eb5
d352be99a0ea148d76243b6e5f8307dea8f876963b01623d277d6478fd0adf45
d543d8a4f078929ac02cef84ee84622eb87e9951121c69f5bbce7c1057c68fde
d6087acaa274a3252f6d52ddb3582e93e369aee84b15b50bc7846ca9d55776be
d7ff07a9c9090794341fe97d494426a8b06472f64f52b8aac507132bb92d5d6d
d9e14f2871c4fd7651fea58568d351022005c31f01a69ad2e3536b1184f33804
dd638405d0d55950ef600f4ec344840851c4077b93e50d09ee28bb6a6d0ebdcf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9dbf01d7c2e6c4c6b05e2086b5887c82d9abd417ff5657a37c489b8879b253
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
e08fab994eb10dfab342ea8c594178451e92a54746244e47f90d513c187ae228
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec96718e2907a7f6d12b7e8f3d9228e0436145a5be898700d817fb152f96d6ea
ed714a245e54150311f80467ac514cb655c1f2c5bd054c6d81d12a00cf1c4f54
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1966d30d096c25dabd4a006486c455fe541221ef2f2b787501c1feda27f806e
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f6d8ed6dc4662048577a87d8f90d08c65ef9865636ed6bca1de80455045974a6
f7697fa1795284477b1a6ecad67f6fcae56a66c23a6cb1ea967f9430a96d9694
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

www.zulubet.com Open in urlscan Pro 2600:9000:2156:6e00:17:8017:6440:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

163 Requests

93 %HTTPS

50 %IPv6

20 Domains

38 Subdomains

36 IPs

7 Countries

2048 kBTransfer

5165 kBSize

21 Cookies

21 Outgoing links

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zulubet.com Open in urlscan Pro
2600:9000:2156:6e00:17:8017:6440:93a1 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

93 %
HTTPS

50 %
IPv6

20
Domains

38
Subdomains

36
IPs

7
Countries

2048 kB
Transfer

5165 kB
Size

21
Cookies

163 HTTP transactions
4 data transactions