a2zapk.io Open in urlscan Pro
2606:4700:20::ac43:4b79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://a2zapk.com/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Effective URL:
https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Submission: On August 18 via manual (August 18th 2023, 4:05:22 am UTC) from BR — Scanned from DE

Summary HTTP 326 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 19 domains to perform 326 HTTP transactions. The main IP is 2606:4700:20::ac43:4b79, located in United States and belongs to CLOUDFLARENET, US. The main domain is a2zapk.io.
TLS certificate: Issued by GTS CA 1P5 on August 4th 2023. Valid for: 3 months.

This is the only time a2zapk.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:8d79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 35	2606:4700:20:... 2606:4700:20::ac43:4b79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:803::2016	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	204.79.197.203 204.79.197.203	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
78	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
21 28	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
12 26	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
12 19	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
3	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
63	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1 4	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1 4	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
3 6	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	85.114.131.233 85.114.131.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
326	30

1 2606:4700:3035::ac43:8d79 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a2zapk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:20::ac43:4b79 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a2zapk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

a2zapk.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net

srtb.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.186.162 (Grosse Pointe, United States) 21 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 185.80.39.216 (Canada) 12 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.89.211.12 (Frankfurt am Main, Germany) 12 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal900024.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.149.243 (Sindelfingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal900030.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.165.19 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.198 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.131.233 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21037.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
111	googlesyndication.com ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	655 KB
63	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	1 MB
59	doubleclick.net 24 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 ad.doubleclick.net — Cisco Umbrella Rank: 187 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 179726	390 KB
35	a2zapk.io 1 redirects a2zapk.io	94 KB
26	casalemedia.com 12 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760	18 KB
25	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 528	191 KB
19	adnxs.com 12 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	14 KB
15	redintelligence.net 3 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 40248 hal900024.redintelligence.net — Cisco Umbrella Rank: 362170 hal900030.redintelligence.net — Cisco Umbrella Rank: 340246 hal900028.redintelligence.net — Cisco Umbrella Rank: 277185	33 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	395 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 126 www.google.com — Cisco Umbrella Rank: 3	2 KB
3	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 90672	175 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73 ajax.googleapis.com — Cisco Umbrella Rank: 424	65 KB
2	disqus.com a2zapk.disqus.com	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	28 KB
1	msn.com srtb.msn.com — Cisco Umbrella Rank: 821
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2102	250 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1212	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	87 KB
1	a2zapk.com 1 redirects a2zapk.com	531 B
326	19

	Domain	Requested by
71	pagead2.googlesyndication.com	securepubads.g.doubleclick.net a2zapk.io ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
63	s0.2mdn.net	a2zapk.io s0.2mdn.net
35	a2zapk.io	1 redirects a2zapk.io cdnjs.cloudflare.com static.cloudflareinsights.com
32	tpc.googlesyndication.com	securepubads.g.doubleclick.net a2zapk.io ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com
28	cm.g.doubleclick.net	21 redirects googleads.g.doubleclick.net
26	dsum-sec.casalemedia.com	12 redirects googleads.g.doubleclick.net
25	play-lh.googleusercontent.com	a2zapk.io
19	ib.adnxs.com	12 redirects googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	a2zapk.io ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com pagead2.googlesyndication.com
8	ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	www.googletagservices.com	a2zapk.io ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
6	5994599.fls.doubleclick.net	3 redirects a2zapk.io
6	googleads4.g.doubleclick.net	a2zapk.io
4	hal900028.redintelligence.net	1 redirects ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com hal900028.redintelligence.net
4	hal900030.redintelligence.net	1 redirects ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com hal900030.redintelligence.net
4	hal900024.redintelligence.net	1 redirects ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com hal900024.redintelligence.net
4	securepubads.g.doubleclick.net	a2zapk.io securepubads.g.doubleclick.net
3	adservice.google.com	5994599.fls.doubleclick.net
3	cdn.contentspread.net	hal900028.redintelligence.net hal900030.redintelligence.net hal900024.redintelligence.net
3	hal9000.redintelligence.net	ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
3	ad.doubleclick.net	pagead2.googlesyndication.com
2	ajax.googleapis.com	hal900028.redintelligence.net hal900030.redintelligence.net
2	a2zapk.disqus.com	a2zapk.io a2zapk.disqus.com
2	cdnjs.cloudflare.com	a2zapk.io
1	www.google.com	tpc.googlesyndication.com
1	fonts.googleapis.com	ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
1	srtb.msn.com	a2zapk.io
1	region1.google-analytics.com	www.googletagmanager.com
1	static.cloudflareinsights.com	a2zapk.io
1	www.googletagmanager.com	a2zapk.io
1	a2zapk.com	1 redirects
326	31

This site contains links to these domains. Also see Links.

Domain
unlockapk.com
t.me
plus.google.com
www.youtube.com
telegram.me
www.facebook.com
twitter.com
www.digg.com
www.linkedin.com
reddit.com
www.stumbleupon.com
www.tumblr.com

Subject Issuer	Validity	Valid
a2zapk.io GTS CA 1P5	`2023-08-04` - `2023-11-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.msn.com Microsoft RSA TLS CA 01	`2022-09-08` - `2023-09-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
contentspread.net R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 38 frames:

Primary Page: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Frame ID: EEDFF3F7321CF15119241FF70DC459A4
Requests: 73 HTTP requests in this frame

Frame: https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 5F1ABCCAEA3969DB5894BEE4195A2277
Requests: 2 HTTP requests in this frame

Frame: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4C2B6BAE5DC3701485C9240485406054
Requests: 1 HTTP requests in this frame

Frame: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1F42963C9AADE1BEB642921EBBEE1C34
Requests: 3 HTTP requests in this frame

Frame: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7688FFF0832E5B1EBA19DB9791F44BF6
Requests: 15 HTTP requests in this frame

Frame: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44058D8F80426F62BB74BDD9E9CEAA66
Requests: 19 HTTP requests in this frame

Frame: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E8F32979877E3C4C6169E6FCBF8EB7D4
Requests: 19 HTTP requests in this frame

Frame: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A5575DAB546E75F939AFEBCF334675D7
Requests: 15 HTTP requests in this frame

Frame: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 62B24B4A77CC2E3E8322A4A2C4201504
Requests: 1 HTTP requests in this frame

Frame: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E7E2B95FB8B0BC8399F05F16BDE49C27
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXhtkBEXHsdzmYWU9c0XiJAwFKpS6qwENMrfzJ_I1Q9vqW1aPF3FaU_hn5JzlVc_IIUffdTMVR2vgpnd3xYMolzpw7mY-xFjErgm-hopV2Jj73L_exgD4dj2YB4zTkI2ucJfJOvHKjJpFmyaQiXm8L2RJ_3agLUgletmqbgN9rosYDIitc
Frame ID: C25A65615C6E634E63E5E2FC1ADFA499
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B7F598046B891212BA978CD1C1A25A6D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNWNqZYIGuTIuegE3uGt3nxedu7uswPO_B-RxR3MeuVs-YY0YVBaSyYLdgY5zyPSMtnNrxSOPGoklJK3QkocnnLBZJwZCWeS9Hy8TGkVYW08qBPHMuI2GdFqC57zSz4LmOQ1oclRV4nfIYOC1zBWGNUK_iAP59yu9OkwCIqlNpCg4NRBdZc
Frame ID: 6EF7BA5D768868BCE8666EA713AB60B5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNXtxTo87sWPkT1BDo9WjYmLTL72LHb3SKGZj2l4waZsSc3-S2AlZLhD8XwJGixfDBpCKxBw921-e0W0QOvkLqZXEm4wa1f0nVzj4logbMXBvQ3eyA58KfdvVTgcH29aZ1kbwIu9AlfoDyxDkESmt2xCxEZcpz1cieChRad18fwbmOOVptQ
Frame ID: 931EA4B3529AFBC668FD2418FB798155
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNUKEGxq-oJt2hDUjZ6jHBsUgr9NCbSwQ1Qhxd_clScucZP2V8ZWuc6FRfd5bkA5okIKK7Vs9wJwwRIs6V61XvCL07HQAFTrzmVMB1Q6_Y8wsIIx4zoWPEABXUqB7zu8uU6dNmJqEFBQkuq-J2JHVAeH6h7fQ9PTbCFn_HryuQg0hDzKTTw
Frame ID: F516E15C7FA8CD15B81BE62F73EDA651
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWnt2hdu4SK3FsY2ANLj7FagK3J6BDsELOO8K8otyWGGR7rjrGzHbVXgmG85s6lSVGEqpGnf7_CtKuPHgK6uTnxzRzpPcqRuKSbtYA5o9f-dxBry3BPgHkP6E6zIQ4lLJdFzCj9ryetP5Z4PDBYLb7OBoTcB3wnQro3JQgTnFehW4f0NsM
Frame ID: 1F9E6DDFBE11B54E033EB742BF634BD6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWhdgvEdP-KhAhKno-OuJZN4FsiKJMSNEKgkOl5mIr1fEM8OgWipl_Ww60j543OFJk0pJR_kLwQ3EzWNLajfzgL2NTgVUL1_f9OZnLGds63gYLDPqmbmaFiyF0fmCYc3b0H1cnusosa4b5hoigZrvk2URMMI37oXJyAOmznbn3iZIYQ8Lc
Frame ID: E4C6B6855C0BB391273A2ADC246EBFDF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B15FE54C304A086E2395F14BB3C5DE32
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXMwmODqD7coDvtgtfTeWdoopUeSqZ1RFouVX9j6SbmVkt53PbPEa7wiHFAV83NO-Vx8Y-gPx3P3QMwCmdFvJvGtLLIVdsFQv8xFiRKuNGtsr4K89Zv1WFbpYSrv1lEflZo4PVFtkpd0XJxC9RKbKjtCkptZANXwN1raNsBFq378HR5Mt4
Frame ID: 425FEF99D866EB31F1A3ACA16B187FD3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AB5FF50A311C3111A2C7FB56FBE4DA41
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Frame ID: 1B8FC059A0BFF1A043A0FD348CE404FF
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
Frame ID: 95711F5F7A69AC04ACE98743DA8BF8CF
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Frame ID: 05EC60B5846C22479D9943454BA05F80
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Frame ID: 56201C920C4956E41170BC9EA4344E8A
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 04D12F62BA8C8D5861AEB724EBEA6806
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 67EACFA14448EAEB7621065B75F864DB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4ADA621F4666823FF0609A1D60FED9D0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A3B2A366CF459132E76BD627DF18652D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6938F265D6C004F8FD672D3019E3B2C3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C19C57794439A8A987C8BA134C7AA90A
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COvTzZeq5YADFagTogMdQggOfA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6978281399097.637
Frame ID: 7AF08E43407332D50C425B7A6306FA78
Requests: 2 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=22987500012292504445008012420028&a=a65ee92a
Frame ID: D7BF21FBDCACB34371BF9EA5AB74485F
Requests: 5 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLDUzZeq5YADFVwFewodm4QMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9499452244257.32
Frame ID: 1A653B5084A2C9D09B3BF2BAD7FFB81C
Requests: 2 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=28502400009939404444550012420030&a=ee0df00e
Frame ID: 269B9A0CAA44E1F257AE384DE66013DE
Requests: 5 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf6z5eq5YADFVUOogMd9J4M5Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6589618366142.878
Frame ID: C28D7D9466399F55870C24F86C3B0CCF
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=47310700009529404444554012420024&a=81fec6fd
Frame ID: 80EBA80E10A83DC91AB494CEB18B3E3A
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 370B376FB5EC30578EBD8FB4F285BB0B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E6838E587DE8D872BD03CBEEAFFE0132
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CAIXA Tem 1.47.1 APK for Android

Page URL History Show full URLs

https://a2zapk.com/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html HTTP 301
https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

326
Requests

90 %
HTTPS

57 %
IPv6

19
Domains

31
Subdomains

30
IPs

3
Countries

3311 kB
Transfer

8018 kB
Size

13
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://unlockapk.com/tool/
Title: AdFree Tool(Remove Ads Online)

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAAESkO8aXp9DwuS7O7Q

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/103172325778829268165

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCIPgMksz38ODT5OU4a8py_w/

Search URL Search Domain Scan URL

URL: https://telegram.me/a2zapkofficial

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.digg.com/submit?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.stumbleupon.com/submit?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://a2zapk.com/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html HTTP 301
https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1

Request Chain 133

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

Request Chain 135

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1

Request Chain 137

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

Request Chain 139

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1

Request Chain 141

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

Request Chain 143

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1

Request Chain 145

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

Request Chain 147

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1

Request Chain 149

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

Request Chain 151

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPHtFgQQ6dCLMU_Lh6atSH4&google_cver=1

Request Chain 156

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECn51wYNAhOFQxoMJxdttlg&google_cver=1

Request Chain 158

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

Request Chain 160

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECn51wYNAhOFQxoMJxdttlg&google_cver=1

Request Chain 162

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Request Chain 225

https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95a918b35e&subid=&uid=4de14914390e3d84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCy-om_O3eZImdA5SJ1PIPwP6UgAOm5b2gaa2VnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOgBT9C_XoYu7G-bGCbZeuMXgFpiic-KM_8uSigsQ6ehuNM3FlwaRqDcXB762WlyR40SpqVeCkLLII59-KIh87sUrI2orJOrOClbwo11FLh-oBkZwkai50LPzfZ6C5rMBIV59aTkE_4Q1cVGgo3GtBNSxyodV_PH9Glr1tFQL5HJtVMYKB3-km18owC8Fl6Kz_mykt2uhP5eJqfDf56w4m3Y61GwddY2easx8tBmrosXmd1FvD_z39qcGz8y5G3gG-7-r5B_0j23x0PF809JAhsmOVXGKue7LOfwlLhl1weU4MXr2WFA8ypnm8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIiYvtlqrlgAMVlARVCB1APwUwEAEYASAAEgL3q_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_1bmYJCH99QapHqXe6-F-MX-V37Fg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AMx8RdeaYG5Df1jiPguNuq2JWzXZWlv5Fgq-All6tm50T42-CXOO85MBTK95TJGgLhy05KeuPR21DjPO_Rx-O24D5PzJNYaf_H6D4rFFbPBaiKSA9xj1obM5dK_EdgCn9NM5ihQmomMVIn00I1Hw1Mx053C-DIdIaBVzcMF0jovuYpvOs%26cry%3D1%26dbm_d%3DAKAmf-DuE7z12jJIZXqyXqxOoTVCCa0Ihq2aIZG2hKTvVVhk3-LP9MXfvYvWYHthZYBbHEJKg0BpgVlys_c2wFsnDDdP3Rp6XhpBuCRGVjoAQcqwM3U6luhJxd2wrwqIwUkf0lTVJFepN2AqjfMYoOFGinWsCViAtw2KzND6zUYOwoUvFuI4_McJrXgS4LX8zOeHDuZPQxcoA1HH3ClzETd576Y_Gnrb6fMdFN818XQ-2SpDw161JE65kC3l1Mk7uf9O7ZJZjFZ7-bFUkIdYhFqNqmdcNqeFFlDmLzvZhuxMIl6324DwOYX4C66U-0byH_laVaB5gxovvd1aX7pEgkJ4deCw7VNqJ3DU7IM3z8TsG6CyhNUfR8LcEeur0kSdkWwbRXDpkxIV4eX8zTkdGed3SSEkIpdvg996zqrvag8svGH_RRY5BZ__k5SU3-gugkSJygSDq9FSNQIXaq1ZXb4e2Xvh3DjH7iw4Kabi8-5xhfatH-W9g6H7aOjaNOm_K81bPCZQF_Ro0NMHRbEI4j-aJUZtjqEmVy1F7wg0qefcsaq9377sIjFEN0zPR-ZqO2vkTAhx7oJiM5FHF9rOs86plmza7nVxiv2_vEwd_S2x0g7SbO97yJa842DYWZJs9ifladuQO8YM%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1007000029181&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95a918b35e&subid=&uid=4de14914390e3d84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCy-om_O3eZImdA5SJ1PIPwP6UgAOm5b2gaa2VnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOgBT9C_XoYu7G-bGCbZeuMXgFpiic-KM_8uSigsQ6ehuNM3FlwaRqDcXB762WlyR40SpqVeCkLLII59-KIh87sUrI2orJOrOClbwo11FLh-oBkZwkai50LPzfZ6C5rMBIV59aTkE_4Q1cVGgo3GtBNSxyodV_PH9Glr1tFQL5HJtVMYKB3-km18owC8Fl6Kz_mykt2uhP5eJqfDf56w4m3Y61GwddY2easx8tBmrosXmd1FvD_z39qcGz8y5G3gG-7-r5B_0j23x0PF809JAhsmOVXGKue7LOfwlLhl1weU4MXr2WFA8ypnm8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIiYvtlqrlgAMVlARVCB1APwUwEAEYASAAEgL3q_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_1bmYJCH99QapHqXe6-F-MX-V37Fg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AMx8RdeaYG5Df1jiPguNuq2JWzXZWlv5Fgq-All6tm50T42-CXOO85MBTK95TJGgLhy05KeuPR21DjPO_Rx-O24D5PzJNYaf_H6D4rFFbPBaiKSA9xj1obM5dK_EdgCn9NM5ihQmomMVIn00I1Hw1Mx053C-DIdIaBVzcMF0jovuYpvOs%26cry%3D1%26dbm_d%3DAKAmf-DuE7z12jJIZXqyXqxOoTVCCa0Ihq2aIZG2hKTvVVhk3-LP9MXfvYvWYHthZYBbHEJKg0BpgVlys_c2wFsnDDdP3Rp6XhpBuCRGVjoAQcqwM3U6luhJxd2wrwqIwUkf0lTVJFepN2AqjfMYoOFGinWsCViAtw2KzND6zUYOwoUvFuI4_McJrXgS4LX8zOeHDuZPQxcoA1HH3ClzETd576Y_Gnrb6fMdFN818XQ-2SpDw161JE65kC3l1Mk7uf9O7ZJZjFZ7-bFUkIdYhFqNqmdcNqeFFlDmLzvZhuxMIl6324DwOYX4C66U-0byH_laVaB5gxovvd1aX7pEgkJ4deCw7VNqJ3DU7IM3z8TsG6CyhNUfR8LcEeur0kSdkWwbRXDpkxIV4eX8zTkdGed3SSEkIpdvg996zqrvag8svGH_RRY5BZ__k5SU3-gugkSJygSDq9FSNQIXaq1ZXb4e2Xvh3DjH7iw4Kabi8-5xhfatH-W9g6H7aOjaNOm_K81bPCZQF_Ro0NMHRbEI4j-aJUZtjqEmVy1F7wg0qefcsaq9377sIjFEN0zPR-ZqO2vkTAhx7oJiM5FHF9rOs86plmza7nVxiv2_vEwd_S2x0g7SbO97yJa842DYWZJs9ifladuQO8YM%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1007000029181&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 226

https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=b8e883a2b9&subid=&uid=61af113ff704d6a8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYE-E_O3eZIudA5SJ1PIPwP6UgAOm5b2gaYWVnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOQBT9DhEaT1R6FsDXHuQ2KxuQJT5rNm3XGkOekCKzalccv6jOled8rAGHGWv1P3p5thpKe5M2A2Y71sMUmOFttANbR1QYwBKZDPI8aUxHNEB5Eo31Hmph_TwX_ox3AqusWI94varDIeNYhmNYUXrzwX-nJXPW-Ovltj7M9jdlJvtmHWNgDvsYewuOlODWYAJEgOjknnIw5JpJziIcCOn6Dom-jmZTZXkFu9uDBZIvhRQSGhR-A_UrTWip8C60Y3yA0Kdx9D8Wac5sFaOisVr82fz9-CvHLUFaHLHBJ6sExXH-5IsE3SwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIi4vtlqrlgAMVlARVCB1APwUwEAEYASAAEgJnr_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_2a98sG_hTWzjta2FmmKuM1p-3Q6A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AmZnStis0gaHGBwByDciZMPFFZDWO-bTdDSrWSMyNC6hAf21o6VAqKR8tVnlMcQhyGyUMp6NG0ua7mRUyWp085lKM_1vP5kDPQCy76tzC9JhiZLEfGmisQGC-4CMfrGW5Xv-ua-Vhlh3emo0q9tKWYC3xkRHTZF8vjjC-3dvXd74nH7KI%26cry%3D1%26dbm_d%3DAKAmf-COUWCmL0yq-0F85Gq98kYgnHQ4I-mfKxA9FkKwK6JFhkt5IUV54aVrtWrM1DrYAUNLWtBxrEmhp0ToC2YpdHaYBtS6KaR8APpMYgUl1Zou77qxwmrNhI6SNEDYPDJ4uI5q9aj1ce7MaZ2DQc24ObBlyyZ_obowSD5GWI0D5kVSG-EI8NRxGAIu7qx3eAW5plVQC52NCYEMn5PV37T_d96CSWCjz-IB9ZuPivoyGQIeDF0CQBY8WrBk4hYAd8RNVs3xNsHnrMlZjy8cP0nAPTC4OF2ChFuDpRUpzyokVqwvTf72FOPXcin321GIBN88FLv3tOVvm4xPWFhZ74VA7JQUSmKhEvrdUvyfeCQiLukBYXVMUGr0OFb5ozvEZEiY6RNGYbAMtVf4nX7XY4htGzyXf3tTwfG97RWw7ir4X9_w_GZ48Rev_UnUQYWrbehTBJ3wGGav2wfRbcFBaGSWpThvVlzE6SpjaTSDTDy4WOmvKz5lLdN-HJ4TcLC0DbZbwLuNY-KHpk0iTn9I6oaEZixFXSrTxSHzRn7SfXc1OtCpd0zItx253tInHOH-nCpvjN895rFVhT4FPXaX6tO-oZLpDWYcxsVSnSgOpuvMTiLLZIs7KYqNPVc_iM27OCvcMjWYo8Cs%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1217226070022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=b8e883a2b9&subid=&uid=61af113ff704d6a8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYE-E_O3eZIudA5SJ1PIPwP6UgAOm5b2gaYWVnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOQBT9DhEaT1R6FsDXHuQ2KxuQJT5rNm3XGkOekCKzalccv6jOled8rAGHGWv1P3p5thpKe5M2A2Y71sMUmOFttANbR1QYwBKZDPI8aUxHNEB5Eo31Hmph_TwX_ox3AqusWI94varDIeNYhmNYUXrzwX-nJXPW-Ovltj7M9jdlJvtmHWNgDvsYewuOlODWYAJEgOjknnIw5JpJziIcCOn6Dom-jmZTZXkFu9uDBZIvhRQSGhR-A_UrTWip8C60Y3yA0Kdx9D8Wac5sFaOisVr82fz9-CvHLUFaHLHBJ6sExXH-5IsE3SwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIi4vtlqrlgAMVlARVCB1APwUwEAEYASAAEgJnr_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_2a98sG_hTWzjta2FmmKuM1p-3Q6A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AmZnStis0gaHGBwByDciZMPFFZDWO-bTdDSrWSMyNC6hAf21o6VAqKR8tVnlMcQhyGyUMp6NG0ua7mRUyWp085lKM_1vP5kDPQCy76tzC9JhiZLEfGmisQGC-4CMfrGW5Xv-ua-Vhlh3emo0q9tKWYC3xkRHTZF8vjjC-3dvXd74nH7KI%26cry%3D1%26dbm_d%3DAKAmf-COUWCmL0yq-0F85Gq98kYgnHQ4I-mfKxA9FkKwK6JFhkt5IUV54aVrtWrM1DrYAUNLWtBxrEmhp0ToC2YpdHaYBtS6KaR8APpMYgUl1Zou77qxwmrNhI6SNEDYPDJ4uI5q9aj1ce7MaZ2DQc24ObBlyyZ_obowSD5GWI0D5kVSG-EI8NRxGAIu7qx3eAW5plVQC52NCYEMn5PV37T_d96CSWCjz-IB9ZuPivoyGQIeDF0CQBY8WrBk4hYAd8RNVs3xNsHnrMlZjy8cP0nAPTC4OF2ChFuDpRUpzyokVqwvTf72FOPXcin321GIBN88FLv3tOVvm4xPWFhZ74VA7JQUSmKhEvrdUvyfeCQiLukBYXVMUGr0OFb5ozvEZEiY6RNGYbAMtVf4nX7XY4htGzyXf3tTwfG97RWw7ir4X9_w_GZ48Rev_UnUQYWrbehTBJ3wGGav2wfRbcFBaGSWpThvVlzE6SpjaTSDTDy4WOmvKz5lLdN-HJ4TcLC0DbZbwLuNY-KHpk0iTn9I6oaEZixFXSrTxSHzRn7SfXc1OtCpd0zItx253tInHOH-nCpvjN895rFVhT4FPXaX6tO-oZLpDWYcxsVSnSgOpuvMTiLLZIs7KYqNPVc_iM27OCvcMjWYo8Cs%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1217226070022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 227

https://hal900028.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=29ec4cc88e&subid=&uid=2e2287e913203111&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbmdj_O3eZIadA5SJ1PIPwP6UgAOm5b2gaeWYnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOUBT9DnH5nodRcF0KismTZQFOLQDy55t5nk2fgmLT-diqaIGuKw-mTvYLK98iC8ewzQkiiWFzbbyNZx53LFvTRh6ORqW35wc1RIpMC9gOaqZKKw4zy6jQ2lTZ_1JlMh0vGXWdtN-TLtBASqDRyiWSsH2NlcQwPlXW2rngOZJ1DhEXXN2E2TCVE8hJFfLEZ24ozA-SOIvmSk7roDr75iDKAwGJvL9PCciLZps1CuPcOJtQbcwnpj6gJknSp7ODQWLafcI80dxkw_qyM5hyrILxf8gfJBNahk86WwdiVktSAztVHxdO_Js8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhovtlqrlgAMVlARVCB1APwUwEAEYASAAEgLjufD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_17qbb8uRqX7DIe7lS5g_xlTdkZpg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Aq7pu4YxTjOvQLb8OIB7SRcVUNgKJSdctZY3Yyb6oDBULLAJYqwdP9jBtPfZUWv11fUAJ7sVtO3VES2K5y2xIjVe-VwTqkYQRuiOAZL75rM0TnWeCw6wIIqWAXflCKse-vxdK6f3LAUMr7sINCX8Ksk1Jd8UpssX4xTXY66vk1pdJGUrA%26cry%3D1%26dbm_d%3DAKAmf-BbXNbLureQoYXcho0a5ZvRBzIzerjuS7HLNGStOKmahBcT1OEmP1JObFErH1jymH2i_PdyLiQ8CKNuFuWxeEdfNVx-h8CtBo1AjyavAkJlTO38FqXd71Rwdob7kX8tdmQVFM8FaqdX5Je0w14wYYPchm-Qvx5RfR8Gf7BLKS61XMfIx-6oJHZmxMhuXgFEkKYIerAUTU3aZHA0_TXcE6zm1gFQdsHOiR7D9aAxuP5DyOxqn95q-Dr7cGK_u_e25VWrXE1yurQqqF3gPyWNCUIKw6cXXQe6qwISecyDL_ffKLurHO0N-oVaPDmD9EejSkCknEhmYLKVB_y8O_0KvSXoxJSqxA4B1STJieRsQx4FeVNxo8-phzL7I9VvEQVzhh3Ix2pURNCaA8pnKrFQDOh046KRSPwC9d_j7kjZqb4RYUQ2kJpcIKoh9v3CJlv7g40a5ot_56RCPYfEKTvnQ1MChxcIdys1rpFm2BuhHPzzTakdgHzQ2eRWPl5O7axq82GfD1FleinvEjZQ2HBX9KHjiEx6Llb2wdHP5e4Lmh3nDdN-kNLlZ7WmK9uOdIyL5pD0DbcXzQt7UqM450YfBLbvLHMlmwZeRBA8VAh7eWzJFeBWvWxqWhTpvzKARO7UpKuaJ_Vj%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=8376611265757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900028.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=29ec4cc88e&subid=&uid=2e2287e913203111&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbmdj_O3eZIadA5SJ1PIPwP6UgAOm5b2gaeWYnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOUBT9DnH5nodRcF0KismTZQFOLQDy55t5nk2fgmLT-diqaIGuKw-mTvYLK98iC8ewzQkiiWFzbbyNZx53LFvTRh6ORqW35wc1RIpMC9gOaqZKKw4zy6jQ2lTZ_1JlMh0vGXWdtN-TLtBASqDRyiWSsH2NlcQwPlXW2rngOZJ1DhEXXN2E2TCVE8hJFfLEZ24ozA-SOIvmSk7roDr75iDKAwGJvL9PCciLZps1CuPcOJtQbcwnpj6gJknSp7ODQWLafcI80dxkw_qyM5hyrILxf8gfJBNahk86WwdiVktSAztVHxdO_Js8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhovtlqrlgAMVlARVCB1APwUwEAEYASAAEgLjufD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_17qbb8uRqX7DIe7lS5g_xlTdkZpg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Aq7pu4YxTjOvQLb8OIB7SRcVUNgKJSdctZY3Yyb6oDBULLAJYqwdP9jBtPfZUWv11fUAJ7sVtO3VES2K5y2xIjVe-VwTqkYQRuiOAZL75rM0TnWeCw6wIIqWAXflCKse-vxdK6f3LAUMr7sINCX8Ksk1Jd8UpssX4xTXY66vk1pdJGUrA%26cry%3D1%26dbm_d%3DAKAmf-BbXNbLureQoYXcho0a5ZvRBzIzerjuS7HLNGStOKmahBcT1OEmP1JObFErH1jymH2i_PdyLiQ8CKNuFuWxeEdfNVx-h8CtBo1AjyavAkJlTO38FqXd71Rwdob7kX8tdmQVFM8FaqdX5Je0w14wYYPchm-Qvx5RfR8Gf7BLKS61XMfIx-6oJHZmxMhuXgFEkKYIerAUTU3aZHA0_TXcE6zm1gFQdsHOiR7D9aAxuP5DyOxqn95q-Dr7cGK_u_e25VWrXE1yurQqqF3gPyWNCUIKw6cXXQe6qwISecyDL_ffKLurHO0N-oVaPDmD9EejSkCknEhmYLKVB_y8O_0KvSXoxJSqxA4B1STJieRsQx4FeVNxo8-phzL7I9VvEQVzhh3Ix2pURNCaA8pnKrFQDOh046KRSPwC9d_j7kjZqb4RYUQ2kJpcIKoh9v3CJlv7g40a5ot_56RCPYfEKTvnQ1MChxcIdys1rpFm2BuhHPzzTakdgHzQ2eRWPl5O7axq82GfD1FleinvEjZQ2HBX9KHjiEx6Llb2wdHP5e4Lmh3nDdN-kNLlZ7WmK9uOdIyL5pD0DbcXzQt7UqM450YfBLbvLHMlmwZeRBA8VAh7eWzJFeBWvWxqWhTpvzKARO7UpKuaJ_Vj%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=8376611265757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 275

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6978281399097.637 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=COvTzZeq5YADFagTogMdQggOfA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6978281399097.637

Request Chain 277

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9499452244257.32 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLDUzZeq5YADFVwFewodm4QMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9499452244257.32

Request Chain 280

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6589618366142.878 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf6z5eq5YADFVUOogMd9J4M5Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6589618366142.878

326 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html Show response
a2zapk.io/
Redirect Chain

https://a2zapk.com/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

70 KB
18 KB

225ms
188ms

Document
text/html

2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f560d70a83b256d7af9d99049284d7a1c1bbe06af13eb0a9cac5b86580a4645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=16070400, must-revalidate
cf-cache-status: EXPIRED
cf-ray: 7f874701cfc53688-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 18 Aug 2023 04:05:15 GMT
expires: Fri, 18 Aug 2023 08:05:15 GMT
last-modified: Thu, 17 Aug 2023 00:48:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZzbcqGxcGSEGB43eygn06dkm3J8IDjguVMpp%2Fiy9tko6oaMEtpRtbFCSsN%2Bl%2FrWZ%2BO6eUBfUo%2Fpm9PAlONmCNO%2Fg7sYZF2MRD5spCo%2Fcy9E6RmB4N4LpfqmpM5IEAqdbe%2BA3DWOCA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7f8747017b1639be-FRA
date: Fri, 18 Aug 2023 04:05:15 GMT
expires: Fri, 18 Aug 2023 05:05:15 GMT
location: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSSTrxp0eD%2FAbxgy4%2BTaro9Ytv8mHft37nnuA9FTEbKplAEFjvyc2AeRTxKuc2plF0XTzopFKrh5%2B7OoBQ6DLFL80DKeLKIImJOJoBRduJK6UkUYhP7PrKg8jmhM5m7ZvSu80TCjSkKh"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 mainstyle15.css
a2zapk.io/css/ 35 KB
7 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/mainstyle15.css

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856b7627332054da5d97c14110a9d32817707ce60898c83d97004a7268858d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54357
cf-polished: origSize=36363
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 15 Apr 2020 09:10:20 GMT
server: cloudflare
etag: W/"8e0b-5a350af75d700"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNMUvnuWS8vDJYpX0Q61MDN6sS8Q71g3Y%2B8vvYz8%2BEGvur1ffAwOjjBa9g8Cgy9r%2Fyd1%2FW%2Fm8kMzy5RcCsY9f2bCH1rzLPcFKeEdUbUOUOrN4FC83TJh9ZnHpFfeKoYWt7qezyCJbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
cf-ray: 7f87470308953688-FRA
expires: Fri, 16 Aug 2024 12:59:18 GMT

GET
H2 200 styleMenuIcon2020.css
a2zapk.io/css/StyleMenuIcon/ 2 KB
950 B 19ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03c3cdc21d2bff5ce75dcf0a2eff01acefe9a72463d18631dbd8e92adfb194a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54357
cf-polished: origSize=1712
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 21 Jan 2020 01:25:14 GMT
server: cloudflare
etag: W/"6b0-59c9c479f3280"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xi%2FnpmDMBaDd0gRYqOeGTz6mfXWvtAXn2rvMZYkaYOsM59cZxobuv65m8Uym%2FehTVqWPlVq75w4Mb5Yd65irtSBx47RPI7H20diYEAFqaQe2miQX6tNQQiIvX7kP6WKqJag%2BCYj5%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
cf-ray: 7f87470308963688-FRA
expires: Fri, 16 Aug 2024 12:59:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 63ms
26ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SS5VJ1BTPE

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10c7d137c8d802161e880da81e30b751f9e338e9d4fb8bbd24419ddf1f656fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 18 Aug 2023 04:05:15 GMT

GET
H2 200 fb.png
a2zapk.io/images/SocialIcon/ 436 B
858 B 25ms
20ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/fb.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

272f2244814e649578b0ea90e4cc0ba8c97752f5ee3d6dbbb32082a1dce382fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54356
cf-polished: origFmt=png, origSize=906
content-disposition: inline; filename="fb.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"38a-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AJKOVYmfmHHS4Lw0OL3uCq3kVyl5LG279MTRWOCqeUdMRu4PckVm4mrp6%2BO%2B8DfNtwkXs9LyCUWsw%2B28Iu1DVQNF4BV5Rn9T2sw0t3EPhnF2wJITsnloPp%2FeUzDDcAKRYwbIzWkAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358ce3688-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 telegram.jpg
a2zapk.io/images/SocialIcon/ 1 KB
2 KB 29ms
24ms Image
image/jpeg 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/telegram.jpg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d0cfc322eef2504a71973cdccf2a6b0d2ed6cadf8c2ee812b0f57cfc91f49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54356
cf-polished: origSize=1875
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 06 Sep 2019 14:17:12 GMT
server: cloudflare
etag: W/"753-591e318216a00"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tU%2FQeGidbypSBp%2F%2BOB1z1I71eWJGXoY7ooUOBUlyIOsfeqUaE9x0fQgL0J6GYTlZ6bLis2EKgn4AjjdoGxxajRxYHFDY5s1NuraYEA1wmlF%2FwaAK%2BB6klUX2QS2qhmDOLKfhRZIEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358d03688-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 goog.png
a2zapk.io/images/SocialIcon/ 986 B
1 KB 27ms
22ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/goog.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb41b019613aa88688529bdb45c6496a238f4496d51e9077e2b69ba01102006a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54356
cf-polished: origFmt=png, origSize=2328
content-disposition: inline; filename="goog.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"918-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p73h5LaWXb3lPqOT2Px0XWXwuqluxzwmNfs7NyudeH4xB7oQiI53O2hSpa9utYZguiKtfbprIid9LUDMpeVIjoF6ZH0haJ2LtvnEBA81j%2Bxa64rqBOAeH9irInqx8mVbrmQHzeeEYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358d13688-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 yout.png
a2zapk.io/images/SocialIcon/ 1 KB
2 KB 28ms
24ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/yout.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d331fb82724f45c59327c435134c753bc5a07be33b7c94b621d5401d2156fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54356
cf-polished: origFmt=png, origSize=2692
content-disposition: inline; filename="yout.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"a84-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaF615fVCwd%2FytGZtFisF3azoWZysEWqtmDZxwjFNOo4w80FA4%2FeXDX9rZ3%2FUW5oQas3YnhYCJ4Vd5SiJpwK8qh0iKRbgmZWbAPhjKt5Czd%2FVPp%2BgXFkmHAUgcI%2FqESzhxx%2FDeJgEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358d23688-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 empty.png
a2zapk.io/images/ 68 B
570 B 25ms
20ms Image
image/png 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/empty.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eba7a7a39459c37cc784afeb2ef1613d0b046b4e1988984fd2f801b568cb7a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54356
cf-polished: origSize=70, status=webp_bigger
content-length: 68
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 16 Mar 2020 03:51:06 GMT
server: cloudflare
etag: "46-5a0f0ba8dbe80"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9v6tiP3vvwGFRxtxUe02AojiXSSFVxxQfAiEarSA21egztwGynI8BuSE0Q7ZczaCdyBV%2Fvi%2F%2BLF2RZ2TIfAxue8222SnmRrnN8%2F6bv%2F1CfYFnr%2BgupgOTyPVPjrq1Czqcp6%2FLMKKAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7f87470358d33688-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 Loading.gif
a2zapk.io/images/ 13 KB
13 KB 28ms
23ms Image
image/gif 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/Loading.gif

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f24416dc04e9b661270520183a4080ef0bc4862be4043278716f6debe2d0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54349
cf-polished: origSize=13999, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"36af-571c5d524ad80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOlrE%2B4PsM20RXg267uJNvtDUjTw6kc3oZpMY%2FVWaz7vkUhMPko8%2F1q2UzFGghbcS5rzEnl2i%2BVjcpQM%2BLF2onVyq3O1jA2n1XSS%2FPLg%2F%2FoWK7K08rTJ6Hm1n4A6gsJAEYRW39WUPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358d43688-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 laeKBCF2fUwtRr-6YSvnzWxKVpHek9-tNg5hQ4wUVaUEKc9I7sTH2Ekco80_J1UUsQ=w70
play-lh.googleusercontent.com/ 7 KB
7 KB 201ms
164ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/laeKBCF2fUwtRr-6YSvnzWxKVpHek9-tNg5hQ4wUVaUEKc9I7sTH2Ekco80_J1UUsQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2987f8ce761dbdafa880a50e06360cb287d2db365d490eb5ef0ddfdf9d8cab45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6673
x-xss-protection: 0
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 ajax-loader.gif
a2zapk.io/images/ 634 B
997 B 27ms
22ms Image
image/gif 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/ajax-loader.gif

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffe96b98423bb7a4e0ca465361afca090f1896831face3abdbd51365e6675c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54349
cf-polished: origSize=673, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2a1-571c5d524ad80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAWZCE7Q2vNUknlR8QDqUX%2Ffd8eOmoAoUejy%2FRfBDlFXggIN%2BwJJ9ZSBsglKe8u9VP1FPIZrsxPxkzFf5VV0pU98c8VQnpR78h3hZqMuo0dC%2F5ayIDbEBfU5XVX9r05An5lTr6iaWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358d53688-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 off.png
a2zapk.io/images/ 2 KB
2 KB 31ms
27ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/off.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fd93de5dab28bfc6583e39bdaac6a7a4b610e0c5c9560984a4ec04f84099f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54356
cf-polished: origFmt=png, origSize=2671
content-disposition: inline; filename="off.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 21 Nov 2018 11:23:42 GMT
server: cloudflare
etag: W/"a6f-57b2afb820b80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sj9fO1ntPdFZm1JiPGA%2F3K3Rwjl6SDeCtkb4O7WEW2cmK%2BJTpb14lVLtPwMYP0YrJp3pkLFCRxQkb9XrkszakUbcjcieyo7qg9knW6Ay0oW9WU04W0jk6ZCqaOD2JuJTNeA5%2BqBj%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358d93688-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 fd3cf7dfeb25dbee1baa6483c36bf27f.png
a2zapk.io/images/ 6 KB
6 KB 34ms
30ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/fd3cf7dfeb25dbee1baa6483c36bf27f.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

061dd6591dde25591931dc9470fd0bc3b63f4bf0ed8696af047f5a020c50c542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54356
cf-polished: origFmt=png, origSize=9359
content-disposition: inline; filename="fd3cf7dfeb25dbee1baa6483c36bf27f.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 07 May 2021 08:36:00 GMT
server: cloudflare
etag: W/"248f-5c1b95142dc00"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYbrRtKA1xM9hk7iCLIn7Rdz2iP7OUSFw%2BAZwu2xY%2Bd6ZPjSnHCqxVrpI7WwBDzFU9%2BpVYr20YFJVigdbz5jGW%2FI4%2FfNH%2FJC7GaJbeBQmFCwAheLbHjMElkeDamzIY4UOHWOqH6D5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358da3688-FRA
expires: Sat, 16 Sep 2023 12:59:19 GMT

GET
H2 200 facebook.png
a2zapk.io/images/SocialIcon/ 514 B
903 B 32ms
29ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/facebook.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54349
cf-polished: origFmt=png, origSize=603
content-disposition: inline; filename="facebook.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"25b-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u10Ah5e1jX2atFk0WuS04jjJone5zHz88RM7i%2BXRjDYel%2FoP%2FWQVERMyC%2BHMGGQqIfr3JYGqeSBFtjf%2BXI65boJy4s4wtz8tjy9zrrOJKWjrY5N69N6N1Z%2BWGDPPcJK%2BVDfiDOmwiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358db3688-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 twitter.png
a2zapk.io/images/SocialIcon/ 654 B
1 KB 30ms
26ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/twitter.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7560081f09d7c7cc914628f0d6f9bd2f91a1c33ccd0403e130c441c607d06f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54349
cf-polished: origFmt=png, origSize=710
content-disposition: inline; filename="twitter.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2c6-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8O%2BR8oiuucpsB%2BIFdpARnZ8wyKJ1OzXKl0bgb8Lo%2FBtJPuINUrBm06AUJVIXvxNz2irjOFzIkTOGqVoWFy7rTNE4JeCN5CvKkhXWPkxTw4lHZQlCwqrZHmnxqPy3LFStOpgxvUCJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358dc3688-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 google.png
a2zapk.io/images/SocialIcon/ 856 B
1 KB 31ms
28ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/google.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b257d5d9d3e857f54d63ff3c6139e086e5c8ca31ab501a7da4b21edd22bdf78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54349
cf-polished: origFmt=png, origSize=929
content-disposition: inline; filename="google.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"3a1-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YU1Ksoh7kxUnoLe2%2FdZkSnxFZGNHezTyKU3sCrH9QFFMMFryVS8MT%2FVCw8WYY4q4WDP2Pq9%2BvVyYF68r8LvxBvApBKC9h1%2Bet7gXfuGHMeLKSzraMAsrXk1qs2wARqI7O%2BkEb6GSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358dd3688-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 diggit.png
a2zapk.io/images/SocialIcon/ 664 B
1 KB 33ms
29ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/diggit.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1f5610c96200875fb98043688653e3edeb19c69d4037823918a573eca2c9ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54349
cf-polished: origFmt=png, origSize=743
content-disposition: inline; filename="diggit.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2e7-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7jskF0xG43DjBLsjHsGEU5URy%2F%2BacRRlA30kV8Fdzjf60m8FtSVpHYvzmU8Yzc65LdiAoSU6Bn%2B1o6ZoiWHuvtqKIWbwXHUMYOb8ABz1o0rDmk%2F6Z9RKMiH6fatE75EVSzAbnKJHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358de3688-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 linkedin.png
a2zapk.io/images/SocialIcon/ 600 B
960 B 31ms
28ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/linkedin.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b582acaf161db1ef436343a487e95a35a5ee579d35893ad726dce7fa4b85b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54349
cf-polished: origFmt=png, origSize=676
content-disposition: inline; filename="linkedin.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2a4-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybGgKxdueQDnWufahuPsDVmByp1%2BpWNusia3Eqav3TtlAO2Ekg8h0KNWkDfAKgLSSFA2AQt8CQddoRSdNqksuh1DcjUUr0VA9L19JKmf3RPIUnJg6I%2FOlZNCQXqH2Az5ZXGNM8OUgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358e03688-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 reddit.png
a2zapk.io/images/SocialIcon/ 1 KB
1 KB 29ms
26ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/reddit.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ae11b8d7458ea7d87d6889e190ad6b5701aaf6072f54df327f745c997c3a0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54349
cf-polished: origFmt=png, origSize=1109
content-disposition: inline; filename="reddit.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"455-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8jRzB%2BJN1P5sthblHtLya2T1EIPiz%2BddGeJPeGbVPwnM4wjTdWUhfHyrFJDJBYNFqcQYGbsRWjfPLP6JEpseOaEo97lmgyEIlu8le%2BWponwv%2Fa88GpCpuYb6ezgIM3aAToKgtbsTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358e13688-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 stumbleupon.png
a2zapk.io/images/SocialIcon/ 670 B
1 KB 37ms
34ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/stumbleupon.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40973a3e0be1b19f1d4a5c766421814dc51eaa807a8568e95619bebe2903473d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54349
cf-polished: origFmt=png, origSize=759
content-disposition: inline; filename="stumbleupon.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2f7-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jskpiPlMb0vmtwFDewqqqDcXM%2BNpcFXSkI%2FqzuZT%2ByR1cjrRRf%2FWtoFwhWOxLKk9r5Cn%2F2QUoJ0W%2BqwhEm0tp8kKYRCq%2FBQdj3TwoGIcd1QCkr7F2uLhH%2FV9tlQjJ5A4A8n0UgbIWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358e23688-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 tumblr.png
a2zapk.io/images/SocialIcon/ 568 B
941 B 30ms
27ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/tumblr.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa300a570cc50f33f0dbe6fa43169017bb99a2518e002f72b5a445ae07f7edc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54349
cf-polished: origFmt=png, origSize=641
content-disposition: inline; filename="tumblr.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"281-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNXRAXe8OmUrunpGuGi2bZCS7RWjib5ala5NtTSC7%2F6db%2FuMSH8%2F%2BHZJR7zdal%2BGKYHxFvk%2FNNQkSw%2F4Fo%2BVIke2N7T0tum2mxs%2BkWcMbsRIHCE1059VYdDGgOJqTnU3aGuV1A%2FOCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358e43688-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 41ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3276705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2B%2BMc%2BAVaem7ECLX4nRV2reFh7FhUcjIU%2Fv7xw5mQRS9Vix2g8NAUSfzlKGQ0qgNastBXZ2venLSky%2Biw6lPkfWLMalXlNJctU7%2FmgvyJomFvTDEekUMyO7Y8itQrePLiqF8j37LpAanJsW2P7FkafA7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f87470348239962-FRA
expires: Wed, 07 Aug 2024 04:05:15 GMT

GET
H2 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/ 3 KB
1 KB 42ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3590518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1120
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-d35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3b5oeaDXIhw9mfs783zTjGPwsmyc78c7u82VCVZWVZDZU8%2BLaDPpXDtvBwoU588Ml%2BNJdEDESR3lBaluqR8jdfEgxvZn%2BQP066QamRp%2BSKn4TwXLvpYWlyoZel3aqZ%2BdMYDmfFwt%2BcEqMosWzwEnnh1D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f87470348249962-FRA
expires: Wed, 07 Aug 2024 04:05:15 GMT

GET
H2 200 main2019.js Show response
a2zapk.io/js/ 7 KB
2 KB 24ms
19ms Script
application/javascript 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/main2019.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8555fd4d9b084d0196daff5bcd75bff3931dec40f27ba33b5ab400ac9d90ceb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54357
cf-polished: origSize=7007
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 09 May 2019 10:35:22 GMT
server: cloudflare
etag: W/"1b5f-5887201d5ee80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FBbB09vh%2FqbRNIHtltAjahGFTnJ1meG89McCgFSE5S%2Bfau31QVBc1kBCGWnPJksjScNh8Nwf5GRJ096MMdfUV16D%2BvVG%2Bbj%2B00bT0lvKe4s%2BdCp6cfrHUioEEAoZjpWq3AxQTrxOg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470348be3688-FRA
expires: Fri, 16 Aug 2024 12:59:18 GMT

GET
H2 200 apk2019.js Show response
a2zapk.io/js/ 4 KB
2 KB 24ms
19ms Script
application/javascript 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/apk2019.js?v=07-26-2023

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2925735552eb35109c7d23a42579810b5f46bad2bc1b602fd0a1aff0d215eda9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54350
cf-polished: origSize=4702
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 15:14:26 GMT
server: cloudflare
etag: W/"125e-5ffaabd256f06"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuZjO5njZWDxKWupF3Q9vad0Kay35OegLJsG8Fj5McsLMECklwhGQSlmp5O8ZnWTUDwGfGZ8OPaGDpwt6Lrfw9SH0DQZS8PzpmgLwGrF20i3iu%2FhNb%2B6G1GWzGXhIowWAC4P4jKVZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7f87470358cc3688-FRA
expires: Fri, 16 Aug 2024 12:59:25 GMT

GET
H2 200 notification.js Show response
a2zapk.io/js/ 9 KB
2 KB 26ms
21ms Script
application/javascript 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/notification.js?v=06012019

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b2ee5bf0628946267ddcaf4be02035e2f89ec2d050157614a6e99e0375e94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54357
cf-polished: origSize=13287
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 04 Jul 2019 01:48:42 GMT
server: cloudflare
etag: W/"33e7-58cd12d713280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROqGsD03NXXFwZ%2Fg7IOx%2FUjFXXcQmbbXUny68dmYmb%2BKYLd9K8MYe0OeJ9Xhdp9qY1S2Eo2Wv1vaGRqHr%2Fjjrhx2OUKo0N5qoSvfCHmHwroBRmaBVh2xsBXOGSuYOyOoGDPYiall3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: public, max-age=16070400
cf-ray: 7f87470358cd3688-FRA
expires: Fri, 16 Aug 2024 12:59:18 GMT

GET
H/1.1 200
OK count.js Show response
a2zapk.disqus.com/ 1 KB
2 KB 67ms
15ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.disqus.com/count.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 04:05:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 23
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Aug 2023 22:01:45 GMT
Server: nginx
ETag: "64d55e49-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: lo1zQ0yv0kVmEEzodnsIyJC18mrvrVKjaF5jQUwlniiov7LYj18kBA==

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 76ms
41ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://a2zapk.io/
Origin: https://a2zapk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7f874703894130c3-FRA

GET
H2 200 adgpt.js Show response
a2zapk.io/ 21 KB
5 KB 187ms
185ms Script
application/javascript 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/adgpt.js?v=1.40.5522753354233487

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bf9cd1267e65f4b946d11e5147ea5322fa5a1f99581f64a5d57b52e551073dd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
content-security-policy: frame-ancestors 'self'
content-encoding: br
strict-transport-security: max-age=31536000
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNFYA7SKjKOwKLGCL9A9wm3DZ%2FMfmcvwb%2BrZniJBiJ9NnLcd9E%2FOe3jjbnqi2N0u7FpGOUIbg9FCznlX%2BprbZUluhlZvp7VEvu7XwJ%2Fra9Ejh9zYRUbz8b5HCjJfqbWxR63V98kJaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, public
cf-ray: 7f87470358e53688-FRA
expires: 0

GET
H2 200 star.svg
a2zapk.io/images/ 762 B
921 B 29ms
28ms Image
image/svg+xml 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/star.svg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/mainstyle15.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de16fd70e645265335ce7453f787726ee7c95d9d379d9759eea0a48d99d28913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/css/mainstyle15.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54350
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Aug 2018 15:56:52 GMT
server: cloudflare
etag: W/"2fa-5741c4eb5d900"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uddP3OWNQPpZEjLKA00VobJC%2Fi7a36fko8hXvp3ZHYWzvG2iTU4Y%2BzxDi8%2B8AC4jreTVJJpe7AFkBDImvm%2BPN2yPRAAR7%2FinbWX0JI1UNc6XVHpjt3h9H8ulTrvYzWHsbFxt4DLpKw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7f87470358e63688-FRA
expires: Fri, 16 Aug 2024 12:59:25 GMT

GET
H2 200 stars.svg
a2zapk.io/images/ 901 B
914 B 23ms
22ms Image
image/svg+xml 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/stars.svg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/mainstyle15.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc60e6f6e60e1cc56e2ebfc8d51811b55fc04a29e0a383dfceba765c2e870ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/css/mainstyle15.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54350
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Aug 2018 15:56:52 GMT
server: cloudflare
etag: W/"385-5741c4eb5d900"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fboy1sjmEqJXwiOpCgX%2BQ3nExnsXNG46AdBmzGSzdO4CXE5MDKC2RBBpP%2BIh%2FI1VK7127U5iEEPErX%2Bi969J6L%2FUOzSyypFr9yPQVxOG4wOi7ISXZfmaiT3u1F5CTOTghkdkr1TsMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7f87470358e73688-FRA
expires: Fri, 16 Aug 2024 12:59:25 GMT

GET
H2 200 icomoon.woff
a2zapk.io/css/StyleMenuIcon/ 6 KB
4 KB 26ms
25ms Font
application/font-woff 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/StyleMenuIcon/icomoon.woff

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6135796cbdc91d896457d04e673761aaf6e3b54f51b8dc2162c30a523a81b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css
Origin: https://a2zapk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54357
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"19bc-571c5d524ad80"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwIUMLJ%2B4z52S6AI1hCrVXPmU35AsnN5tEx1WbgYbkHAFs8leGkzsrMfoamE2XV5qf3K5QUEuRo58Iqp1A5ITCRZL0eDCHzR5IoBbX%2Bcrt11htvADZVvXc8Wefbdg4UxTyds%2FXN9Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2678400
vary: Accept-Encoding
cf-ray: 7f87470358e83688-FRA

GET
H2 200 br.gov.caixa.tem.html Show response
a2zapk.io/reviews/ 29 KB
8 KB 393ms
392ms XHR
text/html 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/reviews/br.gov.caixa.tem.html

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e084babd4353d34bffd625f8d3940438615ae5cb342b908f3717ca2e23e3d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 18 Aug 2023 04:05:15 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofNKfh4SatiWVS%2B4JDeeRE9brZf1Omn1MUWatt%2B0r9RxY8L5cxy%2BDqn%2F9vriVsqIiW7Sf2LWI%2BXjeIb5kEjKY30dSPeVYsjoNRTdZ4e1RQpTDWyc4tNKpc0zaOZFmXaDax220JNw4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400, must-revalidate
cf-ray: 7f874703b9163688-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK count-data.js Show response
a2zapk.disqus.com/ 326 B
908 B 95ms
95ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.disqus.com/count-data.js?2=https%3A%2F%2Fa2zapk.io%2F1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Requested by

Host: a2zapk.disqus.com
URL: https://a2zapk.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

78ee5a5b37a1565a279ca4eb5fca67b8433c71d2977e5f0588dc6f8778629092

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 04:05:15 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 30
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 326
X-XSS-Protection: 1; mode=block

GET
H2 200 count.php Show response
a2zapk.io/dl/ 2 B
384 B 197ms
197ms XHR
text/html 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/dl/count.php?id=1130001

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfKkKHgQ%2FBKhLWz7o4r3EurH8h7lIN9uwwTUQImTJEh3If6AIpXn0dhfkG61jXx0O4kBX1OnlOooC1bxd61CX4deWKZ8d6LJEqMRttalHFfrGUvc6A8V9BA7VsrGq9VWRi7tcbqvkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7f874703d92c3688-FRA
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 suPN3WmysI0orlAjuwsVS_SfJ636vnUAj4n1iVwXMyIzUo6IMKzI57Yj6UyImQVtnlHP=w70
play-lh.googleusercontent.com/ 7 KB
8 KB 9ms
6ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/suPN3WmysI0orlAjuwsVS_SfJ636vnUAj4n1iVwXMyIzUo6IMKzI57Yj6UyImQVtnlHP=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

121d26ded0e138ec0552d7298fb338c40b0b467a50448b2bcbb9121cc1cdb0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 01:55:18 GMT
x-content-type-options: nosniff
age: 7797
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7435
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 01:55:18 GMT

GET
H2 200 3S8J6nN1A9IwOhOwRRf3lgbOtP-PvQN0lat21-S27jFKj7f4zSUfutotH5pgdq5dP_EO=w70
play-lh.googleusercontent.com/ 11 KB
11 KB 34ms
31ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/3S8J6nN1A9IwOhOwRRf3lgbOtP-PvQN0lat21-S27jFKj7f4zSUfutotH5pgdq5dP_EO=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9ed4919d8289e7eef10aa9eac027a166480a0dec03cadd53a9500ddb4d1df101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11553
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 EJDtYUFdaIuZiONXKeInnNAbzQfa0D6BIHrc-HRG5ZuvJcQmZY2aK7bG8zx5GeQHA2Hn=w70
play-lh.googleusercontent.com/ 1 KB
1 KB 23ms
19ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/EJDtYUFdaIuZiONXKeInnNAbzQfa0D6BIHrc-HRG5ZuvJcQmZY2aK7bG8zx5GeQHA2Hn=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e37817763c084e0af5a14e4a4025b49862effe93608b0fd1644103beb518f68d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 01:55:18 GMT
x-content-type-options: nosniff
age: 7797
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1035
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 01:55:18 GMT

GET
H2 200 -jHaiys9Ir97ti43X2FMC94jFm8vzNlFoxbKmIyLPzYshadUytRweGRXVXjZZVYVJoDr=w70
play-lh.googleusercontent.com/ 1 KB
1 KB 33ms
30ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/-jHaiys9Ir97ti43X2FMC94jFm8vzNlFoxbKmIyLPzYshadUytRweGRXVXjZZVYVJoDr=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0fb6826010e7c2cd49aaa4d145b99763f6c5aca921a7ebbcd45b350f6ea0fa10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1079
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 f29Zpv7VvNQznC1zPD-_KI6_E4cwkiXDtB7UYbfFmTp3W0QBuLARucu6prh_9ZURwWI=w70
play-lh.googleusercontent.com/ 4 KB
4 KB 22ms
19ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/f29Zpv7VvNQznC1zPD-_KI6_E4cwkiXDtB7UYbfFmTp3W0QBuLARucu6prh_9ZURwWI=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eaaf7638b59a07a0404e97b077b179525fc9b4a0f2d5c9f397b6727bb6244c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 01:55:18 GMT
x-content-type-options: nosniff
age: 7797
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3947
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 01:55:18 GMT

GET
H2 200 I2S025jaYCRIfRLhtXGXK9yTB2pMwhT0sqpjcXfueVWMFsAf0F--c7xEg8u2A8fvBw=w70
play-lh.googleusercontent.com/ 2 KB
3 KB 33ms
30ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/I2S025jaYCRIfRLhtXGXK9yTB2pMwhT0sqpjcXfueVWMFsAf0F--c7xEg8u2A8fvBw=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd6d8c66459f7e8833acec381118440961ddd6c8f1aa8ca79a39aab3408bd3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2526
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 iYf9v6TDHmklK-AUu9PV8Li9ZUGoybW91J-eYUOVaMhXQO3w1Qh_TD3noFmPOH9185c=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 32ms
29ms Image
image/jpeg 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/iYf9v6TDHmklK-AUu9PV8Li9ZUGoybW91J-eYUOVaMhXQO3w1Qh_TD3noFmPOH9185c=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fc95001c73188c9ebec45e6a66bc369f6b78cf75d3234641a7222b4b2066f0ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2591
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 kH7QddrML_niRm4ziPZPtkA9tRi4S4U93P0CZVaZ6D_4nvGLFaQWqDW4u23d2fLokSQ=w70
play-lh.googleusercontent.com/ 10 KB
10 KB 35ms
32ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/kH7QddrML_niRm4ziPZPtkA9tRi4S4U93P0CZVaZ6D_4nvGLFaQWqDW4u23d2fLokSQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

25a09c44ecdf00f1c9e110084125735ce49e1e3ee9e631a9af960756d8a85a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10156
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 ODHtYi8Lc8sVle-Fxc1PBt5oDGoElyHOhOHIEhw2hd7ekZdw0dcF2x_-K8B_dzD6zO3e=w70
play-lh.googleusercontent.com/ 12 KB
12 KB 23ms
20ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/ODHtYi8Lc8sVle-Fxc1PBt5oDGoElyHOhOHIEhw2hd7ekZdw0dcF2x_-K8B_dzD6zO3e=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8f065413821906c08494a9ee618b18645e3a596b3c4b4c88f9589b94ee76b4a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 01:55:18 GMT
x-content-type-options: nosniff
age: 7797
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12624
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 01:55:18 GMT

GET
H2 200 5pmkyAaxElx4XJfzyodK5UtPtqpklG29FrcbEugoblR8k3AfNWHN2fPgzUTfzLDmxGg=w70
play-lh.googleusercontent.com/ 10 KB
11 KB 22ms
20ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/5pmkyAaxElx4XJfzyodK5UtPtqpklG29FrcbEugoblR8k3AfNWHN2fPgzUTfzLDmxGg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0d06c9325c6d891f705aa524747c63186f34930d0b89738cebfa18aaa32b413b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 01:55:18 GMT
x-content-type-options: nosniff
age: 7797
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10717
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 01:55:18 GMT

GET
H2 200 Ktx1BuBLSE8pkp2oCvsV9jdolOBTHI2Ze45RcThVCJhQyOX-jrv9EujMY2uGZMxdbQ=w70
play-lh.googleusercontent.com/ 10 KB
10 KB 24ms
22ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/Ktx1BuBLSE8pkp2oCvsV9jdolOBTHI2Ze45RcThVCJhQyOX-jrv9EujMY2uGZMxdbQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

43c25479fb19fcee766eb4b4324ae44f24ce530b983299e51bfa40acc68ae5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 01:55:18 GMT
x-content-type-options: nosniff
age: 7797
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10489
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 01:55:18 GMT

GET
H2 200 kpAFQtFhVHFZ7edyoSQzQ6DntD7WSNUdqCGNaYWG_GArx7TVSZzK6-tHfvsWtduUWg=w70
play-lh.googleusercontent.com/ 12 KB
12 KB 30ms
27ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/kpAFQtFhVHFZ7edyoSQzQ6DntD7WSNUdqCGNaYWG_GArx7TVSZzK6-tHfvsWtduUWg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

064c351cf64ddd4ac7120ad7398a6d53d5d6d28b8ab57e3926459f2fad3f9da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 01:55:18 GMT
x-content-type-options: nosniff
age: 7797
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11868
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 01:55:18 GMT

GET
H2 200 85ju8fkbd0ozWCp4Lg06rqROKDvU9qTiaamzEALjcWEDearxCs-JTfB3SRduYu8IqvFf=w70
play-lh.googleusercontent.com/ 6 KB
6 KB 38ms
35ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/85ju8fkbd0ozWCp4Lg06rqROKDvU9qTiaamzEALjcWEDearxCs-JTfB3SRduYu8IqvFf=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

336451140780463825a9afcfefdc4e6e29278c430adf290c991a93b7f40bd48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6511
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 GwYfabKJSuh3ZZic55C9LLvPrud93lyQaVRTrurCxTb68w03I9YRmVcwa_X7K8xc3w=w70
play-lh.googleusercontent.com/ 11 KB
11 KB 42ms
40ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/GwYfabKJSuh3ZZic55C9LLvPrud93lyQaVRTrurCxTb68w03I9YRmVcwa_X7K8xc3w=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a231c8c9b85655bd11127d15c1fe0692cf75405dfb436a2614a581caf175453b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10897
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 OU2hCZUnoTuzXECIsyEncU0eiW8E0_6QDQxggppwp5iRxOZs_T2jyricqLanGIgaqt0=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 35ms
32ms Image
image/jpeg 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/OU2hCZUnoTuzXECIsyEncU0eiW8E0_6QDQxggppwp5iRxOZs_T2jyricqLanGIgaqt0=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

34b6fe92215687cbed1be732be428ee1b0e4b4a6af5ddb106b8857aadf6bbbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3350
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 h8QC5CiVMlvAspVufbsFK-qCsW6WCmk13oPMlRGpagJAVR3gdukBAgk6hIKmh_DT_4xM=w70
play-lh.googleusercontent.com/ 11 KB
11 KB 41ms
39ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/h8QC5CiVMlvAspVufbsFK-qCsW6WCmk13oPMlRGpagJAVR3gdukBAgk6hIKmh_DT_4xM=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f23d7f84662c43e898bfbed6b3e6f633250b48e83ed7ebb1e88c8416f53d63c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10853
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 oWttohYyh3AtI6jYeQNQReUzhz-babbXTHf9DDosjH-BnUC1eGgh16yxJoDrJm9xxr49=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 31ms
29ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/oWttohYyh3AtI6jYeQNQReUzhz-babbXTHf9DDosjH-BnUC1eGgh16yxJoDrJm9xxr49=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d14655909420f9ebf6ead0163a23930907885e2d7392b00d5897a7b85799c89a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 03:47:23 GMT
x-content-type-options: nosniff
age: 1072
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3300
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 03:47:23 GMT

GET
H2 200 Wb85lujqAwU6wKQcyAdFU6r4o9m1ag4ZDYfa-3CLg5hTql4S05sHbdHYjtRzqJk9jng=w70
play-lh.googleusercontent.com/ 2 KB
3 KB 30ms
28ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/Wb85lujqAwU6wKQcyAdFU6r4o9m1ag4ZDYfa-3CLg5hTql4S05sHbdHYjtRzqJk9jng=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e82be3fc67946ffb05d1254d420a2b4233822b0f773409264c74bdbb1289ea4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 01:55:19 GMT
x-content-type-options: nosniff
age: 7796
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 01:55:19 GMT

GET
H2 200 gSjFqN95LD5aX2zksiuZda21c-HKJpePUTp54C3_niK8mx1jEzpgut4u72d_P94YTRo=w70
play-lh.googleusercontent.com/ 10 KB
10 KB 37ms
35ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/gSjFqN95LD5aX2zksiuZda21c-HKJpePUTp54C3_niK8mx1jEzpgut4u72d_P94YTRo=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b937f009c5bc3f1066b51b73189ed939a054f883211fab460008ac8080d5aa17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9980
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 VsJBTv7Ta15_SDZbxM0C-GGHhYYx2e1brTFYUx8vDafNCzJrv3mRK2iX2oX8mxb3hgU=w70
play-lh.googleusercontent.com/ 14 KB
14 KB 42ms
40ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/VsJBTv7Ta15_SDZbxM0C-GGHhYYx2e1brTFYUx8vDafNCzJrv3mRK2iX2oX8mxb3hgU=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bb12e0be7d9f8b609ca29da52321717febd067a55c9533d248b29ae9007a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13903
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 uA2SPkUUN4feau4S-JtJrxjTfjQ7s5_9vTA2dj1ECSPQy_GrQXGzSp_PH0eTibmymsM=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 34ms
33ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/uA2SPkUUN4feau4S-JtJrxjTfjQ7s5_9vTA2dj1ECSPQy_GrQXGzSp_PH0eTibmymsM=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a41620a90c460d71993a408748ecc6be5bd243708f42d7289fbb45a2860dc153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9206
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 tQnLqmg4442DPpBt4ETmvu4Q9GAGqX1zciYwdBZ9NJHXYI9m3MMcFiwKyrVmXAyYLw=w70
play-lh.googleusercontent.com/ 2 KB
2 KB 36ms
34ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/tQnLqmg4442DPpBt4ETmvu4Q9GAGqX1zciYwdBZ9NJHXYI9m3MMcFiwKyrVmXAyYLw=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

26d109dc8c72f6364a4ca1d488adc24a54db5a28074afebbe677d608b7e9976e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2236
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2 200 eB1ddJSuLAN2AIWZ2X1gQ6krzb7VwZ2xhYGOMrOyFe5TSejW364kh82ArhfDBXPW-tg=h300
play-lh.googleusercontent.com/ 27 KB
27 KB 402ms
400ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/eB1ddJSuLAN2AIWZ2X1gQ6krzb7VwZ2xhYGOMrOyFe5TSejW364kh82ArhfDBXPW-tg=h300

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b2c6e114d26c42d9a678f0a81a15c8c876fde4b711e852ce7e9735f90bdef370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28014
x-xss-protection: 0
expires: Sat, 19 Aug 2023 04:05:15 GMT

GET
H2

200

invisible.js Show response
a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 5F1A
Redirect Chain

https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
4 KB

12ms
12ms

Script
application/javascript

2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3e7c9d1d732fe534c60742d3cea93253de6f365a244b1e76628cb9ef7b4e49c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ip3iU11VVRLASYjzHJTSYC9%2Fg1rrveHXUPxMnwykNyyEfUk8%2BXpmJzHbp%2Bfp7I4aQ4YWM6itkO9otSEgyBpXXrUwPBfx5Szu3WsnPhJkFQNrSsQ24ZjR7%2FuReGUlomJefDLy0oG7Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7f87470439773688-FRA

Redirect headers

date: Fri, 18 Aug 2023 04:05:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyrUNj1jihP%2B0H32El%2FkBQ%2BJV02Jb4474iRLzLjr38GVxDuALC21czH4nPJqM7A9nQ3z8RmDy684306%2Be91%2F1rnkTEVnhkmszixDTTswpUFm9x%2FhGJqQZVhxSwrQObCCEg5lxhSLTg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7f874704094d3688-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 34ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SS5VJ1BTPE&gtm=45je38g0&_p=986293809&cid=1085837916.1692331516&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692331515&sct=1&seg=0&dl=https%3A%2F%2Fa2zapk.io%2F1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&dt=CAIXA%20Tem%201.47.1%20APK%20for%20Android&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SS5VJ1BTPE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://a2zapk.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 7f874701cfc53688 Show response
a2zapk.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 5F1A 0
533 B 31ms
30ms XHR
text/plain 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a2zapk.io/cdn-cgi/challenge-platform/h/g/cv/result/7f874701cfc53688
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f8747051a0b3688-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ee7eYe68v3oCwfQpq95dShKnGb4Ogc%2FDV7lJiEJsmY9FYU5bY2GB7KaMNG5NYMIonWLOagAfdqWiTFLWTVgedziga81BnUNAvogcCLfl74nlIdVZ4P5TQvw2cY1qC9MKd%2BjDkudExQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 favicon.ico
googleads.g.doubleclick.net/ 1 KB
1 KB 28ms
7ms Image
image/x-icon 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/favicon.ico

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

996993bfeb7cd9c381255c28e21b63f2c391ef090fe0266f016991eb8e3efdd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 06:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 884
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/x-icon
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 11 Aug 2024 06:01:40 GMT

HEAD
H2 404 auction
srtb.msn.com/ 0
0 70ms
34ms Fetch 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srtb.msn.com/auction
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.5522753354233487
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.a-msedge.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1E609381336E40679B50FAD85F16BEFE Ref B: FRAEDGE1706 Ref C: 2023-08-18T04:05:15Z
content-length: 0
x-cache: CONFIG_NOCACHE

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
28 KB 116ms
81ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.5522753354233487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b236703213487637a1eb830dd2ecb4debd01c53e5521dd1c0c1f808f7d2ba4e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28535
x-xss-protection: 0
server: cafe
etag: 693 / 19587 / m202308100101 / config-hash: 7328467961731406261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:15 GMT

POST
H2 200 logip.php Show response
a2zapk.io/dl/ 0
426 B 157ms
157ms XHR
text/html 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/dl/logip.php

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.5522753354233487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache, no-cache
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MVpLGgfPsDeAk8JwcYyMrgui0dQ7bTidX2HyB1j5dNfulx1tsDuKYWcsY00QnsJii8HVuf6fjNWhHN6%2F0u6FtC5LwTr0tNgxkE8oQ0FR%2B9qd0KVf5a9Dj4f%2FvGaZwVI%2BMxr%2FXiKWA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7f874705ca9b3688-FRA
access-control-allow-headers: Content-Type, Authorization
expires: 0, Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 AAcHTteNWvda5NIkMe_ZvVfKdabf5_TORLYnjsM_lt8Sy9ZhWQ8=w48
play-lh.googleusercontent.com/a/ 422 B
539 B 348ms
347ms Image
image/png 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/AAcHTteNWvda5NIkMe_ZvVfKdabf5_TORLYnjsM_lt8Sy9ZhWQ8=w48

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

27686f826ed1dfe39698b13eba4ac46241a32852e3fac100dd519dde58425fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 422
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 likeit.png
a2zapk.io/images/ 192 B
663 B 23ms
23ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/likeit.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ef1399edc15fddc1cf7e2fedcd2f5be0103c4c23e1c81c72d332407cefe1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:15 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54349
cf-polished: origFmt=png, origSize=268
content-disposition: inline; filename="likeit.webp"
content-length: 192
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Nov 2018 09:44:02 GMT
server: cloudflare
etag: "10c-57bdea3a4dc80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gz0xxQxWwLhPbgPd2xVZW1U20hpKLTLkHyCzATbGV2MlyVRMGa6k1bk3JHqOUCdo61CULMGBB8%2FX%2Fpu8FNDXsgV1e8rcA2lypkEP0fRXGvjwCgCZGfKjzehP1YBcXlBS%2FquqDZVSoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7f8747062af93688-FRA
expires: Sat, 16 Sep 2023 12:59:26 GMT

GET
H2 200 pubads_impl_fy2021.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 333 KB
111 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a946d6c05507146c08263b30ac32a801fa29da4c822ecee750a9ef321fa8dafe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 10:48:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62181
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113887
x-xss-protection: 0
server: cafe
etag: 10857264014062291618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 16 Aug 2024 10:48:54 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 180 KB
45 KB 413ms
412ms XHR
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=117602319255164&correlator=3256678301259849&eid=31076165&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=22959879228%2Cinterstitial-a2z%2Cdesktop1-728%2Cmobileresp3-300%2Cmobileresp2-300%2Cstickyfooter&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F5&prev_iu_szs=1x1%2C300x250%7C320x480%7C336x280%2C728x90%2C300x100%7C250x250%7C300x250%2C250x250%7C300x50%7C200x200%7C300x250%2C1x1%2C320x100%7C120x60%7C300x100%7C728x90%7C300x75&ifi=1&sfv=1-0-40&ists=66&fas=8%2C0%2C0%2C0%2C0%2C1%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1692331516003&lmt=1692226092&adxs=-9%2C650%2C436%2C278%2C258%2C-9%2C-12245933&adys=-9%2C2733%2C75%2C539%2C2480%2C-9%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C0%7C0%7C2%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fa2zapk.io%2F1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&frm=20&vis=1&psz=0x-1%7C1600x250%7C1600x90%7C728x1249%7C728x2354%7C0x-1%7C0x-1&msz=0x-1%7C1600x250%7C1600x90%7C688x100%7C728x50%7C0x-1%7C0x-1&fws=2%2C0%2C0%2C0%2C0%2C2%2C640&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1085837916.1692331516&ga_sid=1692331516&ga_hid=986293809&ga_fc=true&dlt=1692331515359&idt=612&adks=2135858098%2C2142338867%2C299942153%2C2763825005%2C2766013119%2C1309157062%2C3626215300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

474de49452f0af955929f1a648c110716bdcf8818545d631ada6db1fa0b7a7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46154
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://a2zapk.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4C2B 6 KB
3 KB 62ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Sat, 17 Aug 2024 04:05:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_fy2021.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 35 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_page_level_ads_fy2021.js?cb=31076165

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11a2e2c02f8299b791c0aa1f850fdaeeb48ddc9e6974f6c55a281b55ae46a0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48515
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12657
x-xss-protection: 0
server: cafe
etag: 13327584134133456973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 16 Aug 2024 14:36:41 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 78ms
56ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a71cb45d021e8ebb5002ef6b1d6225685de15cfc2c874c5cbc41e89282389c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11600
x-xss-protection: 0

POST
H2 204 rum Show response
a2zapk.io/cdn-cgi/ 0
164 B 14ms
13ms XHR
text/plain 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type: application/json

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://a2zapk.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7f8747086d0c3688-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1378ms
1343ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 18 Aug 2023 04:05:17 GMT

GET
H2 200 container.html Show response
ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F42 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Sat, 17 Aug 2024 04:05:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7688 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Sat, 17 Aug 2024 04:05:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4405 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Sat, 17 Aug 2024 04:05:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E8F3 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Sat, 17 Aug 2024 04:05:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A557 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Sat, 17 Aug 2024 04:05:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 62B2 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Sat, 17 Aug 2024 04:05:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E7E2 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl_fy2021.js?cb=31076165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Sat, 17 Aug 2024 04:05:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1F42 4 KB
1 KB 37ms
8ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:07:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C25A 624 B
711 B 61ms
60ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXhtkBEXHsdzmYWU9c0XiJAwFKpS6qwENMrfzJ_I1Q9vqW1aPF3FaU_hn5JzlVc_IIUffdTMVR2vgpnd3xYMolzpw7mY-xFjErgm-hopV2Jj73L_exgD4dj2YB4zTkI2ucJfJOvHKjJpFmyaQiXm8L2RJ_3agLUgletmqbgN9rosYDIitc

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Fri, 18 Aug 2023 04:05:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B7F5 86 KB
29 KB 199ms
176ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame B7F5 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:31:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame B7F5 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:32:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7F5 180 KB
57 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7F5 42 B
63 B 63ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqSuHhbaG1txp9STT8OniG_-bcgN90fEfscnxRZBSTCOgHDH6kIZwSVswADPDVQS6X5G3taBH0mJpdrd-3b4fQCQXA5kvnSicMDGxauYsx0Et4dfI

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7F5 0
20 B 64ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12638222213369367520&x=1&ct=76

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 1F42 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:51:25 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6EF7 624 B
505 B 165ms
163ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNWNqZYIGuTIuegE3uGt3nxedu7uswPO_B-RxR3MeuVs-YY0YVBaSyYLdgY5zyPSMtnNrxSOPGoklJK3QkocnnLBZJwZCWeS9Hy8TGkVYW08qBPHMuI2GdFqC57zSz4LmOQ1oclRV4nfIYOC1zBWGNUK_iAP59yu9OkwCIqlNpCg4NRBdZc

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Fri, 18 Aug 2023 04:05:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7688 86 KB
29 KB 198ms
181ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7688 42 B
63 B 58ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cy7RogaF2Gi1eOWw_f4R-64UViXWSAr2tMuGEl321vtmc3zyGQxMAnXQ0Bkmv0tlLVH_3_jRUWwM3i70rNxZN3cFC81CSc7WBXHP7p9_oJTwkZIig

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7688 0
20 B 61ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3521504422493596464&x=1&ct=77

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 7688 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:31:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 7688 20 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:32:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7688 180 KB
56 KB 87ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 931E 624 B
504 B 203ms
202ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNXtxTo87sWPkT1BDo9WjYmLTL72LHb3SKGZj2l4waZsSc3-S2AlZLhD8XwJGixfDBpCKxBw921-e0W0QOvkLqZXEm4wa1f0nVzj4logbMXBvQ3eyA58KfdvVTgcH29aZ1kbwIu9AlfoDyxDkESmt2xCxEZcpz1cieChRad18fwbmOOVptQ

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Fri, 18 Aug 2023 04:05:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4405 86 KB
29 KB 101ms
89ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4405 42 B
63 B 53ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BkDrNISCN6dG5iVJ6lQQfp4YoPT4_ajfx6gQZG4iP0vOdnC5yTtLBG9AV_vlGxsoKVQcfHiT4DyRbraGWzYs0KwgZr-FrmBcKej3FgiGos5IwbDK4

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4405 0
20 B 53ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1149130399373310926&x=1&ct=76

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 4405 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:31:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 4405 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:32:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4405 180 KB
56 KB 89ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F516 624 B
246 B 68ms
50ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNUKEGxq-oJt2hDUjZ6jHBsUgr9NCbSwQ1Qhxd_clScucZP2V8ZWuc6FRfd5bkA5okIKK7Vs9wJwwRIs6V61XvCL07HQAFTrzmVMB1Q6_Y8wsIIx4zoWPEABXUqB7zu8uU6dNmJqEFBQkuq-J2JHVAeH6h7fQ9PTbCFn_HryuQg0hDzKTTw

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Fri, 18 Aug 2023 04:05:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E8F3 86 KB
29 KB 187ms
177ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8F3 42 B
63 B 59ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-loRYbOIm6EM07tgR0aGumJp8HSGqCm5t5oJqFA-AkYz8GuV-y4hNWp4ROMGPGwe4lOA5iFLa8l5WIEtK-E3YwqW_2jbnIy8sK_JASncNuTAWBFY

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8F3 0
20 B 60ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16472897085382876596&x=1&ct=76

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame E8F3 3 KB
1 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:31:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame E8F3 20 KB
8 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:32:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8F3 180 KB
56 KB 93ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1F9E 624 B
246 B 65ms
49ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWnt2hdu4SK3FsY2ANLj7FagK3J6BDsELOO8K8otyWGGR7rjrGzHbVXgmG85s6lSVGEqpGnf7_CtKuPHgK6uTnxzRzpPcqRuKSbtYA5o9f-dxBry3BPgHkP6E6zIQ4lLJdFzCj9ryetP5Z4PDBYLb7OBoTcB3wnQro3JQgTnFehW4f0NsM

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Fri, 18 Aug 2023 04:05:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A557 86 KB
29 KB 185ms
169ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A557 42 B
63 B 57ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DM--VjPuB6KcFMo6FrJNBsuFS16Dcx6cfX5EkD8UZTHvXOEHXxahtAFEbETkQp1LUnPzcZ1_kiWzLsyb232nSCmPe0YJ5pOLY3A54j6msvtSnsLnI

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A557 0
20 B 57ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3779378467800955304&x=1&ct=77

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame A557 3 KB
1 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:31:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame A557 20 KB
8 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:32:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A557 180 KB
56 KB 80ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E4C6 624 B
246 B 52ms
47ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWhdgvEdP-KhAhKno-OuJZN4FsiKJMSNEKgkOl5mIr1fEM8OgWipl_Ww60j543OFJk0pJR_kLwQ3EzWNLajfzgL2NTgVUL1_f9OZnLGds63gYLDPqmbmaFiyF0fmCYc3b0H1cnusosa4b5hoigZrvk2URMMI37oXJyAOmznbn3iZIYQ8Lc

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Fri, 18 Aug 2023 04:05:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B15F 86 KB
29 KB 180ms
174ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame B15F 3 KB
1 KB 18ms
11ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:31:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame B15F 20 KB
8 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:32:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B15F 180 KB
56 KB 80ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B15F 42 B
63 B 47ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_12QxR713oY1pywyOpak7kRox3zoVTJLwHo6I8g_6vQq-zJ1ZIfj5aXY5SBiGHwQSDXPDql2SCd8FzfWEd1tvdy1iHAxLnhvd6gHDXuIcwfDj4b8

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B15F 0
20 B 47ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7859409463556101667&x=1&ct=76

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 425F 624 B
246 B 51ms
47ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXMwmODqD7coDvtgtfTeWdoopUeSqZ1RFouVX9j6SbmVkt53PbPEa7wiHFAV83NO-Vx8Y-gPx3P3QMwCmdFvJvGtLLIVdsFQv8xFiRKuNGtsr4K89Zv1WFbpYSrv1lEflZo4PVFtkpd0XJxC9RKbKjtCkptZANXwN1raNsBFq378HR5Mt4

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:16 GMT
expires: Fri, 18 Aug 2023 04:05:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E7E2 86 KB
29 KB 204ms
200ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7E2 42 B
63 B 45ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AdapWiJyH4xTCgScnuIDBD5B0IKXlUwtAZXdWQYNmRI8InLsIz0cfFFniYoP7kd-C76KaoDiwYQ-Ls_qZURQYwaGLoAYltvOlIfT7Jp3UO-WFZaeo

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7E2 0
20 B 45ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=841462217446813044&x=1&ct=77

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame E7E2 3 KB
1 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:31:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame E7E2 20 KB
8 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:32:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E7E2 180 KB
56 KB 66ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:16 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C25A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1

43 B
632 B

17ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXhtkBEXHsdzmYWU9c0XiJAwFKpS6qwENMrfzJ_I1Q9vqW1aPF3FaU_hn5JzlVc_IIUffdTMVR2vgpnd3xYMolzpw7mY-xFjErgm-hopV2Jj73L_exgD4dj2YB4zTkI2ucJfJOvHKjJpFmyaQiXm8L2RJ_3agLUgletmqbgN9rosYDIitc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C25A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXhtkBEXHsdzmYWU9c0XiJAwFKpS6qwENMrfzJ_I1Q9vqW1aPF3FaU_hn5JzlVc_IIUffdTMVR2vgpnd3xYMolzpw7mY-xFjErgm-hopV2Jj73L_exgD4dj2YB4zTkI2ucJfJOvHKjJpFmyaQiXm8L2RJ_3agLUgletmqbgN9rosYDIitc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C25A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

43 B
841 B

21ms
13ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXhtkBEXHsdzmYWU9c0XiJAwFKpS6qwENMrfzJ_I1Q9vqW1aPF3FaU_hn5JzlVc_IIUffdTMVR2vgpnd3xYMolzpw7mY-xFjErgm-hopV2Jj73L_exgD4dj2YB4zTkI2ucJfJOvHKjJpFmyaQiXm8L2RJ_3agLUgletmqbgN9rosYDIitc

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: 435a6c99-6cde-4458-b7af-a96c255c8717
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C25A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Requested by

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: 61e213f8-e27a-449a-b6c3-591759868bbc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E4C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1

43 B
766 B

16ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWhdgvEdP-KhAhKno-OuJZN4FsiKJMSNEKgkOl5mIr1fEM8OgWipl_Ww60j543OFJk0pJR_kLwQ3EzWNLajfzgL2NTgVUL1_f9OZnLGds63gYLDPqmbmaFiyF0fmCYc3b0H1cnusosa4b5hoigZrvk2URMMI37oXJyAOmznbn3iZIYQ8Lc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E4C6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWhdgvEdP-KhAhKno-OuJZN4FsiKJMSNEKgkOl5mIr1fEM8OgWipl_Ww60j543OFJk0pJR_kLwQ3EzWNLajfzgL2NTgVUL1_f9OZnLGds63gYLDPqmbmaFiyF0fmCYc3b0H1cnusosa4b5hoigZrvk2URMMI37oXJyAOmznbn3iZIYQ8Lc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E4C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

43 B
841 B

16ms
15ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWhdgvEdP-KhAhKno-OuJZN4FsiKJMSNEKgkOl5mIr1fEM8OgWipl_Ww60j543OFJk0pJR_kLwQ3EzWNLajfzgL2NTgVUL1_f9OZnLGds63gYLDPqmbmaFiyF0fmCYc3b0H1cnusosa4b5hoigZrvk2URMMI37oXJyAOmznbn3iZIYQ8Lc

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: 2232c14a-63da-4543-a829-15856748b033
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4C6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Requested by

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: 0c5269c7-cddc-4a6d-acc5-efbd7f3d1178
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 425F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1

43 B
632 B

17ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXMwmODqD7coDvtgtfTeWdoopUeSqZ1RFouVX9j6SbmVkt53PbPEa7wiHFAV83NO-Vx8Y-gPx3P3QMwCmdFvJvGtLLIVdsFQv8xFiRKuNGtsr4K89Zv1WFbpYSrv1lEflZo4PVFtkpd0XJxC9RKbKjtCkptZANXwN1raNsBFq378HR5Mt4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 425F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

43 B
632 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXMwmODqD7coDvtgtfTeWdoopUeSqZ1RFouVX9j6SbmVkt53PbPEa7wiHFAV83NO-Vx8Y-gPx3P3QMwCmdFvJvGtLLIVdsFQv8xFiRKuNGtsr4K89Zv1WFbpYSrv1lEflZo4PVFtkpd0XJxC9RKbKjtCkptZANXwN1raNsBFq378HR5Mt4
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 425F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

43 B
841 B

22ms
14ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXMwmODqD7coDvtgtfTeWdoopUeSqZ1RFouVX9j6SbmVkt53PbPEa7wiHFAV83NO-Vx8Y-gPx3P3QMwCmdFvJvGtLLIVdsFQv8xFiRKuNGtsr4K89Zv1WFbpYSrv1lEflZo4PVFtkpd0XJxC9RKbKjtCkptZANXwN1raNsBFq378HR5Mt4

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: 9e2fd808-f86e-4c13-aee8-58618a8aa17d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 425F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Requested by

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: 1aa41fe4-5ff6-4e88-bba2-38049afae4b8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1F9E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1

43 B
632 B

15ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWnt2hdu4SK3FsY2ANLj7FagK3J6BDsELOO8K8otyWGGR7rjrGzHbVXgmG85s6lSVGEqpGnf7_CtKuPHgK6uTnxzRzpPcqRuKSbtYA5o9f-dxBry3BPgHkP6E6zIQ4lLJdFzCj9ryetP5Z4PDBYLb7OBoTcB3wnQro3JQgTnFehW4f0NsM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1F9E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWnt2hdu4SK3FsY2ANLj7FagK3J6BDsELOO8K8otyWGGR7rjrGzHbVXgmG85s6lSVGEqpGnf7_CtKuPHgK6uTnxzRzpPcqRuKSbtYA5o9f-dxBry3BPgHkP6E6zIQ4lLJdFzCj9ryetP5Z4PDBYLb7OBoTcB3wnQro3JQgTnFehW4f0NsM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1F9E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

43 B
841 B

16ms
15ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWnt2hdu4SK3FsY2ANLj7FagK3J6BDsELOO8K8otyWGGR7rjrGzHbVXgmG85s6lSVGEqpGnf7_CtKuPHgK6uTnxzRzpPcqRuKSbtYA5o9f-dxBry3BPgHkP6E6zIQ4lLJdFzCj9ryetP5Z4PDBYLb7OBoTcB3wnQro3JQgTnFehW4f0NsM

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: 6dbbbc8f-27e0-4efb-828a-cf7729f03c3c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1F9E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Requested by

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: b441fc3b-6eae-4883-9e8b-ed5d1a61cf45
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F516
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1

43 B
632 B

16ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNUKEGxq-oJt2hDUjZ6jHBsUgr9NCbSwQ1Qhxd_clScucZP2V8ZWuc6FRfd5bkA5okIKK7Vs9wJwwRIs6V61XvCL07HQAFTrzmVMB1Q6_Y8wsIIx4zoWPEABXUqB7zu8uU6dNmJqEFBQkuq-J2JHVAeH6h7fQ9PTbCFn_HryuQg0hDzKTTw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGtidBpab9HfHnVoZ_-yUj8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F516
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNUKEGxq-oJt2hDUjZ6jHBsUgr9NCbSwQ1Qhxd_clScucZP2V8ZWuc6FRfd5bkA5okIKK7Vs9wJwwRIs6V61XvCL07HQAFTrzmVMB1Q6_Y8wsIIx4zoWPEABXUqB7zu8uU6dNmJqEFBQkuq-J2JHVAeH6h7fQ9PTbCFn_HryuQg0hDzKTTw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F516
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

43 B
841 B

21ms
14ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNUKEGxq-oJt2hDUjZ6jHBsUgr9NCbSwQ1Qhxd_clScucZP2V8ZWuc6FRfd5bkA5okIKK7Vs9wJwwRIs6V61XvCL07HQAFTrzmVMB1Q6_Y8wsIIx4zoWPEABXUqB7zu8uU6dNmJqEFBQkuq-J2JHVAeH6h7fQ9PTbCFn_HryuQg0hDzKTTw

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: c858f891-8984-4f11-b52a-10ef44b6f620
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPxDb592UxyFWu_JmbP4WYc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F516
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Requested by

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: b08f7847-80b0-4c64-9716-de62ed1007c6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4405 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8384167742134&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4405 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8384167742134&version=m202307240101&ct=76&x=1&cor=1149130399373311000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4405 88 KB
37 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJHQjRNGHB5fNAmFn_0_rgrut5OcFuzzAwkR2N_mhOuvZ2LLwBjraaM122Rp8L7LzmN_kuHB9HsV-x7UeOQ0w3kBzDnQ&cry=1&dbm_d=AKAmf-D6vQmij63ryvH3fxLPE9sMtZVOKi320TH1Khf2wGgwFDxAsQEOEbtboBNTQprBbUrV6oGr19Muwv5DWYOytIIlPk-wxHEe8dMQueajIdYWuoqGFc7LRW2uJaajM_iuPPWugEh0AD_LdRYIAolnO0Fjz2wJXQrtaLbqpkqk7dRcivzviHWoTPi3pL-znS4-aieVN1xMvAMsqrzHI_VXK0tQf6WA5iovugWs_Y05etCRCXvCEF-ejr5engjNSl8WA3nXfZg_Gy_wEuKeMHXTXQLRjJc2E03dZVXrmgekerrKSAv1VimznaYAyWVUGdVrQZOKzs-uQjGacvwYJ15_TKDK-g9Qp_7004w33M6ZmfOFNwd_3FuW6dQkg0-fXeolKuQ1F_yvXexmWCb9NtUwelVYMDt4kjO-8zBU261tGyZfPHeep9U1qO5LGJTkXhSb9DCWruBEqY3AqbDKU_NEjL2nWMHqwYTSBWTT3jkP78caB1iytuPY_g08QSUTtjA9DGdKu94vrkZQbGB9VwvSELwUVWgH_siScjryGBfGuk1od9p9UNAB7pykJEUHuW4bU-wxmeL6d0DwCjCsSd-BYm-Qm-nAGCnsKIaNdUsZOdfj6qK2YnLf22VrO8wTI2ia-OxVW9NbWTTrlJxdQcnT4nUkByvrkMxRiE6tGXsskqXBT3IgNwrEgQcy4xRfy3x1-Ad6zCjq1_WbFG_to5Xm3ZKvXdGxnm4EvHNKUBoLraRT49qZObivQCz9PnmxM_XUPlBgZDlw85pvYpRRkXByg82C-wL6ftrZ7fpB4GGN2fZEDuTQGUj5mEezQg1jblyvtlKxEcD-Bvysj1Ry86ebEymBN-GPmb8l9w1AFf-LrR1A1gttMoJdLbEC049L6Y25Z2w7SYXY5eb7H0ZsMHBkqLA1QS1plhuKvuv_FkYOZMX5SEbX3nqaYFFPTBVv143di7h3JZmQ2E7edD7Poi0cklRnAFJD9UIdfIaiMytBiZ9JcRnHqPZV19uwsAzJkEf2bFRGnXl3JYHyUiC5r052FAkT4ZbfHzNRn4b-lWjdwt4xtUiuyU0FBpLfwZNS14qsrqUMKQpLy3ho2hKd52pwWmZfzlLFDRciF7NBG7T8Oc_p0n-sOpTu_B7KtbWSepK_bNIiYyQU-Pk2qq4BsdWGC_vGp4gU5FGUUFHLMRMiGtwh0lnC77g5-dWIY7VipmRwHgSh4jhTTSyUinMiLLjfzhSTPI7bBTbcpJp1-qIO-AHnY53pUuGQaw8XuRcNBFXPgH_CsyEb2v0PWbt7l0F6v9GK9yoRMRsSXvpSXcuDcm8fhgphH5ETj40VjYiS6ZcgJeDautKzGLn3b7r_bbVIlUF25Oo-qL5_3klA9kySR6nNr2fszKlEfivwu8dA3fzekXwc-K0crZ8aH0s26ZZYUpehEIR0TJ6iWHXJfyG9_fi7J-EjW8tWDHGWPekmok0P7bXrhG9Dd2qxcGyOYkuhh-9Ml0tGRJbtyDp2AmRtarrjXRAlhPJJUM_uGD_b_xrNfTfoNwopW-pfj-FEQ0jOCT9alClQ7l6gWFEzGkD56z-Mkq1A2bp2ehXOpYSgqKlRHwR9j4iixCzQoPR7G3H4mrpuMUvxp5iGRXKXiPQuO6atONFWyap7Xf-ezMIF_6cTAwTUF9fXqRTLs1f_GPNFZh4HcX2rtdkkzVn_GJiZ6bq1oxmO0KZXq0HXCsOzPyIfEdDIgso_EzFwsZILx9yAM1XGmgjrEILEK2oUmdqfo-DOBh5piPVLt3h6U-ppsLFYXAwRwCqAQQmG9FTx2aixechxLERntC-XMFjxGzC-YsOpqzGBqJwnrFF6Iv84CzUrE-ilCrBq9VvRBOGne7h3oW-VD-EUJGb7zgsuPLew8aE8GcEUAYyRZDPlZJ_zbZazGeb5aR49-nrMhrSdiAMzxnHc1rcmqe6cLSOHRCDRRbG3-AL8ew7VY9iOKp-9vnC2zGec8O8yvjx2_Pwy05Zssgcf7Ej3uHJh7S8TgWxMTZP-c9TXsN9MwZfsA3eBZU8tdmcqF8BT4qF1DYvmLxf-aJvkLTBn8K7Es38YxGLzkRICpTN7OzcE37KBgIoi3yzAjhli8BHfKMIZbkTB8nOPCUZVTyPfHWdyOUtAz-zhAyqlTUc2cLO7et2eFprLAUjhNtlsc4fQnSu3Qvb5puFOZb3H0VS6qFu32g20ERoo8Ac3vsczamCX0k5wYF0x40DpFlqBRG2Q2xeT7JzSfcdqgP6e6BgSDvZbP_3Ja_dN0CM7Zi4M_89HCvHsBjoBybeKFgBsDdp9RcruTvUbIXjC3HW5pq0o1RYZ6OMQACP9OrUjXRo782zZNRypgRVqnXhaXuFQRJUMypOlIYZNUVuq1pFifkA6YaAVSJccQBrVgfLIKKh0ATn1dM6lG5Et72CE1hUY0aElMi0ZGRc-4N05xNvW0JcNj2dFaaqR6JhZc44XExhGi_qbSKIvNzL4ir3ikZZHbkxoEAWOLQKYluzV7uviYymyymmAkGH1U7omkdJWsb7AacZrjzJgCskbt7m_1XRZM0uESsLqVWHqW4sJTZBxy7iVigaP0Y3GawFeY4kSJRmtzfMD5hCY68XOENOpxoWSD4_vehgM7SpJm2OCCXAKPdpZnZQL0F_WD4-bOZg9M0iqcrSoq5elkEf96oFToMiw0TFDXDXoeNL3lorbToSG4cd2jSOFmCBQXLEUqklvAaCLzxWqoe27Hrb_nLY3NrfVnpJBJoCP9wdg2E5pgFK3A-PcMauiiu1EgQgiFpSMlKM9tWZ9bUGXs6BiL91VOE2Xc22hCFQv-dNR_PkB-q1OrAlNlEvaRzi-fnwdLgQyPxQfSNQA9IP9LoGQWp_ayEN_fsUf9FmrytE7SmkL8hoeyDcCfjFocLUGii9u-rpN7I2_HZBpvYWKar2T9N6-Z3wt8I-p7dcPVRvxy-p6e2goOMpkacrl1T3kKTofhqqioXlSGzxGv8rkj7cG3T9lUjKdkhjTs4aqWk53y3QYoTGyHdkc8in0HS1zG-MaUlakNM6wKZMXJQBth0dcNFUM2kj6aBW7p7c_pITx0z68agQnV4Bk5ZdJJT_cCO-MazSZiWUipJvXQ5dl9G6GhBPhRvBXwjFhV3DwxvRF4j86fvLzMW_E-b1q7lf3-6buktrJU1eNj1jKnQiG_O0npu4_vP4DwVJcEBQ5vz08TvgL1Bl4u-Qvem0ge7ypc7WdCZPmzJqSv72HuaJDKLKwXk4AMslFkDwcMXS557Wkjde40iJF--axpYMi9t0q8uIjcYNR1nZiKMEoqAVCQMVyA-wTZdZvBnfCF93fHETsa4azbJ3jn41dE6UgxaG1LvSpqPI9fxVcxX2dqYy3FX_Abh1UCz2mhTY-89AhvkWTq7fgz979MfxJCM43PNYtRSsMpCLJSVHU8s036o1s9hK8SytS3gJ9lgjn&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=1149130399373311000&adk=1964084972&idt=108&cac=0&dtd=43

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cdb2c5396bb0a74a7f4c38a37e0330c9ff64349dafca6a8a4ad27842d3623fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37555
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6EF7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPHtFgQQ6dCLMU_Lh6atSH4&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPHtFgQQ6dCLMU_Lh6atSH4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNWNqZYIGuTIuegE3uGt3nxedu7uswPO_B-RxR3MeuVs-YY0YVBaSyYLdgY5zyPSMtnNrxSOPGoklJK3QkocnnLBZJwZCWeS9Hy8TGkVYW08qBPHMuI2GdFqC57zSz4LmOQ1oclRV4nfIYOC1zBWGNUK_iAP59yu9OkwCIqlNpCg4NRBdZc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPHtFgQQ6dCLMU_Lh6atSH4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6EF7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

43 B
632 B

18ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNWNqZYIGuTIuegE3uGt3nxedu7uswPO_B-RxR3MeuVs-YY0YVBaSyYLdgY5zyPSMtnNrxSOPGoklJK3QkocnnLBZJwZCWeS9Hy8TGkVYW08qBPHMuI2GdFqC57zSz4LmOQ1oclRV4nfIYOC1zBWGNUK_iAP59yu9OkwCIqlNpCg4NRBdZc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 6EF7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECn51wYNAhOFQxoMJxdttlg&google_cver=1

43 B
839 B

24ms
24ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECn51wYNAhOFQxoMJxdttlg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNWNqZYIGuTIuegE3uGt3nxedu7uswPO_B-RxR3MeuVs-YY0YVBaSyYLdgY5zyPSMtnNrxSOPGoklJK3QkocnnLBZJwZCWeS9Hy8TGkVYW08qBPHMuI2GdFqC57zSz4LmOQ1oclRV4nfIYOC1zBWGNUK_iAP59yu9OkwCIqlNpCg4NRBdZc

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: dccddfe3-e729-4277-9f5d-430009f9f80c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECn51wYNAhOFQxoMJxdttlg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6EF7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Requested by

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: bf57b88c-c000-4597-9c85-f3d13e7a22dc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 931E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

43 B
632 B

10ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNXtxTo87sWPkT1BDo9WjYmLTL72LHb3SKGZj2l4waZsSc3-S2AlZLhD8XwJGixfDBpCKxBw921-e0W0QOvkLqZXEm4wa1f0nVzj4logbMXBvQ3eyA58KfdvVTgcH29aZ1kbwIu9AlfoDyxDkESmt2xCxEZcpz1cieChRad18fwbmOOVptQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 931E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZN7t-NhJDqbxJC3DadWK0gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNXtxTo87sWPkT1BDo9WjYmLTL72LHb3SKGZj2l4waZsSc3-S2AlZLhD8XwJGixfDBpCKxBw921-e0W0QOvkLqZXEm4wa1f0nVzj4logbMXBvQ3eyA58KfdvVTgcH29aZ1kbwIu9AlfoDyxDkESmt2xCxEZcpz1cieChRad18fwbmOOVptQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELnpDVPol2tfUHELFDjJsMo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 931E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECn51wYNAhOFQxoMJxdttlg&google_cver=1

43 B
839 B

22ms
15ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECn51wYNAhOFQxoMJxdttlg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNXtxTo87sWPkT1BDo9WjYmLTL72LHb3SKGZj2l4waZsSc3-S2AlZLhD8XwJGixfDBpCKxBw921-e0W0QOvkLqZXEm4wa1f0nVzj4logbMXBvQ3eyA58KfdvVTgcH29aZ1kbwIu9AlfoDyxDkESmt2xCxEZcpz1cieChRad18fwbmOOVptQ

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: cdbb32b6-8e8f-4612-9c38-6b61dcb468c8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECn51wYNAhOFQxoMJxdttlg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 931E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D

Requested by

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
an-x-request-uuid: 558b76a5-568f-439d-8f13-3b7361a1fd49
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODE4NzY1NTAwMjA4MjQxNzE5Ng%3D%3D
x-proxy-origin: 45.141.152.75; 45.141.152.75; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7F5 0
20 B 46ms
43ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4731834790829&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7F5 0
20 B 46ms
43ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4731834790829&version=m202307240101&ct=76&x=1&cor=12638222213369367000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B7F5 96 KB
39 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALQHm8yGzV0nCfCixpiWZcirlZRKPLCtBb6e49LGtrr-9ZNS9PkPzO1CsRbL4fp63vFaboArpWNOf2TUqKy5IDUL82xw&cry=1&dbm_d=AKAmf-A-Gw6tqvYd58H-mAN2NKXwhzHcbQfvDm0Et9Ytr0ucwkKhjl8P2FH3ua4pZ1tkYotV1Oh0aBK85n2CcjxLBanBO7o-99I-bmR411FDRY07nXf1c0P-eWVOeHZtVQ26k2QPBvkEiMkFED6sUqxLLaednGc621nBa7ghH2m_3XIPLyQYjgsesWDgw4bZpckS9rzeTynvArBCaFb1ma-khN2k7wFLKV34PNAfp0cHEUqYg8cWRae4ysgLh2_oR508oBacEJxdSEalrN4JSRNAVEOyMfcKVVrS2bNWZsuQksfA5sCU36BnY9i-YN8o52UqFqCWox2mMf2kH31XhPn2zrgkuLolNQJg4rMjSIWCaTO2o2GC42ECdBOkPvIMbrkzMMPEVGQkeXUZZF0VHRoXrmaQSvHn_YT4INplIsKzGIziknxk-IC0dW7ROBpFfXp4MMKh-Tlm88MYHTMYBdok1HaZuD38c7BIavd9YmzT-t1se0x60WQo3POkemD5B4v-sby6eVEn21DsLwIw1Q9xAZcim46lw5gWxZ6PicHFz-OFSkwuUXQOHbtHqmLJ3_rjV35WmQFZjShIwwyTXRviYRLgAVsWSU2n7YnVFWlFE67cp71xpP8rYXyLpTWW7KAZG3tFT2peP3VdmezXmdajOXLVcCaLiM6NunDPDXZUnmP-mThimZ2krUkpx3RHPGi4gJZoQb7EvPmgigbgh1oTIkzqqjYJApXST3n-qLCxM2xIHzuLu3l64I4TDjVjZI5DBMmuURybEbIAifPVg2NR_faS_BLjkBR66FFb0YOtnb17yLsr4pkBUbry25Yh-RFXxgR5J1FbEzic6fgA8TWEKp5SLncOpC11oAmupl-fYTPHpUGp0zRwn_ksAUR_p8bHuPFki8FnB_f_LwCULSiDof77A2u9iEVsgr8-CJCTY8dD7JZAlgMsdZ5g5zQbVG0kscoqcpa2G5ND5SUvxNEiLATue2cdlVjNWiS4MeCNk1IrO0DdjbJB_KxHti3MdHJOD26l5_GHc8UFI5KlDA9TI4QfpUrgazN84EQ_h7U0YruqXgUdn2xj7sPn91eOI2L7GuSpuVJzimR_sKmehdXJXZ2_byQOsZogbVI3EaACDs74IeYmQafXVY9vIqxunbUSVTlVIziWAjrF7AuUlzBLtjWLKrBH7lJ5nmJX2-FS2hsITeASwEjLSkl2nIqzSbtKLT5lZuY5_O3VFv49Af5Vo3zBN5dAPpXeaCR6sj0l5PV9KLdFDDNfspMXzcvksY-g20idvDuC1xsbE64zdW_wLMpEEVEndI77hUv3YKjAEHtyFAQYphqacMghHAIeAKfEk8d7OpdcECwQx6Nwwgn27_thBpXczWcHuABqphieMSehhjZlOLytxbHgFysaaKSN1c9GIsK-y_Jh9T6RfNUsu77VzhjhrVoFEKst6RtAgL_avxwY3JPiXTBAr_pr-GYVLoB0ZbulZoicqspGnOWH5jiR0YO652YLhjKyf7BC0fu5wuZcPwsKJu8XIkdRhi5rwE6DU0lGlQm217KML-QjDSR_dwEPDmLRlpYXPumcqFc77yXmrhEqt0LKPvn6FfD_BPDxz_F6jNZpbYqkI5RrLx5R0E6xGSUKBCE9RkQ-VMA92vwvajI6LO2mTU3hTN4KjrvDnqGVxVcPzw989pB_ldop3W44y4hnMXSTXfa4GlRuUhREq1RKjfvBotBZ4HzKUSyOWH8zT63GQ6vtkmbnnFG22jXzJBAFB7m9rXBaH7VaxNsruQ2WhFeRdm0ALvOHrEApUrTMTwb1FYq98KOAPyUvS50lTB_ZPHTcNgUiob3_y_nUUCGBb3w6YBcVwwgXmJ_yXsiMdApn96f_6xC1fH0X7mtrx0zlFA0gaSw83bzsqMjQjGJfXlnHTaII8UMTfLiW_pgt1DEiVIPRi7vp5LaBn0NNsIWaKZfCaf8xR-5G0Qdd-DrwYphtebniI1tusbQK09s3TplWxRAVA5ro2nOMh5_gpDplMLuxx0tyvjuXyL3i2s1LFqDBRLED4c2wp-wpjcADrc1KBlRZFE8oMpifJn2MbGfH_v_lCMJLLY9Y8FbTwJzJ4D71s1PFEv5lE-MW46uf0372FYwNurgyNLUXO9Lb6qdv4iFDplT0oVkwOubAqEeP8hjSkZQjgfFVe-opV-ZAsdcqIemurdopZQ7qP5_yAH7NBZ-O_RGUZ3VVEhooPCiaO6HCAXkTRCMJFYkeMdTsfiNvHmGHJsdGRHUAizZvf5iqCCGFdFUoUqyjJn-95fewFCf98Mhw3yS7Q8MsWaRJ01eUd4RH_go8RMO7sTAZXel8wAXSsrB7RXfo1p9Xb5ayqB6peliOaNlMk4FzkwU6hmGYB7bJdlXb93-UjB4cEjebUUcRO50bjWMahl9vagy1oImlk6-GlOlI2aUCSgwAGcaMaXp_4J5GOoLejB67CzBOGh-7DtEzrq7VCLy1kDBAcLhF7snLWJKUnkAUmpCpbiQhmCS0_n9t1UCsWURaafyEU0NpI3p8TBU_9EvzysyqotoUX3p_eKVJwUgCetEOLmWF_1ICXSD4ky5daITvWio43K8EPOnXLItnfyZkV5FeDllFwEX-7gNYrfRggGsexTEVwSuV-wDGsWe7jpCtq_Iyelw7JVowBaLV4RhLpkiX3sLPGCGhCwZcWWGO89W2to9vjv_TTy8KrBGGhSgmGQMhOpPDTTtjyPydibZ-aLlaxgDkNXLbjiDTyV8pVHKA8T1cI_hwliD1DfUIk6KP_qFbQGN88lmF9U3ARkJ9nDyxqzuStj29nKGuJdidf9bmicwRNHmeQWEMn9E6pHkm2_8ivSlSjmpJqxtDjgaCpZIeoeQo0KZfLl8ryG1Nhk4sS_ims9WEruzJkgbqehFQlEC0q5NBrbjOq4tJGvbSdzIZZ2mzxEE0UEK13R0NuzPXlH2ptk0UJsSONv3tEhzphNownw01XICuqhEeDHZ-21XbsElE4QCLKgzOZrEdoL7HBzr2BhYKmUpoUEvC4sMc4gzGxzlxyz76s7MUQzL-2MCyTResgNc1V4IOY6nHYFyYV-3Zofg-hkxqqfkaXE7cU81kc8DS54l6ypOBXjoZYsdjt5UrxTHj-RKhjg6W2_0302Bevo0-yZ8vDHI-_2xeD-AtmiH6BMGlcRKMcaZO0AvcwpIK8BZUDVu7PpkJ5RHQr6zbOd4-CFjSd8AihHGRa_QU2scimgxqdH-8GdT3SOD3Mk6K_ign7JBy4EjkN9vLofc-MzoRU1LsyT_BeJqYTKnCzfxlOFWp5OxCZWb6dVEyKl36ir3JgjylgH_wiK7lgorbyfUNKvP9S0xnC2956WHdANfylB4IzGItLJcZdP2Mr00Z0sMnpVy261PVr-ZW0YMiRVairAEf1cbvrvaa4SMZf0VLVbnc7FfmPNP9Zo6leGZOeWw80qn-deDW5N47Mdmlz_93ZWIN9iJPzfVxXA&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=12638222213369367000&adk=2124396030&idt=213&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8529e3fffa55b646cc22871b0910591c79802c193c45a2e6c191a7830b118787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39789
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A557 0
20 B 46ms
44ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3325702095448&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A557 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3325702095448&version=m202307240101&ct=77&x=1&cor=3779378467800955400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
ad.doubleclick.net/dbm/ Frame A557 16 KB
12 KB 91ms
39ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0xrS9zfjTlLq2Tz9db2TvhdU_XuvB3ZGnEKneSw22O7uNHPmvgaR6CnyMAEqWxTWeeb701oulnoiiUzoaLZMLsTVl6FpnJkgse85-YBLd6NoNtzXGZwz7RmJ-pe0uY5W35oXI46_Y_A24HoMpVnqaksbEuk7tfjv7y3DEtQXFxsNlf_c&cry=1&dbm_d=AKAmf-AtbWsbf1EYM22YqVR-f3K7hp6EaHoZXl-Kke_dpq8YaAkHQCFGJWtxObW7TswVkLmFOeM0gixglpGpgsOtfB-dpHkGYs2Qyl1OHCJA4R1CHA5XqZudv_S2oI_LDwGXExk8Kwfe0nEkESIKu_uw8_cJ2bgrMoF3-LEkhxGFGGp3dVaW5lgS19KPrSW4GmJn4bSNIKpG4EX8lZdCOjJAbfiTby6zHx1a08_tKL_OrVopdxUsy5xW-_5LxYv9izVZfcMjBxA7-uFhVRkRKr5ynhuQMsgYUjL4K2Fp5ajEt9wO0qPQSQpY19qvN1EIqTpaesnh3bEiMyeskYrF4Q0o-DIDUAs9WQS83tW3uFTIr9FDxMi7QaVbqTvHOaT2jyGETj1aLlQEvmI9ldOtrxxhskkO_Tr8WAeg3gi7oTTV0EYcQZP1UiDVX4EJYTHsyGypXSSitatwJWjFbnHvGAaJOBoi3fVZOQ6JVsYBval1mEpb2ZbBNtWuJ4I4n8a_2Gs7DBvz-dGESP-bfNncAHQb1aslT7zV6Fgg5jPMtwGesjdmj5PqsPZ_KxboJIwcqD_osxlywoPOUJMIgOIKzib7Hhj92nodeo3s2lZ5yzLMrnPjHZ3I2l-UYDhK791fhqzCu1-9OOPXSTwSSmw3qN-3a0Y_IdWbEfkXgNJONgmZHDsLQ4k0wozBxsUrpxs82szLTAzfNLJ42On5C1uExePSNGdTw98ihsgVWgKYZ7MN5qJROrOsSDnrIl0l6TarpOxRwo3uGZFR16Ms_TZnl3KrGjOHkD1eILNDVkjZ-59baymRMrt2OecumOy8AhNlOKeY1vsJaNTB7H8PxoBUgdh6CLt-n0UlRj1fZ9bjjuYAbnpSceVMGpJal6YiYUZz_G2u_A2vhnjL9D8upNI3UntRDjDqLfcEJW3uP_A8JkHA7awtRDliJ4l5tfKa9x1hOFDvxNUnsjudDHhIBIz9zr3CwcmPub90Mem6MJYvUYXVusDR32_LFirA0IhfEzKFJDcTb9MbnTJmbbSWf5M2aYAoIDUpF5aToX4Utg3hmk-QxKaKk11-BMAXLSPATieXqaKn6KsvCbuYN1F75L9O4E2Gy0AFeuchKakdO6McM0OE77wI9sIPERM7GaTqe-KHR71aLPQ1jEmZS5bcHmTMycFAN0yvT25tOTP_8A7JL7aTluj38IUERKYFhGFK8V9iJrRaQVMbNHNQ_Vl-McYMbxlsHMfZwLOWxvHKkuaKL9PXysBJcvutXPEGakeQkg6Up7-8EGWKNNG7Bw3SxSi-O8WOKQUHZvQST-bD6EvXp4feRS-aHj7eEdkwQmoYXRcP7OUxb63LrxogQIHAmn6T5kMJls5_FTHrmQKoXhfGg1g-D7W2zo1gkbG5piFcVvX38640b690LxKSxJlmu7PPqif16WLK_w4-stCCCuQAPRNzqZjoTE6WITLyE7g47-B5ikmYrbMAUyJ3VuhEK2UutPEjtEK408nyu7YKtf1CDZHM06EjU4KiThpDOlw3n0Ly-A-NTnqbqcENnFvDRjpPLpxmyJtIUOJ5g1m2e_p9Vzf_BYvNBarIgMjj9yL0A7HkbmVS135b4n-Tf2riJlWEQPY6-hz_6D_GlYGZ6TxC2QG5N4zc-7sWmIthSEKob9ggIz8_2fCep3gw-Fo0IDMVMIMFObL219_zsnyCXDKHBULxRv36BPGceKkoEbNLSLsOLo27n3SFBR1rcKqjYRKhL6AZ5gwvi_t3j9OdmE6Y7pf0OO6wAoaILWW0OEcIACOyne-OH_h8sDC8y13gsasPjhxClUgQ8rxT-sOASnIVNc62E3k5d61XggpE6Qot-Pm7cd9VhFk2q-_LM0iX8kFOm-F5bqck0S6i2Y2EO6x5nK7-y8xhbTm3e3WczQ8QfZ9_QnnmbATnM7EfeNUdyH5PdeM_oINjYWknwMC7uJiOn5mM6xFx9oxt7EolQs96M9nGdoI17RlpCl1J2_I8gYDxrUMrDC0bPSuxTsiSHPdayBLqeLw0-jvxt-mQcyFq0JPCAtDJglBSaZBxxIdLR6BHjJWJEvQTfxkxPoH-pgDbA7jPYYeIxUPjko5P84sTVSpl-urzEyn4o0Gg3Xm9rTZbWwUdzkaJTCCMotcb3uAXMgPTU0cewJmBxnMCR3rP0pR6_BE1cnNhUUZLDi5ZD6KE98BJhUySOx9cu_U6wEP950ASCy_p-hKuvrXOJjerAkkyML4T1RBC0jTqjoXa7339zxBHheZl6LmFKalofGRuJ4-0o7vrgKF95jAyUuc85-R1lHXweCnBGYMxiy1LdmDbtZazlrYPbTlKrUZICnkbQEfZg-IYUdP2yhB-dej-Rh0knA15Ci3NgmrQVaG2fBNBFwqaxiCh5x4WJgnHri9_gtnYEZNuTVw5m5Q94mxu-uybLMHrLGQfgW3hEjbt_9_K_FFaIJDsqW44oHuTSx-erGrv7cr1WnJIrVGEtAHyZrDrHvhKoLk0cBe4sh5gEuR4bTGqqeM0JwIhy7JCxxhrp0G2biL7HU-_wrB-rMdxYucxVTnNOPTNjb7iwALypOWhp38SFy8SuMwSvv92okTiDwJtBaaxbL01OakbR3Ss5uyt2Z_3jbP_twhzdSXnIhfIyOYwFPbhNLUHHipS1geuW-as-dLTex5vmX4pTflKDTGPqAosOqzimXAKzF6YtBc-hXvkMbRhRsOAp-JwKrEbwhOib7swJs6kU4qE-dDa8_saENtuMIBtAw75EFQrD49BrWFbs4UwGXRzrcoPqYo9kRCDwX53SiExatJ9LHr11QuN3hbnvStAV7hg10KLYHglbcWCSBnuJ5QjtookAeZBh_BCgort5tkW6Un0VHtdfGkt34GZVs67iQELN0LJ9xC3UYfeE-XrjyB4e6bdtfuNB7LbJfhLGh3ZCahGBeT7nDD7vIIyRYzJPIfAjdOWLyKx31MCgq92J48hHF6UOMbMIARS-F5eoyiiOdG4B6cJZhfaMmV1aUCHKF5IcSE-sxBDt1KO9CM2Wy3uJImHQQ5M0zHXgHIoRlM7ucN9i7U1JnYtwhtD48hNSkpJ8UEmCDCr9ETeYifV0KXhZX8yI-5Hyi3i9c0SXIM6M6o9Eiw7lQqV0mrK-acvLmAROeydhcIi2NcMf557NyYlaEBXMDDDkXcFBpVsJ5hmU5LOGoYMi7jZhZjcx1JRMls1Y7RV3TOgvngsVsQeCzwugMUd9Ee-jhq0bByNnl3KhhhPM_RhFOckAflTEqJrbT9hrDpglbK010XWCIF9TmoS6t1RVCSWNtLPZxLvu5IeTC00Jip1e_XeO4yyKMI4LcMzteBiLBfw5Wvkia3_M222Xf0jlrlbcHlQiIfErQU8FKmbxZBkCph8UJkXD4_mqTknVRWZjd31bxwojAUp5DtBzr9lvr-n59QmorHmgY8kKvwhJctOdX_A-7BlhxOZS-FVDfZMDO3jNPR6zgBmkfoH9MTgcybfnCQ9n5156ZCaefaxl9MxG471v80EjEhbTdRrXD8ruIi9_o2uD3Js526R30m24wNnpki0yfkkrZEq2O1AVzX1eAV9D8HDdpTeLz50BLO6f3UMeyotBDzQi-IjYYWBXZhQxPu4lEwvRKGpR4BMo8936UxRCBc9EXMlcX_ZlzD1k9Y-f_GuO1pswqpKIRiO4TxWGj8kHddSQxSJ2upMeXIQkO7CXQpdUa_LTFBwBdPl7ISr1-TkDSIz3tzxO5icKk1iuhh6jxWpsreYaFkcxFT-WEspEP_NT2eGcTJWLmK358T0pX0ngBDRevAPpDCR5Z34QjcJppvpaHnfVHeYvR3Itnw3SslcPozroNppA89XnGF6KejRIWKSaDBV-38f7CZ3mlpvErkf4YIc58uNZB-4kEeLJMgkUZGxpes9KCFBglTGZI0d7eMYHg2DQA&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=3779378467800955400&adk=3047537735&idt=197&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

09bd45fe01671fdad5a4001b58da114cc4fbcb80280268ff6ff3c2a55fc4b0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11852
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8F3 0
20 B 46ms
46ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9817522743924&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8F3 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9817522743924&version=m202307240101&ct=76&x=1&cor=16472897085382877000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E8F3 89 KB
37 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALbMdDoP3jdrn8SKeCI6xIewDhKtn_ukafplqnm6uke0cvFQYqNSaTYeiq0LH0oJjmN0aGir7VlQdwkZL1mVnJr94u2g&cry=1&dbm_d=AKAmf-DZyfWyEP4usTc8RPV4332u_fLS7cskooNlu5Mx98M9hIo0PMzQzk8yvPW_TBNeKrV07zDqe7d-52j5CODmpmB7f7XyL5ckE76328dehLlHphbUW_ZDKvUOsIKbBi5rgr-trxv-b2gt-D3WprOrv49umpo7wFWW0WTXQtxuQkoFUqkNAorMfXN99pblGVupEtgXQ_oYoZQX3Ic-Qgo1TqxDoX6-D9uk2SlAXJB9DxvHle1mhHO2I-PqYDVmZKvW261hMFsTTN5hfgncg_UmU9Cv9PvDK5drP6Onpo1lZoU7pz5Sr_fIjPF_pa35cZBvcThLRBytO8vfOCyfGgHW2vWEM8S0xovEuhCjjTmeoJOEv6pDIyuBU6GK96BCGSmtT-YF_yWCE_FnDkShco0y5AWwcv-LDlanZR-q5f0-nxLbvq1nAbhse-1iK6VNZC29cgn56xi6UgH0oF4TLHHm7BYSu6wvMbEzbZl7rmLdqtwQTPAegIMhEl477TEr6gkIMZJWGod5uEghm1NzZDPLftVNFZSvdlnmTu7ga9atEx4tsNacrzLg-IF8vk8rxgMGMdGwaOB2sZUtSlDiMhBs_Ue8vnLXU38lIpIPVxX1bsTO24sMG9pMNjeVJowaMwZQOPzjcx2axHde0MfdsGwLweTapzu1MUJZCQI10JMY67VYUJ3qS-DQNH4A4XrNX9Xz-PDPx4JmJMz4LsmS9bqI8ZtqdaSi7wI8PD2MV9Do-JZVTjiCJdF6PRtKL0IaRw3OYq_1iXqd6Zmyd9sE4YvrJnzhdEN99E4UfssfZuJ86fzF4R_4RYI7Wzjqkmb0dAOcVTUH3hQmSy7OmRPdKW-5RnGqmruwAcYo9KdJvKmLMB1hy2mfNHgtu9lj8WITNGFMKVwzB4cFVWoOvN4b0X5QWcsG4byPQkZl5ZGcuiMmzWhZS7HCAlUw21vzp0IUQwnLskWh3k-C7WiHhIvC-Y_O_rWQUsETZCFruRZQz3AH6C1lR0i7fyU0jajnqnDugor1it8-8osbqEhzT776cpSLKc5k0nPEsQ14A2QUZQucXUgVS8eG_BEeZCWdbfx37BWG8eIWVhSebAoNzJ4ZL9IN5QhawtQOzCI6hiU7lhK5NAZfb9VOgvlA5M_mYrWX2ysrxtdAKtwfBejOLc3fTNPORIMR-YsxoErNj4ZNQOcJiEpxX-Qq-uWAgtjNmA4GTfO6CN2m1vbxpHElReKOQfnlQHv363wXKLtf7dC6qsCYsa9b_VyLS_Yv2OKeT_OPZ0rX4Srd_uGTjO85baGXt2ZM2NeE1khCt27jLRJo2Bn2epV0CwoTQ1xHm7AxVKCzmQ1cDjRVsLqxDsllKAUb19fd8DIVSd-aq0Sy6zncc4cIHqsMTYJNOoodqadq1rM0fWmAArt6hzvARQ_bnBsbLNKWciEFUqUCrbK6GBDV4p8h2ozVw1v30KiAXdZEm2KTBeGe0lpAunlS2T1tvONCq1qL1ClFIHHvk8wgKniijAIw9JAO7yOT5u4WkfPAfKwVXOOS_MTi3V0DL1PdPeXhJdgkTamrAc9i9TCYvupDyQMEFZ9spMotth3Zfa8FTb_0xHNtKlIvsrsC_FbS7ZJkwvw2Dbj8cdPJd4zPbQBB7LgrtjcD4r8xngzlgJulHx3FxUBp_rieUjKQq9-PWWNlZ74fiXrAaexgWqj0vlT5E2KIpoFXLtvaiqTf5LM3Z_H6Exc1u7K2N1-KX1VrL-WeUQBc-Ne58mInQK6smGdJS-CK-kh_uj3Qprfw7GhnrFvn-T6MsIx4Uu1YYQAOaALKauhlTkMb-KEkDkdeJm-oqorYkPvaPs2nDmxfufetkApwLZL0AeVct7g8-zXobyYIThBf9MxnAQlTMwy-zw4kIOZC5hy1H-nNaw2SBAAadXHq2T7fVAaCVnBSYjLiiNRBb_74b63i3hG_XtjgW5okuxfEpmyB7q8QhOuAAac_JGsMR8mE5AIwYBXBnjU6a0k9uvb9JU706_RYx21bbBI16TNKgny6I6Ga-spfJCSdDPli19xUIbbskq9NDB65CINE0fvXOzB4hMKpuTTVAnRno6Zxy0rhH38Ul_FnjWNEB_PrHh70ovkI3B8Nfzkg4b2JBhRpwJvRaim_wJICPQpzlVI93oCasHoJ2iNtJ3kP8Aw24VAAS_qhk4b4pjoBnmShaZKRmncWgT9yQGm_wIdP25vO76hOnkPB2UK1H-8C7r3qYQedydcLuZsJTKykOIkJ2I84ofr2yMRAPK1vFaIs-WqO1krjHkLZTDuzHeAu3VaojSBKKhpv9Hze55r1rk9Ulpb6NC1JZYx7okn6Be6fwNY0UoB0vhL3ID64L05uJUPS5z199rC4MekEA5ID5J6y0Gem9O3YEeMtz9-ua2sa3IvToEywAD81dWGByRmyuCWqeL55jey0ES8g3gQcWXpr_QVPp7-G2QSvEbemU5IlviSeRTxKmZ3X4fLkl7kuL7tXWLkVf05kOlf6uWRVB3vFir9aliy46U59gZnol-6OqIYMbIwe5rGkcgOlAKvlhmdHxKQPb_HlaLn5k4KB1gi5aMdP0QeP3QcIFgkEvCoPQw1xl0EWBO6uDWLYsygaZ7GU6tmh_CwtuBDNBSBJ5U36PQ5jLdVKIyseu07ENS588nAh170jcHc1F39C_jXJlTlhgVW9ap1UP2MZP0NCXPNzNEsRW-_H9d2nKYiHKJgKMGXThbk6rGSdoFBkca_-DHMfF8fd-Go-neqbTAKMJInqimJbzS6TP8ogOF9SOUj8rWjUESeW0W4BlqoaPdYY4PC87cnRYBpNEnXJcb0jcd1pXKYr49aIyMSeNbxHbYYSTW1WRFq0JDsGV8JNfFoRdApH5ljMmhJ_6ZIG4k3Wj_SH_G9RtdM-MTW-pT8mRZwf_hHqexerHs0A9SffWJ7hXFWEVaqV4xA_c4XYyVzmK9i2t_xlrqeYvWtN2rHGJFpn5X2vz53igF3a1OnjmzKwVmLpIuCKjPLzMV2hGbuKE6LTfnBA1XrJvjTok1yvuuUG5-QVHmc3I6fGFNIciLXFVmdTDjh2nfPzQLX4j5bTjWYYiLafr-_6jQm1DFMMzFUf75kbFBwZY6nm429RUvSXjmVFNqhVqgN5e7pi-yseE0q-rLiOI5o_x25dTlQjXasZlasiYJSuTlzxCC53szvwn1gKBT1hoknw3gw_BwquLK8wG0nuwv9quVrKWYtUfiTjqU0KBSlEe31uxKlc15_RkKPd8JuSNypTUcZhEpD0k71sZ8B3v5QFDTjwc_UHLidD-1PjUDerMnaufHhxVwpjvSThSoo5dxOllRz24ao4RMILZWCOAVjmKdd0w0IWMwyH3RONIaT_k8jMLL4r55oh6BTqpyKkUDafvOonNr8o1Z7A-kxbnx1srGdHEBXseHxljGdsVWTd2v5PRvQknSZGp3YuRO1x8bP5PnVRJX5_RrAIUSMPhQE4d3LVUg&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=16472897085382877000&adk=2228999115&idt=200&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52c9cce79e8b2492b54a2e15d690b83ed90889fc04097321e041ccebe47d004f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37574
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7688 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4121644562631&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7688 0
20 B 45ms
44ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4121644562631&version=m202307240101&ct=77&x=1&cor=3521504422493596700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
ad.doubleclick.net/dbm/ Frame 7688 16 KB
12 KB 100ms
55ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCyZM5kz8bPKUZvPiTVSoU_MHRaxailsvGyYVjGLCp19AR5Lrm5hditZxhe22Xp7HniGI1inL-jPQVaofVeHXd6Hacm9Ii7IyTDejjA_gr0H9wCaTKlPtWxEti22nWxR1oQN6LwOolB5KTGQjg-V50-5ZngtTI6QBQdfRfzyVk1EFQMhU&cry=1&dbm_d=AKAmf-DmwuiygmR9RWCoGrwda6yfi4_LizTqfkY3vlssr_3aqGW6-5rktanlVCKoqGP-t4RrS3iNpFQ9n28qrD28nyWlXyj-cAe5jvW-2-olMK3d7xFE75xQc3BztqiZK3jc2enNtJvImPQLoowpFidKUJ2XUbC0dUBL2j0XCaqhRbCipPxTcjPdTi257JKuV9DtL24uUg_InEMM7a8IN-Tp6-QE0BMfaew-IGEmLqh5OgRy38yFvc-KPdw_yNmLE5IM3idRch2r3SN3Q8ZFw0y8MKVxaA5WW6Cb5wD8Doh88v4Y70FbWLaWm5Dcd3JDghJRMW21h6k5Ysb3dROqUuRsctt1acJz6QJ4xErfTKZxk0g9Iue-yE7DqFFFcWqUu5Z90Namtm-wEPDTPT4DVSkuBiMGGSob460sQILvhmlSkrsLVHzNRmo6RK65NgNIIwxkN3xYP5y60wwlICjMetUWMq0eTZmKeBDMBfG750S29L8lIRGKk8CXgXGNJwhF_p_N58RTwurSBG07xYCo2t8DQUidQo395KaSbedLSF339dvvTzdrKfoqc4FmdPgGVQizJQ2i9GMhSR2Ls1_K-nkqgMIOAyhghggr5defoCWFLC9fJdiUuQNTESKweJazyEuBOXM2DVTiQntXPbK56VM7AQ0-2EOLEtINHM5TATWge9pLIBr1NWpVWtuDAKTaAe80csmmG3WR91-Gmpu5TEMHY_SXJCi-ZxgecCvdGG6uJs6ftKFbNszbTwB4xIRZ2kd3i8ksL2wjD640OKe_edhOly5j-2OxE4ckC2XSRO3A2X9PPxQl1qT2hk-roHFKCCFafxUDctlSqzH69VBUwIVn_CMO9tPHSixwTxMgMZBvtB7bCrJ_OTa6en0vTf1MvUmWDM7_xaPtudze2kSN7Yqc4g3cdKz9FGUNaIXCtWupFzmg4_kCdUp7u6zhdBvAs573GiFIULN1hRe5sth3jDAbexIFChO7J3wO6geHe2imOdKzqqvqEX4dSKMpkva0rG7wvTTGL8eRHApt8MZlRaLh9m3W6BArqZAcAWQUIQLoSfYEjeGGJHe7TR-1p4asKH4Rt2zzb7-_lyDJcxWL6HexJ_92GDcLRG7Hmbp8NeSDNQqmLTdUW069h_XIdec-PHL0iIh63m_VyGHnidDCbc2eU-iWdQBgcYzNisiHgRWkyQGp0jzmtVPYXgdWvflTpK1Z56iLUS5DCPhyxlMYxNFULMRm4KoFqp6P6PMhUjyGsKdRUNFyvMNw4v4xNEKTNCAvjGkIiquZO-t0w9tIeLsVFvGFybOLjVcxyNH7l_QGLUM0FuCOjjXBsH5oATSQYDM-E6PC9fVGEwvKPEhqaK4g50OHSx8b6z1r1cinQ01qRCZojgj0Kjz6ZJR2z0-7M6nbBbvQsr0pPsfDnw9tHJ8zROL_g8e2Z0I8AKYS_UzTewMU4TBXQeo4jUfkcdkDFalds7Z6ADyHUwbdhC5MF8xaGRA4EOdtmCIibC9xmZAIcgM0k7fsxIDi2x1f3340c5zli1_qpWulAxk5bb61l8DyQ1US08DAz07--WrzxxgGjWaloTigm2yupHbg6g5Fen4ivNb9tRNscGKztGgCdacJSCa3GnWagmo9TKGIp7mKEiXkj8np1gBnQ0fVal9_qFXXiAtiS9VyknuuerhQ2UReGY5LZyXarBcVVKZbbNb0arZ6_ymzvu7Sb7JzGRLmisMQnKDpTkny4lhVBKqv1Y8tOlfbyE3rwLeQ9PX-mrk7mhb1iZmCogCuZx6H9aPGMwuIHLEGRrFPkZ2ItPEjfQIv7NCDT3JBQJN6lOCnM8xpmbURYWCVptOdTR7dgx3KIu_ZK3LaRW1eXRCprZZbE7f5F0PIwf0_zudYybM_cOELAcs4exdXnlIQg3d9RSnS0D1zilOPaiBGD9xpSOCW2Y9PzbmMMnzZQ8NWk606bkDIkx31ZzllNYDO_e3CX9gZ9935ekQ4E6XNn2qk20XAcI_u8C_i2vsej91I9JTnhFsHdGjv_Gvc1SRg7EM8mmL8d1j7v06XUrNyCzYt8Tjt_emUX5As2uKqN-r9YVZ8PbdUySt1qaMuYcL0Q5IitQIzQ03KsqfhKhb0xDbWKTBvpBbKXZ9inE1yL2ZhdKDyfBAEBcHUV3JYNcpztOwElYDC9f_tZay5LiarNCUN-VR2E92R-gx91POl2-w8ZSP62c1nYTFotOMevEVTLdyF1Fpo8DRuE2a4Ho-CGYzG8Gr8GEngaCRay4rriO_5_EyHLRQYJFKOquEMmHADKp_cluPkCvaR8A-ksSUxUq_IVVGLI61cNwaYY7kx84ISdQ0TnulRR3hlN8WOJMgygdOomrOgMcdN2vJhzgqS1DI2i5wMwqENzgPRA-Vqol12VKR6SqLIk3zex8rQ-UUoC5YsfeChHdlgayAIrh5ddQnsaUXDwuKbskCvgN2_dXQs3nZMsRTbzNnCTRNslCzkkGlPUbUhAz1xTCwOd75a2pmQ7EDKdm8aUG2weXxt3pTO4zVa9o1iMLiLlA80RX9sgljgVrsirXhphtDc0WwaGYMLvTu_wVYb2Su-BAXAyQ9KLg8XmBtQyYQ5AoIXiZ5zFDpcfZ_gt-gBzm3ahTu5EI7apkc5TMDc3UNpzPdq997b0Abs5SQH74CPhn8ueSmgZ6SE124IEMqjWpmcZ_FKvx4Aa03jjxo60m5TkVKeBjsOUke77QUGelnXHep6KfKOUm-0BColOkHzwxMHOml7_qeOqEpZ7KCE0-j0NA0hSawMDDOGalBTeL1ZBE6XfYYjn6Um5x6sqNqECrFGkirzBXe0FBq1xAtRU0y8buOEuw-EkIohJpB0EtbBZqTGpUSaA64gLONIbu4YhX5BDQDJhGbe-q42zHYH3yEgNFEnI8qMmN69pG8ONY8t34VZfHpm-VPqSDCK8R-FLZmmB2ax6iOBSiG3XN6ATC8dKYgnavJj6hJsDBZs4W_yX_Z717cA3SVzo-OkmzmtOEIu9iV1WzQIvRIqUq2I57MIVqxw2YwG6dquC6y_hf-BljRAl28-UCElgDCT_9gg-WpjzWzWt7yAqAFok3-GKIYMKq-Xz5ObmyXJTBV05gT76XbjE78zK5v857EOGgiGy5WEzJkAbJI_vmXDfgMWriOEv41rhQQ5nuM9fR43uDck3rry3X7TNcPh0wwhQJ-hMib3GadfImA7EgR0rZRnAa6FUMWBk0PBm63W9sWlHYqO1eU5yGEJmfQ8XkrCvBtVluQY78wecoa8Np7S5TOtWcL15ZwS2SSQYCON6Dj4f4ketkYpTqjDKeI7d3XV9swb95D7D698s1Unzcg2PD_8-gLfQ7y0IRjNTT_9HqoRXw2pQJ4M1P2S8Oakgj7qLZcQd_IEPKfDLccfP3Jn3T9Ibm1DNSTtvBtX1Ca77SEaGrYtvcTDIGZ5iAXrFbR7ESKUu97ktBTQflR0P-riL68vLRcHLL9tLAe_p_JbmppW0WiMlTmReKSZ0-jgFbFUSz1AOB6whyhTIc-CqNyf_LxgP0soZL8mD-1kN6KNXtkIAB-S3RoeRLz7ZxQ7yMfvXA5_gKSb0k0ASLQdOK3wuIi3Kb4tO1deGPkVaWz2HLIMhp_5lCAtu5dR-u9MIhqQWHNispcuPIRqBXgdrup9D0AxfcWk3TZ5c9tZD40sF_44VfshZg5Tk7bB2Gxj-MDvXdMY2nIGbqkVmB1pwSV7Jh-8Iq8Lq3MNFKaDXwiLQz1xr-V_Kfu9BHjC1CgSFz0R40SQCQDb8JiqmSf6DX8CZKw6zZu7Z7Qbc6oSmthCqkqVHdzwz0WpBorbubRtNR-OfrRwKGAZdXnqmATkG2u-0qh2LIH9Wqn1ywsZD6KFpe5JTnvFVIbPYFTMpVfJVciWNV0OmcYbZqSu&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=3521504422493596700&adk=250412560&idt=208&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

5826144799f647b4f1074a120ca360fbc54b415d6303548debc5b3d6f9626f5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11980
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B15F 0
20 B 44ms
44ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6768757827329&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B15F 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6768757827329&version=m202307240101&ct=76&x=1&cor=7859409463556102000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B15F 88 KB
37 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHYxGAq0MxShmciMw_eGqbwvRCgBQ6cechZDtJnGFgEuuDymcPvkjxukkeCHlOIrc-yaaL2wY0djCzFX8uSyKZCqdWiQ&cry=1&dbm_d=AKAmf-C-gjCrOVAwzcaz_JcDuAP1mR6A4aFK4Fko9QR-A5-JP_Yj_DopBMHS6iUamvyaQJxOSH3Yej2WlIOWTYj35LLSUNtXIJ_jEo0TQ9L7j_EiZpjiBnSIz2S_OYqa-E4kpStszgP8eo5rVsCqXhz-xxhaliiv4SvpJ_wAnvp5Ol3BMRdsou0XqyZoFKgTLSMK2pqKpkKheiuu93lHXMrp1M53u72EZALblpGT0_uOtFDNu25l1tI0eJfRR-KFC5bxHpG91-cWXnR1T6hnCmJi6LDoXsKKNGimZpgnvFqc_0THJuViENzEqMcZ42lcMmSNG6UcodjueAM2RKSD2QKZNAoPktjLNkV29VvnRpN7Jty4hS4fcWqb52DN7FPO_fSdFbJNVpvU5OYzZ-jZYKLThaPnVbVFn9N4i_2R-3GlRiXjT6dTeLcQqviephv7O8PagM-2NWlGrdklK80J1Vpf5V6hW2VIRVInLgHhZuqsxpDPhV-dFP9sM-m4jSdA_XcEa_tVVPzb3qoZdIb5fN7wYRMq1BDc-YKwYFYfNSfHUTAsrxHPgkN8gEw1NqhvxylXuZq_Ua53EBIoPZB1oI3nins58Gvghh89cfdCY1bLEggFKlek1VuxJH4BsrvepwwC912BhWdugncOGc4l-_c8fgxFTwujfeR2eSkv_wKak7RfpHI7LgCbJyU5XdoGf3TECEX0p2KhlerKcWLlTxMaixCiHs6bbiNCWglXM5kRyhGF4cfnJhHRn_bnktY28A6pSs_ZNI4oaK1Yy7YOQ8buDNiMltdxpmqHiq0UgL3ip_0T1hL6EI5EbrcO55FTYVvVgIsfiDUISpnOf3TwMdmqZRho5anSuSs-sNPQ0pp19Za-KzyfSwlkCqFZiZVsLMy2OWsp7m47P-jv7k07ii0MALX6ER3qWzjHXn6N8CjY1gjVa8QkaDlwLyzEi1Xm755ZVsJelZpDuzQkfgeMYKodGXN-2TwwQnm1nPXyiAkomsafwwTTk2X495aEamIUpChfoSh16w0EBbSFDqMqxxRjI9_EXE4E9tdIQqdgJGFeJsaPP7KVa-MiKA-aDqyJo0mNNybuXuBEDKzVcY34wCOo_01yJdM2-i80kORaflcNnRqcK2RLrRVVHFkZ7C9ttxdhxca7ISAuTHiOCoukcFL1veR1rSX8wHfsPFidHj1YzX0gQaA0_d-eBp3mCrCcbvz9f1O7KOH442W84i9AZutWWeHPUa5wgXF9IGyhPLHPPd5jPEWGi46I6EOQgwvu0Akt9zD8MLU7rEJJn-9wc4WibHJmraH_XR_IOD2aVbBMW_8ZUsEJcZTzCk4-b3eat_payVQi18KTe5t9Q7kcTujAn4WiRXJ2sJcTkQsrPuTd9ZLC71QQM8a0fbtIefm3nbPx8R6Ef1qAYPEMPQB7pxPx1ojhXQeGlTbD2RNif5aCOZ1AoTeBbzcxixltvT47izo7orLIoO-tspHBxTc9IAYpz3T-IH5-NEhh1nB5GB2AQHrwZGmLXd2do-WK-IHf05qxxSMX6djl4D__UVgZu6SLhI95UiiVb7m4s7T6lfvWI6cUsARXfCDFx7U9o1pOr6_aj8Sfa2_M403ZJ9kc53mEcOaEEoaxlYwlsKvlopEFd3WzyQ3-COJTth1LHS1XI3wI6ORf984E8is0fhDSIsYQcFKzhJJ34pLtq0yBOcgT8xMXU0SX3ANkrK7Ho7UXU1RDks6g-MTOWUqGOBCDaYkJwu5fr_vjwPTHkgcXZvpGhKkqsldnoNJs2wF0vHk-5kUoVW-f6KMpZpcO952_7P_kpZoN9JyxiT97lMuSNL8MWvcfhDKYFY3NYId1dYX4JZl770kHdTvopR97ZNdmvfO7mSRU8etixIYbZFTXY9gqN-p_k1vJx0Y3EzZ7x2IBiQzZZAzzXkiRBFbClDOw_ykLrBjIdRZHiaEmmzSY6sVYMmUngpmhnXtZve6xkyr-NRWL83l1YfKG4T0Z_PT2E7k1l6piLcWLzePNit1o0iOtWt3SYb6DkYPMmpNNBHvjmK3bvSlQzZdbrwrqmgn6RoNpom4glUq6x4OiQoWDswJGzJGUD_7XraZjNdrhWQDGQPWpyW9PhHYEL-vBxXWg6VfGNfLNQytZbFixZt-Dqe-ME1BgsLeERxVd99fYKpBi5I0JuGCRRQTR43q_8eFrPwYzVr3EXcmKachIv3M9toIeH5E7vV0e6LfveEKVoUWt7kAm34YbwBTZ_sfONPyeTWSukao1YdWDzdzkm3JlE-uQhpjK4ED3zKu7dzc98XSOzCqYXoAoHnsG8fEBdh_PP-y4DjaAbHxj7742l6y_6XpuFW7nnslfxp-nJjb6-EiUGx1gFd7J7NTCm_ZqbPFUt1fTS6oT4TiVRqdQRyKs1nfrZB01cc31PGEmMZ2u3X4EH50SLAlzUgcpahCUbk6PNrDoGqZPPpSpZYW3gkn1e0arVOLp_Jb92f2ltF39j5N0-BeY8mHagt4U9COL4WUGx0Bt_WIuOh93kxQILlA12fJV6bHPLJH1Zgk6KgyTmHfsukBhtGN4TCVsbXhW1UEAyTghARUX40QLPvwhI7r_a_y_rtqrT1-kdRtBnu8iuMZ_-tvMw1JSVnyIdaZOW4awtSlt8SyZkS1pLiKgR-JD-rHKZDZYLd4cB_h2orxDfG2e5Gop5H5vNY3wDYYgqCy_0RlAUZXr5edxu6CAQP8WGpK7leAC9RV64gtCFGRCwFptInPBVwNfd-rIE9A_MTBpZlvNoyWwE6AYEfwCchFiAmOwpJIN1PVKypg-xr2wXkWAEuKapjW5_qOCjrjIIgrWkFa98l92Xoc0-SyDFpWOT_ldWsdFnWNGlXyg8ERbtSuXs01ubR71f6HD_-nZAGkGHFmBUIxuglx_WOaOSdfI0cLjXVA1b6nvToizeD3A47NASI30-HTUScREXthQX-b7R5NWIOZQQMzURAKAp2GfHq660ljo0BOiv7sjfSDtKLIbY_mgzm518Wr5GAbgFIokZ8syDHsCLzoBfTeSOJ-z6GQ8hcOSzVwC1jM5GLjnPL6nfi1dXE6g2ZqihPSK2V15LPeY9lSJ20GobCLkXjndtMeZEiDTyb6eukDtgDQLEWZRdSndxcheQR3ESejzHFUF_hKpAAvJoNljcmYOppzR2jJdNRRiYgI8DIBpiuNUDqB8oqW6Jxc_XvnGkLCENRFs4Y9L9ESo-_QM4k7UDRxaxsgKr5PMzgX19zW60pTHG7KPUJ9LOdSbC6EawzbB5epy1Bo-WGLeSKu3jOB5LUUlOISfb2iZTiHF-9KsK8iVnRY7V1oooeDoh-jlkgKoDUmdfgXYUVpd3ssKLhMTv63X1xx6H-GlIoQ0WJ3WeDTwAB4OQwvaO-RMYLucvWXCGOdy4KNWsKYfF58w067S9ngnSByDSchsngYe-BczkV142QPRq1l_4zXa4Wq-&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=7859409463556102000&adk=1877897943&idt=183&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09ee3a9ec1bb979ad643c44d4f4f66db3b59f63ab033efa6f47963f408ae9420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37567
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7E2 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4032840779210&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7E2 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4032840779210&version=m202307240101&ct=77&x=1&cor=841462217446813000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
ad.doubleclick.net/dbm/ Frame E7E2 16 KB
12 KB 99ms
73ms Script
text/javascript 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-Yev28Yl4S5Wd52yt3OJdgy72EfZ_dOx6akZOGc7ejTm35ASgNUky_6veXZBhRwWqqls6jYTRipCqCsmnhi6hXMxfIrAt7Ax_OfDR4RNefKA9M4HRV0103bhLO_HNkfQY8dwvYRc5MGuUHDINwt1wxVdO3e7fPVHOPF5TTtA5pG171As&cry=1&dbm_d=AKAmf-DEf94v-i-GIugyKEkpiBW4cR0Cl4FJZTnFym3op9DaSpzPdakPH5IZ-SSGnSMEsnHCpRZta_IoiGfMPY5XlYkt2OP-KXcGRVQoCXJIsl-t1DxuJB37wG46-Ead_NDMF2qKgjY1QSyWhoNnkAXO-qAp9VCA9l3-m--JTIWS7CBvup_0fC9S5Iqac3NkwuI-9NdHtSQJ0SCpJLsExvBU_f3XR03crdk5k24UPTVmZo9Sf0w53TTkIlsiq_8sxUSdM_cXAa8w0_a3e194fD-0bovWFX29G5C_1KGfvOM-QhHGg0ZMYYMdsrg9lXVgfbX0vBiJdmfkPsysr3nNZQNxShUHNgxJX_HOpom2X2L1NW3hz_EzXw-Vt-j--B5mpy62fidBVT2xSRZZ7ArJ00aQFL-cJFJDjf4PQggdvBmNiuazYJLY31AkZFwpKymgc5ud7iUa2jRBBm8ZG9WsCQU-VfnwQMB8wNCJYEGCgZYkhTUOgtQrPNnlSdS6XeUb1g3thqSh4lGpMac_obxVKPS2n9NkxhHsktayR9JSfxtLRe53Po6xybbssrIKN7kzwlGeYA9s1vWNf43-LU5MKpEN9vf74vtTeEJmXJVRHoOSyJGqs6-Q69DGkXM62Dj-0WrATWju8867mpCRaXZGdTIE4_-S-esu6_eEY6dP_bJj__u6sw_gzfX1TWEjJ-RNfEv5PFkLDIZ4ns-EaBi3lcPtH1OgaIlvjxVmZcE7UEfCIEaFoil1Zz-eXbVQ296zZcOAbsmsoIJMUF5kjwovhianpHSY5l6cyhFkfjxDjcFYjcsGJ6IBBE-rlAxgwwFoUU2Hc3HW9mq5nDU2L6b3ZE7Nh9g17qXj7DK5THfHm5w0uf3GXDwR_fgzQpBcsloCYkIiavGf2FUwG8fwZKaygCQN2OtTXJWXaMBPotUjtl604UDlKMx8zj6JNmQXqJfbqlfh-5CoDndo75X8c_ujZBtCpETDD5u-WiEDlsNG5jTXSGZtP0xLDG9IINlk-SahXfH0TtqpnI0mF5wtfhw5wSuRra3N6gGVxkE-kuxUO-Ht9BsD-MlO2No3fyrlsg2WBs3a-8M7t8GeC5Pts00Fbu2sPO-o-LCqem-ICY_JJrrC_zpkDWRqOPuzbtQ7rdB7wmFjY_yPOVfJEeAytVqduS_bVZ6t-PIegyxWRy66rtyPtcQfHe5QKkqcn2IVmo9rYMALAOC7IBcJ649QtpO1L_jREBloiRbC_Smld5h5maUe2LsDLyPX01hZ99yz9G4CjEGdAQzQZ7AsyEZzMVkn0DewGTnVVbX593RhwNRrjO5DpxfT3s_Yf7ZTl2jv_W833DO12LS6qY7fCSeHI5B5ZWaRHSy_Gg5p9DhplROFbxXIwm8zLNLI0Ip9qJg4itxPyh4EEB2lLEGnFmh85FQkjUPmG-Bd9nm_ot3MjZSgusn1UUNjJGbWDeeFHpbM5lkPfRuZ1e5Nnuc-hrB3gEekNFrJTCgr7kRuW3KlDZRc-Gq_5LuZtN2kBHiXwoyk4CuLqrIPyDkbB3w5Boz0TRWc77i0NwPlZyNy5qOaQ_OIb3PqJ2vOKcACwCiTUtXj1zC_kRvZjHbIfFadyeon247GcNLRVXKDuWyRhGR4yg3TzN3C3ehxUiau4T8sTUav1t5U7pA7UwUMQfmHYlI19HWT3IjRJA67IV-WgqaClWEOiHxDFeCPByBWxRqtDBRaYCKOnPOvZH3KFqQ-bQz4PghAKzNfWQlTg5uLYy84QKLKkCYWvATsROeAD3ffSuMeObntgtcSvzfAhC5azUsDTjRq2qpw5XG55mvSh262s3r3VOboKJ7x1RhPP40-GD-cDgtIEQ_0cjIwcUnTZZ6kND7564m332UuVwfdhiHsHNICOy-vNwRBybQa3zhRnpmSAznA_QYqeupRbJ6BVIo97aaQaVyb_utT35K0UK4AcwEfoHv9pgrmerAaL7JT6VY9QOYcbQIDPqUpL-SHeGBus6WTHP4-jll02tbuY1MhXdpqF0mqP3T8Ui-vjAe9oWBURd8owYfcUx_V6zaSFfWMstEQED8vk1Nq3Op1o81LwSSTmCMtmOTVzica5MQa0ehRM5potkzq7BQCxCHC42sR6UeIacjFhJAh2uEnnRYVIFbfbzzoE3s9y5CGWKia9VJXZZa-QFbMIzLsZ3k6MpYUo6Hm0NDgW4pio2txaIK0SnEjZafLqjU6ZL9CaJhAJTCcMzkV6Aapw_djusOG1UI_V-3eVzwykjMo9vugPsMa8akUigAuRa78FEU-AOCdnZc41Yao8Kbe6rAuJZRW3vsE19f0Rz-7EhWmsUO50Pc9aIlFZzzul6q5DF7FG4S1t9bSJBqXQliDNz8YTDf1_wm-Z-1uEsqmrK0pZfXwbpBMXv0WpQ6JTUBGaOJVQ32dMFIckj2cjCHvZolEKbPFSt5D7fx5tQrgnQ16FdCMP2GzZBzG9o1MHUCugzRZRTBFNVZcoz9eKoaI4kbMDLuduamh_6vE1zWXrKRRNq-bIP_NwX5dlXOylpq7Wyv_chHqjjf8-PifcepTiPW2FjVF_lnN7hTtNNlqNIM3DLBHMSgNdN7qn9dTz6ICv87qz3ppjb4w9heIEh5-nhBRj4MyNmfmsMsDsigyebPubnda95HrABE-9QNxTtQmJTY_1_Rcvt1FiParHtFK_1HiyGBTictcZK2yugTUwY6Hr6UlP7MHj4xavdY9QO__R91W7z5UAKVnUIRTGHUbgQ9jna5hDsUyaLhG7L2JKHy6ER4e04cvQlIAFRv7rz56IFSbuP_R9ZvqaHSsk0GcRKHV6hujUD8KXuzbLAEvfZLsXX8cu24f9GwuybDnH2P72oW5labgnMRxBKvo4liQOzXtChZLK6J3oiJUz3tejmv1VPIGFeoS84in_DkFwnJlMMZpDvcSJO8RS5CnlKpYxKEuBt5dtCsYu6Ity6InBES3OMusmPDQoCa_L3JaKfaUJ1ld33ykDnpCmLm4igiZlyzuxECIY0F4EZqdW4fhY9cESamfPA0QRRUbzz8cpQ1ILxukpNQx5PKhDuqTRJ6mE-Y2dZGUgzWPV4OPyIvE_fRaOsXN0QXeCD3ro_SVyau-ynxE-9-czGP4lpk86JPQhTnExzzpwbZlNU_wgFjvN86Rh_de8YUw8-sBqBpcCbRmziYBTvverjHHlUfjLK_uxTovuborMQtSPmPhfo1GN2n2mQ3qSUukaBNIzZVU1fsST6ysxneiibga1ho_ROIzeIZgeGix_sQumsX_JElU6Pu__2ZPfgAOyXs_j4EsYo_kQ4CUgrinjR4iXz6XMKcj8-YhLEtPbulcjtCngqncCBIPulsX21cwIxkyYZi1HOAn56Z67q6s-tDhRg3t_9SrUaGuiAN9_chqzv7qTiGt1co0cXj9oNyw0Br0HDqOoOopdnF2zHqdvOOwLWMaZhxMH0LOJrT5ARhUlyzUNIfekNpBaf7_Pkd_5cqGLbTrkGemi9hDYmtruIbz4PCVYbNSHmn-fKvmT1dHjzlbeRkHG_rQXOHhnBEZGEoanP9yIlERa8CStFdEcnf2qtOVah0QTVZ-5Nf97lyLEKkctROZPUWjThVV0MHaxnKp5ceyP7GhtPHr9VU9Q_l1gKQiCXa0wg9FiDdRq-L1fIiiMP9QnQWSPPXNcM2N_4knnOeUdLEsvxbLyT1B3_zwqFsBdfiszHwoIvW7BpRb_QZYdaPKFmH-bbm8U9zqWttiud57e2FxboS5M9QwbH2olv9WzUutGhFF6dSBxkmEce5OtGz6ST-leVytdUt9VaWnnCdt5B7MGVTBXJsWCqDjQZoLer55P8sLtQC6QqzACViKv5FSzvQHLeXMXRjAQtBI8woMBBRt77CFJ7NleZpDNPvH3QEOSTWhlzwm&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=841462217446813000&adk=2086295851&idt=212&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

5e7128eb745beeb6c800cafadeac31b112d017d0ff67b5536a2316d4e3781b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11860
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4405 111 KB
39 KB 49ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Origin: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 04:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 04:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 4405 11 KB
4 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJHQjRNGHB5fNAmFn_0_rgrut5OcFuzzAwkR2N_mhOuvZ2LLwBjraaM122Rp8L7LzmN_kuHB9HsV-x7UeOQ0w3kBzDnQ&cry=1&dbm_d=AKAmf-D6vQmij63ryvH3fxLPE9sMtZVOKi320TH1Khf2wGgwFDxAsQEOEbtboBNTQprBbUrV6oGr19Muwv5DWYOytIIlPk-wxHEe8dMQueajIdYWuoqGFc7LRW2uJaajM_iuPPWugEh0AD_LdRYIAolnO0Fjz2wJXQrtaLbqpkqk7dRcivzviHWoTPi3pL-znS4-aieVN1xMvAMsqrzHI_VXK0tQf6WA5iovugWs_Y05etCRCXvCEF-ejr5engjNSl8WA3nXfZg_Gy_wEuKeMHXTXQLRjJc2E03dZVXrmgekerrKSAv1VimznaYAyWVUGdVrQZOKzs-uQjGacvwYJ15_TKDK-g9Qp_7004w33M6ZmfOFNwd_3FuW6dQkg0-fXeolKuQ1F_yvXexmWCb9NtUwelVYMDt4kjO-8zBU261tGyZfPHeep9U1qO5LGJTkXhSb9DCWruBEqY3AqbDKU_NEjL2nWMHqwYTSBWTT3jkP78caB1iytuPY_g08QSUTtjA9DGdKu94vrkZQbGB9VwvSELwUVWgH_siScjryGBfGuk1od9p9UNAB7pykJEUHuW4bU-wxmeL6d0DwCjCsSd-BYm-Qm-nAGCnsKIaNdUsZOdfj6qK2YnLf22VrO8wTI2ia-OxVW9NbWTTrlJxdQcnT4nUkByvrkMxRiE6tGXsskqXBT3IgNwrEgQcy4xRfy3x1-Ad6zCjq1_WbFG_to5Xm3ZKvXdGxnm4EvHNKUBoLraRT49qZObivQCz9PnmxM_XUPlBgZDlw85pvYpRRkXByg82C-wL6ftrZ7fpB4GGN2fZEDuTQGUj5mEezQg1jblyvtlKxEcD-Bvysj1Ry86ebEymBN-GPmb8l9w1AFf-LrR1A1gttMoJdLbEC049L6Y25Z2w7SYXY5eb7H0ZsMHBkqLA1QS1plhuKvuv_FkYOZMX5SEbX3nqaYFFPTBVv143di7h3JZmQ2E7edD7Poi0cklRnAFJD9UIdfIaiMytBiZ9JcRnHqPZV19uwsAzJkEf2bFRGnXl3JYHyUiC5r052FAkT4ZbfHzNRn4b-lWjdwt4xtUiuyU0FBpLfwZNS14qsrqUMKQpLy3ho2hKd52pwWmZfzlLFDRciF7NBG7T8Oc_p0n-sOpTu_B7KtbWSepK_bNIiYyQU-Pk2qq4BsdWGC_vGp4gU5FGUUFHLMRMiGtwh0lnC77g5-dWIY7VipmRwHgSh4jhTTSyUinMiLLjfzhSTPI7bBTbcpJp1-qIO-AHnY53pUuGQaw8XuRcNBFXPgH_CsyEb2v0PWbt7l0F6v9GK9yoRMRsSXvpSXcuDcm8fhgphH5ETj40VjYiS6ZcgJeDautKzGLn3b7r_bbVIlUF25Oo-qL5_3klA9kySR6nNr2fszKlEfivwu8dA3fzekXwc-K0crZ8aH0s26ZZYUpehEIR0TJ6iWHXJfyG9_fi7J-EjW8tWDHGWPekmok0P7bXrhG9Dd2qxcGyOYkuhh-9Ml0tGRJbtyDp2AmRtarrjXRAlhPJJUM_uGD_b_xrNfTfoNwopW-pfj-FEQ0jOCT9alClQ7l6gWFEzGkD56z-Mkq1A2bp2ehXOpYSgqKlRHwR9j4iixCzQoPR7G3H4mrpuMUvxp5iGRXKXiPQuO6atONFWyap7Xf-ezMIF_6cTAwTUF9fXqRTLs1f_GPNFZh4HcX2rtdkkzVn_GJiZ6bq1oxmO0KZXq0HXCsOzPyIfEdDIgso_EzFwsZILx9yAM1XGmgjrEILEK2oUmdqfo-DOBh5piPVLt3h6U-ppsLFYXAwRwCqAQQmG9FTx2aixechxLERntC-XMFjxGzC-YsOpqzGBqJwnrFF6Iv84CzUrE-ilCrBq9VvRBOGne7h3oW-VD-EUJGb7zgsuPLew8aE8GcEUAYyRZDPlZJ_zbZazGeb5aR49-nrMhrSdiAMzxnHc1rcmqe6cLSOHRCDRRbG3-AL8ew7VY9iOKp-9vnC2zGec8O8yvjx2_Pwy05Zssgcf7Ej3uHJh7S8TgWxMTZP-c9TXsN9MwZfsA3eBZU8tdmcqF8BT4qF1DYvmLxf-aJvkLTBn8K7Es38YxGLzkRICpTN7OzcE37KBgIoi3yzAjhli8BHfKMIZbkTB8nOPCUZVTyPfHWdyOUtAz-zhAyqlTUc2cLO7et2eFprLAUjhNtlsc4fQnSu3Qvb5puFOZb3H0VS6qFu32g20ERoo8Ac3vsczamCX0k5wYF0x40DpFlqBRG2Q2xeT7JzSfcdqgP6e6BgSDvZbP_3Ja_dN0CM7Zi4M_89HCvHsBjoBybeKFgBsDdp9RcruTvUbIXjC3HW5pq0o1RYZ6OMQACP9OrUjXRo782zZNRypgRVqnXhaXuFQRJUMypOlIYZNUVuq1pFifkA6YaAVSJccQBrVgfLIKKh0ATn1dM6lG5Et72CE1hUY0aElMi0ZGRc-4N05xNvW0JcNj2dFaaqR6JhZc44XExhGi_qbSKIvNzL4ir3ikZZHbkxoEAWOLQKYluzV7uviYymyymmAkGH1U7omkdJWsb7AacZrjzJgCskbt7m_1XRZM0uESsLqVWHqW4sJTZBxy7iVigaP0Y3GawFeY4kSJRmtzfMD5hCY68XOENOpxoWSD4_vehgM7SpJm2OCCXAKPdpZnZQL0F_WD4-bOZg9M0iqcrSoq5elkEf96oFToMiw0TFDXDXoeNL3lorbToSG4cd2jSOFmCBQXLEUqklvAaCLzxWqoe27Hrb_nLY3NrfVnpJBJoCP9wdg2E5pgFK3A-PcMauiiu1EgQgiFpSMlKM9tWZ9bUGXs6BiL91VOE2Xc22hCFQv-dNR_PkB-q1OrAlNlEvaRzi-fnwdLgQyPxQfSNQA9IP9LoGQWp_ayEN_fsUf9FmrytE7SmkL8hoeyDcCfjFocLUGii9u-rpN7I2_HZBpvYWKar2T9N6-Z3wt8I-p7dcPVRvxy-p6e2goOMpkacrl1T3kKTofhqqioXlSGzxGv8rkj7cG3T9lUjKdkhjTs4aqWk53y3QYoTGyHdkc8in0HS1zG-MaUlakNM6wKZMXJQBth0dcNFUM2kj6aBW7p7c_pITx0z68agQnV4Bk5ZdJJT_cCO-MazSZiWUipJvXQ5dl9G6GhBPhRvBXwjFhV3DwxvRF4j86fvLzMW_E-b1q7lf3-6buktrJU1eNj1jKnQiG_O0npu4_vP4DwVJcEBQ5vz08TvgL1Bl4u-Qvem0ge7ypc7WdCZPmzJqSv72HuaJDKLKwXk4AMslFkDwcMXS557Wkjde40iJF--axpYMi9t0q8uIjcYNR1nZiKMEoqAVCQMVyA-wTZdZvBnfCF93fHETsa4azbJ3jn41dE6UgxaG1LvSpqPI9fxVcxX2dqYy3FX_Abh1UCz2mhTY-89AhvkWTq7fgz979MfxJCM43PNYtRSsMpCLJSVHU8s036o1s9hK8SytS3gJ9lgjn&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=1149130399373311000&adk=1964084972&idt=108&cac=0&dtd=43

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:23:32 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 4405 30 KB
11 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:24:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4405 41 KB
13 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:25:04 GMT

GET
DATA 200
OK truncated
/ Frame 4405 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f66644120c585bde10c2f1f1a08c67b198d772267d1e40c0f291b39e830f86b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B7F5 111 KB
39 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Origin: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 04:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 04:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame B7F5 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALQHm8yGzV0nCfCixpiWZcirlZRKPLCtBb6e49LGtrr-9ZNS9PkPzO1CsRbL4fp63vFaboArpWNOf2TUqKy5IDUL82xw&cry=1&dbm_d=AKAmf-A-Gw6tqvYd58H-mAN2NKXwhzHcbQfvDm0Et9Ytr0ucwkKhjl8P2FH3ua4pZ1tkYotV1Oh0aBK85n2CcjxLBanBO7o-99I-bmR411FDRY07nXf1c0P-eWVOeHZtVQ26k2QPBvkEiMkFED6sUqxLLaednGc621nBa7ghH2m_3XIPLyQYjgsesWDgw4bZpckS9rzeTynvArBCaFb1ma-khN2k7wFLKV34PNAfp0cHEUqYg8cWRae4ysgLh2_oR508oBacEJxdSEalrN4JSRNAVEOyMfcKVVrS2bNWZsuQksfA5sCU36BnY9i-YN8o52UqFqCWox2mMf2kH31XhPn2zrgkuLolNQJg4rMjSIWCaTO2o2GC42ECdBOkPvIMbrkzMMPEVGQkeXUZZF0VHRoXrmaQSvHn_YT4INplIsKzGIziknxk-IC0dW7ROBpFfXp4MMKh-Tlm88MYHTMYBdok1HaZuD38c7BIavd9YmzT-t1se0x60WQo3POkemD5B4v-sby6eVEn21DsLwIw1Q9xAZcim46lw5gWxZ6PicHFz-OFSkwuUXQOHbtHqmLJ3_rjV35WmQFZjShIwwyTXRviYRLgAVsWSU2n7YnVFWlFE67cp71xpP8rYXyLpTWW7KAZG3tFT2peP3VdmezXmdajOXLVcCaLiM6NunDPDXZUnmP-mThimZ2krUkpx3RHPGi4gJZoQb7EvPmgigbgh1oTIkzqqjYJApXST3n-qLCxM2xIHzuLu3l64I4TDjVjZI5DBMmuURybEbIAifPVg2NR_faS_BLjkBR66FFb0YOtnb17yLsr4pkBUbry25Yh-RFXxgR5J1FbEzic6fgA8TWEKp5SLncOpC11oAmupl-fYTPHpUGp0zRwn_ksAUR_p8bHuPFki8FnB_f_LwCULSiDof77A2u9iEVsgr8-CJCTY8dD7JZAlgMsdZ5g5zQbVG0kscoqcpa2G5ND5SUvxNEiLATue2cdlVjNWiS4MeCNk1IrO0DdjbJB_KxHti3MdHJOD26l5_GHc8UFI5KlDA9TI4QfpUrgazN84EQ_h7U0YruqXgUdn2xj7sPn91eOI2L7GuSpuVJzimR_sKmehdXJXZ2_byQOsZogbVI3EaACDs74IeYmQafXVY9vIqxunbUSVTlVIziWAjrF7AuUlzBLtjWLKrBH7lJ5nmJX2-FS2hsITeASwEjLSkl2nIqzSbtKLT5lZuY5_O3VFv49Af5Vo3zBN5dAPpXeaCR6sj0l5PV9KLdFDDNfspMXzcvksY-g20idvDuC1xsbE64zdW_wLMpEEVEndI77hUv3YKjAEHtyFAQYphqacMghHAIeAKfEk8d7OpdcECwQx6Nwwgn27_thBpXczWcHuABqphieMSehhjZlOLytxbHgFysaaKSN1c9GIsK-y_Jh9T6RfNUsu77VzhjhrVoFEKst6RtAgL_avxwY3JPiXTBAr_pr-GYVLoB0ZbulZoicqspGnOWH5jiR0YO652YLhjKyf7BC0fu5wuZcPwsKJu8XIkdRhi5rwE6DU0lGlQm217KML-QjDSR_dwEPDmLRlpYXPumcqFc77yXmrhEqt0LKPvn6FfD_BPDxz_F6jNZpbYqkI5RrLx5R0E6xGSUKBCE9RkQ-VMA92vwvajI6LO2mTU3hTN4KjrvDnqGVxVcPzw989pB_ldop3W44y4hnMXSTXfa4GlRuUhREq1RKjfvBotBZ4HzKUSyOWH8zT63GQ6vtkmbnnFG22jXzJBAFB7m9rXBaH7VaxNsruQ2WhFeRdm0ALvOHrEApUrTMTwb1FYq98KOAPyUvS50lTB_ZPHTcNgUiob3_y_nUUCGBb3w6YBcVwwgXmJ_yXsiMdApn96f_6xC1fH0X7mtrx0zlFA0gaSw83bzsqMjQjGJfXlnHTaII8UMTfLiW_pgt1DEiVIPRi7vp5LaBn0NNsIWaKZfCaf8xR-5G0Qdd-DrwYphtebniI1tusbQK09s3TplWxRAVA5ro2nOMh5_gpDplMLuxx0tyvjuXyL3i2s1LFqDBRLED4c2wp-wpjcADrc1KBlRZFE8oMpifJn2MbGfH_v_lCMJLLY9Y8FbTwJzJ4D71s1PFEv5lE-MW46uf0372FYwNurgyNLUXO9Lb6qdv4iFDplT0oVkwOubAqEeP8hjSkZQjgfFVe-opV-ZAsdcqIemurdopZQ7qP5_yAH7NBZ-O_RGUZ3VVEhooPCiaO6HCAXkTRCMJFYkeMdTsfiNvHmGHJsdGRHUAizZvf5iqCCGFdFUoUqyjJn-95fewFCf98Mhw3yS7Q8MsWaRJ01eUd4RH_go8RMO7sTAZXel8wAXSsrB7RXfo1p9Xb5ayqB6peliOaNlMk4FzkwU6hmGYB7bJdlXb93-UjB4cEjebUUcRO50bjWMahl9vagy1oImlk6-GlOlI2aUCSgwAGcaMaXp_4J5GOoLejB67CzBOGh-7DtEzrq7VCLy1kDBAcLhF7snLWJKUnkAUmpCpbiQhmCS0_n9t1UCsWURaafyEU0NpI3p8TBU_9EvzysyqotoUX3p_eKVJwUgCetEOLmWF_1ICXSD4ky5daITvWio43K8EPOnXLItnfyZkV5FeDllFwEX-7gNYrfRggGsexTEVwSuV-wDGsWe7jpCtq_Iyelw7JVowBaLV4RhLpkiX3sLPGCGhCwZcWWGO89W2to9vjv_TTy8KrBGGhSgmGQMhOpPDTTtjyPydibZ-aLlaxgDkNXLbjiDTyV8pVHKA8T1cI_hwliD1DfUIk6KP_qFbQGN88lmF9U3ARkJ9nDyxqzuStj29nKGuJdidf9bmicwRNHmeQWEMn9E6pHkm2_8ivSlSjmpJqxtDjgaCpZIeoeQo0KZfLl8ryG1Nhk4sS_ims9WEruzJkgbqehFQlEC0q5NBrbjOq4tJGvbSdzIZZ2mzxEE0UEK13R0NuzPXlH2ptk0UJsSONv3tEhzphNownw01XICuqhEeDHZ-21XbsElE4QCLKgzOZrEdoL7HBzr2BhYKmUpoUEvC4sMc4gzGxzlxyz76s7MUQzL-2MCyTResgNc1V4IOY6nHYFyYV-3Zofg-hkxqqfkaXE7cU81kc8DS54l6ypOBXjoZYsdjt5UrxTHj-RKhjg6W2_0302Bevo0-yZ8vDHI-_2xeD-AtmiH6BMGlcRKMcaZO0AvcwpIK8BZUDVu7PpkJ5RHQr6zbOd4-CFjSd8AihHGRa_QU2scimgxqdH-8GdT3SOD3Mk6K_ign7JBy4EjkN9vLofc-MzoRU1LsyT_BeJqYTKnCzfxlOFWp5OxCZWb6dVEyKl36ir3JgjylgH_wiK7lgorbyfUNKvP9S0xnC2956WHdANfylB4IzGItLJcZdP2Mr00Z0sMnpVy261PVr-ZW0YMiRVairAEf1cbvrvaa4SMZf0VLVbnc7FfmPNP9Zo6leGZOeWw80qn-deDW5N47Mdmlz_93ZWIN9iJPzfVxXA&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=12638222213369367000&adk=2124396030&idt=213&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:23:32 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame B7F5 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:24:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B7F5 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:25:04 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E8F3 111 KB
39 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Origin: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 04:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 04:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame E8F3 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALbMdDoP3jdrn8SKeCI6xIewDhKtn_ukafplqnm6uke0cvFQYqNSaTYeiq0LH0oJjmN0aGir7VlQdwkZL1mVnJr94u2g&cry=1&dbm_d=AKAmf-DZyfWyEP4usTc8RPV4332u_fLS7cskooNlu5Mx98M9hIo0PMzQzk8yvPW_TBNeKrV07zDqe7d-52j5CODmpmB7f7XyL5ckE76328dehLlHphbUW_ZDKvUOsIKbBi5rgr-trxv-b2gt-D3WprOrv49umpo7wFWW0WTXQtxuQkoFUqkNAorMfXN99pblGVupEtgXQ_oYoZQX3Ic-Qgo1TqxDoX6-D9uk2SlAXJB9DxvHle1mhHO2I-PqYDVmZKvW261hMFsTTN5hfgncg_UmU9Cv9PvDK5drP6Onpo1lZoU7pz5Sr_fIjPF_pa35cZBvcThLRBytO8vfOCyfGgHW2vWEM8S0xovEuhCjjTmeoJOEv6pDIyuBU6GK96BCGSmtT-YF_yWCE_FnDkShco0y5AWwcv-LDlanZR-q5f0-nxLbvq1nAbhse-1iK6VNZC29cgn56xi6UgH0oF4TLHHm7BYSu6wvMbEzbZl7rmLdqtwQTPAegIMhEl477TEr6gkIMZJWGod5uEghm1NzZDPLftVNFZSvdlnmTu7ga9atEx4tsNacrzLg-IF8vk8rxgMGMdGwaOB2sZUtSlDiMhBs_Ue8vnLXU38lIpIPVxX1bsTO24sMG9pMNjeVJowaMwZQOPzjcx2axHde0MfdsGwLweTapzu1MUJZCQI10JMY67VYUJ3qS-DQNH4A4XrNX9Xz-PDPx4JmJMz4LsmS9bqI8ZtqdaSi7wI8PD2MV9Do-JZVTjiCJdF6PRtKL0IaRw3OYq_1iXqd6Zmyd9sE4YvrJnzhdEN99E4UfssfZuJ86fzF4R_4RYI7Wzjqkmb0dAOcVTUH3hQmSy7OmRPdKW-5RnGqmruwAcYo9KdJvKmLMB1hy2mfNHgtu9lj8WITNGFMKVwzB4cFVWoOvN4b0X5QWcsG4byPQkZl5ZGcuiMmzWhZS7HCAlUw21vzp0IUQwnLskWh3k-C7WiHhIvC-Y_O_rWQUsETZCFruRZQz3AH6C1lR0i7fyU0jajnqnDugor1it8-8osbqEhzT776cpSLKc5k0nPEsQ14A2QUZQucXUgVS8eG_BEeZCWdbfx37BWG8eIWVhSebAoNzJ4ZL9IN5QhawtQOzCI6hiU7lhK5NAZfb9VOgvlA5M_mYrWX2ysrxtdAKtwfBejOLc3fTNPORIMR-YsxoErNj4ZNQOcJiEpxX-Qq-uWAgtjNmA4GTfO6CN2m1vbxpHElReKOQfnlQHv363wXKLtf7dC6qsCYsa9b_VyLS_Yv2OKeT_OPZ0rX4Srd_uGTjO85baGXt2ZM2NeE1khCt27jLRJo2Bn2epV0CwoTQ1xHm7AxVKCzmQ1cDjRVsLqxDsllKAUb19fd8DIVSd-aq0Sy6zncc4cIHqsMTYJNOoodqadq1rM0fWmAArt6hzvARQ_bnBsbLNKWciEFUqUCrbK6GBDV4p8h2ozVw1v30KiAXdZEm2KTBeGe0lpAunlS2T1tvONCq1qL1ClFIHHvk8wgKniijAIw9JAO7yOT5u4WkfPAfKwVXOOS_MTi3V0DL1PdPeXhJdgkTamrAc9i9TCYvupDyQMEFZ9spMotth3Zfa8FTb_0xHNtKlIvsrsC_FbS7ZJkwvw2Dbj8cdPJd4zPbQBB7LgrtjcD4r8xngzlgJulHx3FxUBp_rieUjKQq9-PWWNlZ74fiXrAaexgWqj0vlT5E2KIpoFXLtvaiqTf5LM3Z_H6Exc1u7K2N1-KX1VrL-WeUQBc-Ne58mInQK6smGdJS-CK-kh_uj3Qprfw7GhnrFvn-T6MsIx4Uu1YYQAOaALKauhlTkMb-KEkDkdeJm-oqorYkPvaPs2nDmxfufetkApwLZL0AeVct7g8-zXobyYIThBf9MxnAQlTMwy-zw4kIOZC5hy1H-nNaw2SBAAadXHq2T7fVAaCVnBSYjLiiNRBb_74b63i3hG_XtjgW5okuxfEpmyB7q8QhOuAAac_JGsMR8mE5AIwYBXBnjU6a0k9uvb9JU706_RYx21bbBI16TNKgny6I6Ga-spfJCSdDPli19xUIbbskq9NDB65CINE0fvXOzB4hMKpuTTVAnRno6Zxy0rhH38Ul_FnjWNEB_PrHh70ovkI3B8Nfzkg4b2JBhRpwJvRaim_wJICPQpzlVI93oCasHoJ2iNtJ3kP8Aw24VAAS_qhk4b4pjoBnmShaZKRmncWgT9yQGm_wIdP25vO76hOnkPB2UK1H-8C7r3qYQedydcLuZsJTKykOIkJ2I84ofr2yMRAPK1vFaIs-WqO1krjHkLZTDuzHeAu3VaojSBKKhpv9Hze55r1rk9Ulpb6NC1JZYx7okn6Be6fwNY0UoB0vhL3ID64L05uJUPS5z199rC4MekEA5ID5J6y0Gem9O3YEeMtz9-ua2sa3IvToEywAD81dWGByRmyuCWqeL55jey0ES8g3gQcWXpr_QVPp7-G2QSvEbemU5IlviSeRTxKmZ3X4fLkl7kuL7tXWLkVf05kOlf6uWRVB3vFir9aliy46U59gZnol-6OqIYMbIwe5rGkcgOlAKvlhmdHxKQPb_HlaLn5k4KB1gi5aMdP0QeP3QcIFgkEvCoPQw1xl0EWBO6uDWLYsygaZ7GU6tmh_CwtuBDNBSBJ5U36PQ5jLdVKIyseu07ENS588nAh170jcHc1F39C_jXJlTlhgVW9ap1UP2MZP0NCXPNzNEsRW-_H9d2nKYiHKJgKMGXThbk6rGSdoFBkca_-DHMfF8fd-Go-neqbTAKMJInqimJbzS6TP8ogOF9SOUj8rWjUESeW0W4BlqoaPdYY4PC87cnRYBpNEnXJcb0jcd1pXKYr49aIyMSeNbxHbYYSTW1WRFq0JDsGV8JNfFoRdApH5ljMmhJ_6ZIG4k3Wj_SH_G9RtdM-MTW-pT8mRZwf_hHqexerHs0A9SffWJ7hXFWEVaqV4xA_c4XYyVzmK9i2t_xlrqeYvWtN2rHGJFpn5X2vz53igF3a1OnjmzKwVmLpIuCKjPLzMV2hGbuKE6LTfnBA1XrJvjTok1yvuuUG5-QVHmc3I6fGFNIciLXFVmdTDjh2nfPzQLX4j5bTjWYYiLafr-_6jQm1DFMMzFUf75kbFBwZY6nm429RUvSXjmVFNqhVqgN5e7pi-yseE0q-rLiOI5o_x25dTlQjXasZlasiYJSuTlzxCC53szvwn1gKBT1hoknw3gw_BwquLK8wG0nuwv9quVrKWYtUfiTjqU0KBSlEe31uxKlc15_RkKPd8JuSNypTUcZhEpD0k71sZ8B3v5QFDTjwc_UHLidD-1PjUDerMnaufHhxVwpjvSThSoo5dxOllRz24ao4RMILZWCOAVjmKdd0w0IWMwyH3RONIaT_k8jMLL4r55oh6BTqpyKkUDafvOonNr8o1Z7A-kxbnx1srGdHEBXseHxljGdsVWTd2v5PRvQknSZGp3YuRO1x8bP5PnVRJX5_RrAIUSMPhQE4d3LVUg&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=16472897085382877000&adk=2228999115&idt=200&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:23:32 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame E8F3 30 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:24:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E8F3 41 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:25:04 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B15F 111 KB
39 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Origin: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 04:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Aug 2023 04:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame B15F 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHYxGAq0MxShmciMw_eGqbwvRCgBQ6cechZDtJnGFgEuuDymcPvkjxukkeCHlOIrc-yaaL2wY0djCzFX8uSyKZCqdWiQ&cry=1&dbm_d=AKAmf-C-gjCrOVAwzcaz_JcDuAP1mR6A4aFK4Fko9QR-A5-JP_Yj_DopBMHS6iUamvyaQJxOSH3Yej2WlIOWTYj35LLSUNtXIJ_jEo0TQ9L7j_EiZpjiBnSIz2S_OYqa-E4kpStszgP8eo5rVsCqXhz-xxhaliiv4SvpJ_wAnvp5Ol3BMRdsou0XqyZoFKgTLSMK2pqKpkKheiuu93lHXMrp1M53u72EZALblpGT0_uOtFDNu25l1tI0eJfRR-KFC5bxHpG91-cWXnR1T6hnCmJi6LDoXsKKNGimZpgnvFqc_0THJuViENzEqMcZ42lcMmSNG6UcodjueAM2RKSD2QKZNAoPktjLNkV29VvnRpN7Jty4hS4fcWqb52DN7FPO_fSdFbJNVpvU5OYzZ-jZYKLThaPnVbVFn9N4i_2R-3GlRiXjT6dTeLcQqviephv7O8PagM-2NWlGrdklK80J1Vpf5V6hW2VIRVInLgHhZuqsxpDPhV-dFP9sM-m4jSdA_XcEa_tVVPzb3qoZdIb5fN7wYRMq1BDc-YKwYFYfNSfHUTAsrxHPgkN8gEw1NqhvxylXuZq_Ua53EBIoPZB1oI3nins58Gvghh89cfdCY1bLEggFKlek1VuxJH4BsrvepwwC912BhWdugncOGc4l-_c8fgxFTwujfeR2eSkv_wKak7RfpHI7LgCbJyU5XdoGf3TECEX0p2KhlerKcWLlTxMaixCiHs6bbiNCWglXM5kRyhGF4cfnJhHRn_bnktY28A6pSs_ZNI4oaK1Yy7YOQ8buDNiMltdxpmqHiq0UgL3ip_0T1hL6EI5EbrcO55FTYVvVgIsfiDUISpnOf3TwMdmqZRho5anSuSs-sNPQ0pp19Za-KzyfSwlkCqFZiZVsLMy2OWsp7m47P-jv7k07ii0MALX6ER3qWzjHXn6N8CjY1gjVa8QkaDlwLyzEi1Xm755ZVsJelZpDuzQkfgeMYKodGXN-2TwwQnm1nPXyiAkomsafwwTTk2X495aEamIUpChfoSh16w0EBbSFDqMqxxRjI9_EXE4E9tdIQqdgJGFeJsaPP7KVa-MiKA-aDqyJo0mNNybuXuBEDKzVcY34wCOo_01yJdM2-i80kORaflcNnRqcK2RLrRVVHFkZ7C9ttxdhxca7ISAuTHiOCoukcFL1veR1rSX8wHfsPFidHj1YzX0gQaA0_d-eBp3mCrCcbvz9f1O7KOH442W84i9AZutWWeHPUa5wgXF9IGyhPLHPPd5jPEWGi46I6EOQgwvu0Akt9zD8MLU7rEJJn-9wc4WibHJmraH_XR_IOD2aVbBMW_8ZUsEJcZTzCk4-b3eat_payVQi18KTe5t9Q7kcTujAn4WiRXJ2sJcTkQsrPuTd9ZLC71QQM8a0fbtIefm3nbPx8R6Ef1qAYPEMPQB7pxPx1ojhXQeGlTbD2RNif5aCOZ1AoTeBbzcxixltvT47izo7orLIoO-tspHBxTc9IAYpz3T-IH5-NEhh1nB5GB2AQHrwZGmLXd2do-WK-IHf05qxxSMX6djl4D__UVgZu6SLhI95UiiVb7m4s7T6lfvWI6cUsARXfCDFx7U9o1pOr6_aj8Sfa2_M403ZJ9kc53mEcOaEEoaxlYwlsKvlopEFd3WzyQ3-COJTth1LHS1XI3wI6ORf984E8is0fhDSIsYQcFKzhJJ34pLtq0yBOcgT8xMXU0SX3ANkrK7Ho7UXU1RDks6g-MTOWUqGOBCDaYkJwu5fr_vjwPTHkgcXZvpGhKkqsldnoNJs2wF0vHk-5kUoVW-f6KMpZpcO952_7P_kpZoN9JyxiT97lMuSNL8MWvcfhDKYFY3NYId1dYX4JZl770kHdTvopR97ZNdmvfO7mSRU8etixIYbZFTXY9gqN-p_k1vJx0Y3EzZ7x2IBiQzZZAzzXkiRBFbClDOw_ykLrBjIdRZHiaEmmzSY6sVYMmUngpmhnXtZve6xkyr-NRWL83l1YfKG4T0Z_PT2E7k1l6piLcWLzePNit1o0iOtWt3SYb6DkYPMmpNNBHvjmK3bvSlQzZdbrwrqmgn6RoNpom4glUq6x4OiQoWDswJGzJGUD_7XraZjNdrhWQDGQPWpyW9PhHYEL-vBxXWg6VfGNfLNQytZbFixZt-Dqe-ME1BgsLeERxVd99fYKpBi5I0JuGCRRQTR43q_8eFrPwYzVr3EXcmKachIv3M9toIeH5E7vV0e6LfveEKVoUWt7kAm34YbwBTZ_sfONPyeTWSukao1YdWDzdzkm3JlE-uQhpjK4ED3zKu7dzc98XSOzCqYXoAoHnsG8fEBdh_PP-y4DjaAbHxj7742l6y_6XpuFW7nnslfxp-nJjb6-EiUGx1gFd7J7NTCm_ZqbPFUt1fTS6oT4TiVRqdQRyKs1nfrZB01cc31PGEmMZ2u3X4EH50SLAlzUgcpahCUbk6PNrDoGqZPPpSpZYW3gkn1e0arVOLp_Jb92f2ltF39j5N0-BeY8mHagt4U9COL4WUGx0Bt_WIuOh93kxQILlA12fJV6bHPLJH1Zgk6KgyTmHfsukBhtGN4TCVsbXhW1UEAyTghARUX40QLPvwhI7r_a_y_rtqrT1-kdRtBnu8iuMZ_-tvMw1JSVnyIdaZOW4awtSlt8SyZkS1pLiKgR-JD-rHKZDZYLd4cB_h2orxDfG2e5Gop5H5vNY3wDYYgqCy_0RlAUZXr5edxu6CAQP8WGpK7leAC9RV64gtCFGRCwFptInPBVwNfd-rIE9A_MTBpZlvNoyWwE6AYEfwCchFiAmOwpJIN1PVKypg-xr2wXkWAEuKapjW5_qOCjrjIIgrWkFa98l92Xoc0-SyDFpWOT_ldWsdFnWNGlXyg8ERbtSuXs01ubR71f6HD_-nZAGkGHFmBUIxuglx_WOaOSdfI0cLjXVA1b6nvToizeD3A47NASI30-HTUScREXthQX-b7R5NWIOZQQMzURAKAp2GfHq660ljo0BOiv7sjfSDtKLIbY_mgzm518Wr5GAbgFIokZ8syDHsCLzoBfTeSOJ-z6GQ8hcOSzVwC1jM5GLjnPL6nfi1dXE6g2ZqihPSK2V15LPeY9lSJ20GobCLkXjndtMeZEiDTyb6eukDtgDQLEWZRdSndxcheQR3ESejzHFUF_hKpAAvJoNljcmYOppzR2jJdNRRiYgI8DIBpiuNUDqB8oqW6Jxc_XvnGkLCENRFs4Y9L9ESo-_QM4k7UDRxaxsgKr5PMzgX19zW60pTHG7KPUJ9LOdSbC6EawzbB5epy1Bo-WGLeSKu3jOB5LUUlOISfb2iZTiHF-9KsK8iVnRY7V1oooeDoh-jlkgKoDUmdfgXYUVpd3ssKLhMTv63X1xx6H-GlIoQ0WJ3WeDTwAB4OQwvaO-RMYLucvWXCGOdy4KNWsKYfF58w067S9ngnSByDSchsngYe-BczkV142QPRq1l_4zXa4Wq-&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=7859409463556102000&adk=1877897943&idt=183&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:23:32 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame B15F 30 KB
11 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 14:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 14:24:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B15F 41 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:25:04 GMT

GET
DATA 200
OK truncated
/ Frame B15F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a43e8215d7623c9aa0e1420eb35cc952a92d9784af1111e668ee5c79e4f4e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A557 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0xrS9zfjTlLq2Tz9db2TvhdU_XuvB3ZGnEKneSw22O7uNHPmvgaR6CnyMAEqWxTWeeb701oulnoiiUzoaLZMLsTVl6FpnJkgse85-YBLd6NoNtzXGZwz7RmJ-pe0uY5W35oXI46_Y_A24HoMpVnqaksbEuk7tfjv7y3DEtQXFxsNlf_c&cry=1&dbm_d=AKAmf-AtbWsbf1EYM22YqVR-f3K7hp6EaHoZXl-Kke_dpq8YaAkHQCFGJWtxObW7TswVkLmFOeM0gixglpGpgsOtfB-dpHkGYs2Qyl1OHCJA4R1CHA5XqZudv_S2oI_LDwGXExk8Kwfe0nEkESIKu_uw8_cJ2bgrMoF3-LEkhxGFGGp3dVaW5lgS19KPrSW4GmJn4bSNIKpG4EX8lZdCOjJAbfiTby6zHx1a08_tKL_OrVopdxUsy5xW-_5LxYv9izVZfcMjBxA7-uFhVRkRKr5ynhuQMsgYUjL4K2Fp5ajEt9wO0qPQSQpY19qvN1EIqTpaesnh3bEiMyeskYrF4Q0o-DIDUAs9WQS83tW3uFTIr9FDxMi7QaVbqTvHOaT2jyGETj1aLlQEvmI9ldOtrxxhskkO_Tr8WAeg3gi7oTTV0EYcQZP1UiDVX4EJYTHsyGypXSSitatwJWjFbnHvGAaJOBoi3fVZOQ6JVsYBval1mEpb2ZbBNtWuJ4I4n8a_2Gs7DBvz-dGESP-bfNncAHQb1aslT7zV6Fgg5jPMtwGesjdmj5PqsPZ_KxboJIwcqD_osxlywoPOUJMIgOIKzib7Hhj92nodeo3s2lZ5yzLMrnPjHZ3I2l-UYDhK791fhqzCu1-9OOPXSTwSSmw3qN-3a0Y_IdWbEfkXgNJONgmZHDsLQ4k0wozBxsUrpxs82szLTAzfNLJ42On5C1uExePSNGdTw98ihsgVWgKYZ7MN5qJROrOsSDnrIl0l6TarpOxRwo3uGZFR16Ms_TZnl3KrGjOHkD1eILNDVkjZ-59baymRMrt2OecumOy8AhNlOKeY1vsJaNTB7H8PxoBUgdh6CLt-n0UlRj1fZ9bjjuYAbnpSceVMGpJal6YiYUZz_G2u_A2vhnjL9D8upNI3UntRDjDqLfcEJW3uP_A8JkHA7awtRDliJ4l5tfKa9x1hOFDvxNUnsjudDHhIBIz9zr3CwcmPub90Mem6MJYvUYXVusDR32_LFirA0IhfEzKFJDcTb9MbnTJmbbSWf5M2aYAoIDUpF5aToX4Utg3hmk-QxKaKk11-BMAXLSPATieXqaKn6KsvCbuYN1F75L9O4E2Gy0AFeuchKakdO6McM0OE77wI9sIPERM7GaTqe-KHR71aLPQ1jEmZS5bcHmTMycFAN0yvT25tOTP_8A7JL7aTluj38IUERKYFhGFK8V9iJrRaQVMbNHNQ_Vl-McYMbxlsHMfZwLOWxvHKkuaKL9PXysBJcvutXPEGakeQkg6Up7-8EGWKNNG7Bw3SxSi-O8WOKQUHZvQST-bD6EvXp4feRS-aHj7eEdkwQmoYXRcP7OUxb63LrxogQIHAmn6T5kMJls5_FTHrmQKoXhfGg1g-D7W2zo1gkbG5piFcVvX38640b690LxKSxJlmu7PPqif16WLK_w4-stCCCuQAPRNzqZjoTE6WITLyE7g47-B5ikmYrbMAUyJ3VuhEK2UutPEjtEK408nyu7YKtf1CDZHM06EjU4KiThpDOlw3n0Ly-A-NTnqbqcENnFvDRjpPLpxmyJtIUOJ5g1m2e_p9Vzf_BYvNBarIgMjj9yL0A7HkbmVS135b4n-Tf2riJlWEQPY6-hz_6D_GlYGZ6TxC2QG5N4zc-7sWmIthSEKob9ggIz8_2fCep3gw-Fo0IDMVMIMFObL219_zsnyCXDKHBULxRv36BPGceKkoEbNLSLsOLo27n3SFBR1rcKqjYRKhL6AZ5gwvi_t3j9OdmE6Y7pf0OO6wAoaILWW0OEcIACOyne-OH_h8sDC8y13gsasPjhxClUgQ8rxT-sOASnIVNc62E3k5d61XggpE6Qot-Pm7cd9VhFk2q-_LM0iX8kFOm-F5bqck0S6i2Y2EO6x5nK7-y8xhbTm3e3WczQ8QfZ9_QnnmbATnM7EfeNUdyH5PdeM_oINjYWknwMC7uJiOn5mM6xFx9oxt7EolQs96M9nGdoI17RlpCl1J2_I8gYDxrUMrDC0bPSuxTsiSHPdayBLqeLw0-jvxt-mQcyFq0JPCAtDJglBSaZBxxIdLR6BHjJWJEvQTfxkxPoH-pgDbA7jPYYeIxUPjko5P84sTVSpl-urzEyn4o0Gg3Xm9rTZbWwUdzkaJTCCMotcb3uAXMgPTU0cewJmBxnMCR3rP0pR6_BE1cnNhUUZLDi5ZD6KE98BJhUySOx9cu_U6wEP950ASCy_p-hKuvrXOJjerAkkyML4T1RBC0jTqjoXa7339zxBHheZl6LmFKalofGRuJ4-0o7vrgKF95jAyUuc85-R1lHXweCnBGYMxiy1LdmDbtZazlrYPbTlKrUZICnkbQEfZg-IYUdP2yhB-dej-Rh0knA15Ci3NgmrQVaG2fBNBFwqaxiCh5x4WJgnHri9_gtnYEZNuTVw5m5Q94mxu-uybLMHrLGQfgW3hEjbt_9_K_FFaIJDsqW44oHuTSx-erGrv7cr1WnJIrVGEtAHyZrDrHvhKoLk0cBe4sh5gEuR4bTGqqeM0JwIhy7JCxxhrp0G2biL7HU-_wrB-rMdxYucxVTnNOPTNjb7iwALypOWhp38SFy8SuMwSvv92okTiDwJtBaaxbL01OakbR3Ss5uyt2Z_3jbP_twhzdSXnIhfIyOYwFPbhNLUHHipS1geuW-as-dLTex5vmX4pTflKDTGPqAosOqzimXAKzF6YtBc-hXvkMbRhRsOAp-JwKrEbwhOib7swJs6kU4qE-dDa8_saENtuMIBtAw75EFQrD49BrWFbs4UwGXRzrcoPqYo9kRCDwX53SiExatJ9LHr11QuN3hbnvStAV7hg10KLYHglbcWCSBnuJ5QjtookAeZBh_BCgort5tkW6Un0VHtdfGkt34GZVs67iQELN0LJ9xC3UYfeE-XrjyB4e6bdtfuNB7LbJfhLGh3ZCahGBeT7nDD7vIIyRYzJPIfAjdOWLyKx31MCgq92J48hHF6UOMbMIARS-F5eoyiiOdG4B6cJZhfaMmV1aUCHKF5IcSE-sxBDt1KO9CM2Wy3uJImHQQ5M0zHXgHIoRlM7ucN9i7U1JnYtwhtD48hNSkpJ8UEmCDCr9ETeYifV0KXhZX8yI-5Hyi3i9c0SXIM6M6o9Eiw7lQqV0mrK-acvLmAROeydhcIi2NcMf557NyYlaEBXMDDDkXcFBpVsJ5hmU5LOGoYMi7jZhZjcx1JRMls1Y7RV3TOgvngsVsQeCzwugMUd9Ee-jhq0bByNnl3KhhhPM_RhFOckAflTEqJrbT9hrDpglbK010XWCIF9TmoS6t1RVCSWNtLPZxLvu5IeTC00Jip1e_XeO4yyKMI4LcMzteBiLBfw5Wvkia3_M222Xf0jlrlbcHlQiIfErQU8FKmbxZBkCph8UJkXD4_mqTknVRWZjd31bxwojAUp5DtBzr9lvr-n59QmorHmgY8kKvwhJctOdX_A-7BlhxOZS-FVDfZMDO3jNPR6zgBmkfoH9MTgcybfnCQ9n5156ZCaefaxl9MxG471v80EjEhbTdRrXD8ruIi9_o2uD3Js526R30m24wNnpki0yfkkrZEq2O1AVzX1eAV9D8HDdpTeLz50BLO6f3UMeyotBDzQi-IjYYWBXZhQxPu4lEwvRKGpR4BMo8936UxRCBc9EXMlcX_ZlzD1k9Y-f_GuO1pswqpKIRiO4TxWGj8kHddSQxSJ2upMeXIQkO7CXQpdUa_LTFBwBdPl7ISr1-TkDSIz3tzxO5icKk1iuhh6jxWpsreYaFkcxFT-WEspEP_NT2eGcTJWLmK358T0pX0ngBDRevAPpDCR5Z34QjcJppvpaHnfVHeYvR3Itnw3SslcPozroNppA89XnGF6KejRIWKSaDBV-38f7CZ3mlpvErkf4YIc58uNZB-4kEeLJMgkUZGxpes9KCFBglTGZI0d7eMYHg2DQA&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=3779378467800955400&adk=3047537735&idt=197&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:25:04 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AB5F 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 280037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 22:18:00 GMT
expires: Tue, 13 Aug 2024 22:18:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E8F3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cd915d53edc08548146cfba94b7f759610235ea0d364e9d835023e4f9c2a19b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7073955107534177015/ Frame 1B8F 27 KB
5 KB 21ms
7ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ff4dc66fd6532e1fad835ddd8dd2d5bd85bf16c8446917b35cba94f9ba3fdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 60944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5302
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 11:09:33 GMT
expires: Fri, 16 Aug 2024 11:09:33 GMT
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4405 0
0 92ms
57ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstvz_Z3DwyWmHgzJ7ho0MjtCo2Sl7-QYgnqVWFX1HQ_naPsljEstCLJswJB5Hi1e9ZFnTpX9eMIsEAnQl1Nn1bbKKbuYtx2rqlaMz0VQCkL4E0GCq5V9lTr2sK0HwN5l6GWaR_MVnQH0e-Hwq-oEyHDs0tjz73zzupWyoibhjRlIzd7ZEqmkTcWcu1_UYYt4iDcZW8_o89FDQY9kfFaSGVRA5hGmToH6WaM0n5bTAjyGkOHcDqctp3aFXpWDJQXRuAwaNKuPjnBsNm1O8HK6Z8BZDSHuFPnSGGl7AwnyRX8b1Rg5MB_8Co0pMPCsQvh8hmDgR_vx2gr7Ykym2VfxHw-fu-9ETgtbaH5vRz2B_gvHroCtlkN4Z8M6fIDHHzYY6DZnnNffF6QaBCPNs5olj5j5QPzeM2jxT6Fh2pRPFtdavILDrtXRGdG27aZznzEZi5fN11CAQz2w8ehop2WLiRvMjAGlOkie-ivSPwXu14HUR0bdr5BEqaHcQV012Nu3UJ6ofLXTMGehtDrblz_AiikG-fY9L9_y3Q0X4oyxU7AJayySEtSGjou_4kqpBLzXXSQDiCDn97Gln1Sllmw8hhVJMXBETVg9JsyQ5Xyv8yN7d0F2cdbFXB2nL5HT3t_Pqpx7DuxVuELaBvNq1vmRYFGJWZk8stxbLBpKxsGUzaB456fxY281Yu7AaBZY5Ia-N5F0RXyNZH2cW1R1E7ySYUT5eJrEqiTLDgUHOyepyOXdJw6qga2MwH3FYq-fLU8AiW6qljbkigFXyi8O0ZjcAi9ciSp_ZDWqBIxo98r8hgutvtcTWb_EkEjzq2UKupoGcV_Kd0Jcg-wxaCzW97S9OyG6B6us6r6QV4VqORbbDKyc5GfmBOPi7qxla2Bnea17E1KAw9eQ45witx0ILMGz9cKn-9kqnggIvrlCRy19bmT_5oRfXtkJbAhPxuw7J2ACvqtDVHx2RCPYkAOOZUD-8s5bYPRZ4V3-6nFrq8AE67XWcNRbp6HccdIFQrpVb3b3Chhky_djAnRPgbLCktYpeRK40AHkLOMkT9GfluJGXFVSPBPVR8vfJWetq4SlIQp6uyHAxgo82Pncri6Qlhi7U9le-umrCCe-q55uknk4q890EW3JLQzt-ep7re0apgLDBZqCpnU29GXtY_0sFcMpISb3zJ8E9puQ5TjBGWacyp6uhOhLp-pFgFYxNq5mUnYnJ2ezDaVO4VKDHwIHJC2N14zsXpR3ZtN5zgYt4kZDn-bsVyAsdMh9FB1&sai=AMfl-YQqwM1BoRIyjjinuMf5_qem4GmD_Vj66OymO4m9Z3xm0tuTUAlfP4SWj1B4qgjW4dvXpmCjxMse62wgT4uVKqCC8STXuq6LSTOgs0hGUv2kLtF8GzvZ-upqyZwD2_bFQynjSPFMofgYOjFv3hDvu3jfBtouhRgzaVTt_f_B3NHesxSBnutYzA3BL4EVkFTia2FbOgHn_xe8fO5oFZMvQe2lAxt8vmgr5o8ZA5Cj7UbOjKw_I44bfV7RIOlwUAlIUK30X-7i01NSZhILR-1Agl5gJghSUaOsZJEmiXBbTx7czE_LXoFlkXyc81k&sig=Cg0ArKJSzMFUNEGuMe2OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=220&cbvp=1&cstd=217&cisv=r20230816.51507&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:17 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7688 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCyZM5kz8bPKUZvPiTVSoU_MHRaxailsvGyYVjGLCp19AR5Lrm5hditZxhe22Xp7HniGI1inL-jPQVaofVeHXd6Hacm9Ii7IyTDejjA_gr0H9wCaTKlPtWxEti22nWxR1oQN6LwOolB5KTGQjg-V50-5ZngtTI6QBQdfRfzyVk1EFQMhU&cry=1&dbm_d=AKAmf-DmwuiygmR9RWCoGrwda6yfi4_LizTqfkY3vlssr_3aqGW6-5rktanlVCKoqGP-t4RrS3iNpFQ9n28qrD28nyWlXyj-cAe5jvW-2-olMK3d7xFE75xQc3BztqiZK3jc2enNtJvImPQLoowpFidKUJ2XUbC0dUBL2j0XCaqhRbCipPxTcjPdTi257JKuV9DtL24uUg_InEMM7a8IN-Tp6-QE0BMfaew-IGEmLqh5OgRy38yFvc-KPdw_yNmLE5IM3idRch2r3SN3Q8ZFw0y8MKVxaA5WW6Cb5wD8Doh88v4Y70FbWLaWm5Dcd3JDghJRMW21h6k5Ysb3dROqUuRsctt1acJz6QJ4xErfTKZxk0g9Iue-yE7DqFFFcWqUu5Z90Namtm-wEPDTPT4DVSkuBiMGGSob460sQILvhmlSkrsLVHzNRmo6RK65NgNIIwxkN3xYP5y60wwlICjMetUWMq0eTZmKeBDMBfG750S29L8lIRGKk8CXgXGNJwhF_p_N58RTwurSBG07xYCo2t8DQUidQo395KaSbedLSF339dvvTzdrKfoqc4FmdPgGVQizJQ2i9GMhSR2Ls1_K-nkqgMIOAyhghggr5defoCWFLC9fJdiUuQNTESKweJazyEuBOXM2DVTiQntXPbK56VM7AQ0-2EOLEtINHM5TATWge9pLIBr1NWpVWtuDAKTaAe80csmmG3WR91-Gmpu5TEMHY_SXJCi-ZxgecCvdGG6uJs6ftKFbNszbTwB4xIRZ2kd3i8ksL2wjD640OKe_edhOly5j-2OxE4ckC2XSRO3A2X9PPxQl1qT2hk-roHFKCCFafxUDctlSqzH69VBUwIVn_CMO9tPHSixwTxMgMZBvtB7bCrJ_OTa6en0vTf1MvUmWDM7_xaPtudze2kSN7Yqc4g3cdKz9FGUNaIXCtWupFzmg4_kCdUp7u6zhdBvAs573GiFIULN1hRe5sth3jDAbexIFChO7J3wO6geHe2imOdKzqqvqEX4dSKMpkva0rG7wvTTGL8eRHApt8MZlRaLh9m3W6BArqZAcAWQUIQLoSfYEjeGGJHe7TR-1p4asKH4Rt2zzb7-_lyDJcxWL6HexJ_92GDcLRG7Hmbp8NeSDNQqmLTdUW069h_XIdec-PHL0iIh63m_VyGHnidDCbc2eU-iWdQBgcYzNisiHgRWkyQGp0jzmtVPYXgdWvflTpK1Z56iLUS5DCPhyxlMYxNFULMRm4KoFqp6P6PMhUjyGsKdRUNFyvMNw4v4xNEKTNCAvjGkIiquZO-t0w9tIeLsVFvGFybOLjVcxyNH7l_QGLUM0FuCOjjXBsH5oATSQYDM-E6PC9fVGEwvKPEhqaK4g50OHSx8b6z1r1cinQ01qRCZojgj0Kjz6ZJR2z0-7M6nbBbvQsr0pPsfDnw9tHJ8zROL_g8e2Z0I8AKYS_UzTewMU4TBXQeo4jUfkcdkDFalds7Z6ADyHUwbdhC5MF8xaGRA4EOdtmCIibC9xmZAIcgM0k7fsxIDi2x1f3340c5zli1_qpWulAxk5bb61l8DyQ1US08DAz07--WrzxxgGjWaloTigm2yupHbg6g5Fen4ivNb9tRNscGKztGgCdacJSCa3GnWagmo9TKGIp7mKEiXkj8np1gBnQ0fVal9_qFXXiAtiS9VyknuuerhQ2UReGY5LZyXarBcVVKZbbNb0arZ6_ymzvu7Sb7JzGRLmisMQnKDpTkny4lhVBKqv1Y8tOlfbyE3rwLeQ9PX-mrk7mhb1iZmCogCuZx6H9aPGMwuIHLEGRrFPkZ2ItPEjfQIv7NCDT3JBQJN6lOCnM8xpmbURYWCVptOdTR7dgx3KIu_ZK3LaRW1eXRCprZZbE7f5F0PIwf0_zudYybM_cOELAcs4exdXnlIQg3d9RSnS0D1zilOPaiBGD9xpSOCW2Y9PzbmMMnzZQ8NWk606bkDIkx31ZzllNYDO_e3CX9gZ9935ekQ4E6XNn2qk20XAcI_u8C_i2vsej91I9JTnhFsHdGjv_Gvc1SRg7EM8mmL8d1j7v06XUrNyCzYt8Tjt_emUX5As2uKqN-r9YVZ8PbdUySt1qaMuYcL0Q5IitQIzQ03KsqfhKhb0xDbWKTBvpBbKXZ9inE1yL2ZhdKDyfBAEBcHUV3JYNcpztOwElYDC9f_tZay5LiarNCUN-VR2E92R-gx91POl2-w8ZSP62c1nYTFotOMevEVTLdyF1Fpo8DRuE2a4Ho-CGYzG8Gr8GEngaCRay4rriO_5_EyHLRQYJFKOquEMmHADKp_cluPkCvaR8A-ksSUxUq_IVVGLI61cNwaYY7kx84ISdQ0TnulRR3hlN8WOJMgygdOomrOgMcdN2vJhzgqS1DI2i5wMwqENzgPRA-Vqol12VKR6SqLIk3zex8rQ-UUoC5YsfeChHdlgayAIrh5ddQnsaUXDwuKbskCvgN2_dXQs3nZMsRTbzNnCTRNslCzkkGlPUbUhAz1xTCwOd75a2pmQ7EDKdm8aUG2weXxt3pTO4zVa9o1iMLiLlA80RX9sgljgVrsirXhphtDc0WwaGYMLvTu_wVYb2Su-BAXAyQ9KLg8XmBtQyYQ5AoIXiZ5zFDpcfZ_gt-gBzm3ahTu5EI7apkc5TMDc3UNpzPdq997b0Abs5SQH74CPhn8ueSmgZ6SE124IEMqjWpmcZ_FKvx4Aa03jjxo60m5TkVKeBjsOUke77QUGelnXHep6KfKOUm-0BColOkHzwxMHOml7_qeOqEpZ7KCE0-j0NA0hSawMDDOGalBTeL1ZBE6XfYYjn6Um5x6sqNqECrFGkirzBXe0FBq1xAtRU0y8buOEuw-EkIohJpB0EtbBZqTGpUSaA64gLONIbu4YhX5BDQDJhGbe-q42zHYH3yEgNFEnI8qMmN69pG8ONY8t34VZfHpm-VPqSDCK8R-FLZmmB2ax6iOBSiG3XN6ATC8dKYgnavJj6hJsDBZs4W_yX_Z717cA3SVzo-OkmzmtOEIu9iV1WzQIvRIqUq2I57MIVqxw2YwG6dquC6y_hf-BljRAl28-UCElgDCT_9gg-WpjzWzWt7yAqAFok3-GKIYMKq-Xz5ObmyXJTBV05gT76XbjE78zK5v857EOGgiGy5WEzJkAbJI_vmXDfgMWriOEv41rhQQ5nuM9fR43uDck3rry3X7TNcPh0wwhQJ-hMib3GadfImA7EgR0rZRnAa6FUMWBk0PBm63W9sWlHYqO1eU5yGEJmfQ8XkrCvBtVluQY78wecoa8Np7S5TOtWcL15ZwS2SSQYCON6Dj4f4ketkYpTqjDKeI7d3XV9swb95D7D698s1Unzcg2PD_8-gLfQ7y0IRjNTT_9HqoRXw2pQJ4M1P2S8Oakgj7qLZcQd_IEPKfDLccfP3Jn3T9Ibm1DNSTtvBtX1Ca77SEaGrYtvcTDIGZ5iAXrFbR7ESKUu97ktBTQflR0P-riL68vLRcHLL9tLAe_p_JbmppW0WiMlTmReKSZ0-jgFbFUSz1AOB6whyhTIc-CqNyf_LxgP0soZL8mD-1kN6KNXtkIAB-S3RoeRLz7ZxQ7yMfvXA5_gKSb0k0ASLQdOK3wuIi3Kb4tO1deGPkVaWz2HLIMhp_5lCAtu5dR-u9MIhqQWHNispcuPIRqBXgdrup9D0AxfcWk3TZ5c9tZD40sF_44VfshZg5Tk7bB2Gxj-MDvXdMY2nIGbqkVmB1pwSV7Jh-8Iq8Lq3MNFKaDXwiLQz1xr-V_Kfu9BHjC1CgSFz0R40SQCQDb8JiqmSf6DX8CZKw6zZu7Z7Qbc6oSmthCqkqVHdzwz0WpBorbubRtNR-OfrRwKGAZdXnqmATkG2u-0qh2LIH9Wqn1ywsZD6KFpe5JTnvFVIbPYFTMpVfJVciWNV0OmcYbZqSu&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=3521504422493596700&adk=250412560&idt=208&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:25:04 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E7E2 41 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-Yev28Yl4S5Wd52yt3OJdgy72EfZ_dOx6akZOGc7ejTm35ASgNUky_6veXZBhRwWqqls6jYTRipCqCsmnhi6hXMxfIrAt7Ax_OfDR4RNefKA9M4HRV0103bhLO_HNkfQY8dwvYRc5MGuUHDINwt1wxVdO3e7fPVHOPF5TTtA5pG171As&cry=1&dbm_d=AKAmf-DEf94v-i-GIugyKEkpiBW4cR0Cl4FJZTnFym3op9DaSpzPdakPH5IZ-SSGnSMEsnHCpRZta_IoiGfMPY5XlYkt2OP-KXcGRVQoCXJIsl-t1DxuJB37wG46-Ead_NDMF2qKgjY1QSyWhoNnkAXO-qAp9VCA9l3-m--JTIWS7CBvup_0fC9S5Iqac3NkwuI-9NdHtSQJ0SCpJLsExvBU_f3XR03crdk5k24UPTVmZo9Sf0w53TTkIlsiq_8sxUSdM_cXAa8w0_a3e194fD-0bovWFX29G5C_1KGfvOM-QhHGg0ZMYYMdsrg9lXVgfbX0vBiJdmfkPsysr3nNZQNxShUHNgxJX_HOpom2X2L1NW3hz_EzXw-Vt-j--B5mpy62fidBVT2xSRZZ7ArJ00aQFL-cJFJDjf4PQggdvBmNiuazYJLY31AkZFwpKymgc5ud7iUa2jRBBm8ZG9WsCQU-VfnwQMB8wNCJYEGCgZYkhTUOgtQrPNnlSdS6XeUb1g3thqSh4lGpMac_obxVKPS2n9NkxhHsktayR9JSfxtLRe53Po6xybbssrIKN7kzwlGeYA9s1vWNf43-LU5MKpEN9vf74vtTeEJmXJVRHoOSyJGqs6-Q69DGkXM62Dj-0WrATWju8867mpCRaXZGdTIE4_-S-esu6_eEY6dP_bJj__u6sw_gzfX1TWEjJ-RNfEv5PFkLDIZ4ns-EaBi3lcPtH1OgaIlvjxVmZcE7UEfCIEaFoil1Zz-eXbVQ296zZcOAbsmsoIJMUF5kjwovhianpHSY5l6cyhFkfjxDjcFYjcsGJ6IBBE-rlAxgwwFoUU2Hc3HW9mq5nDU2L6b3ZE7Nh9g17qXj7DK5THfHm5w0uf3GXDwR_fgzQpBcsloCYkIiavGf2FUwG8fwZKaygCQN2OtTXJWXaMBPotUjtl604UDlKMx8zj6JNmQXqJfbqlfh-5CoDndo75X8c_ujZBtCpETDD5u-WiEDlsNG5jTXSGZtP0xLDG9IINlk-SahXfH0TtqpnI0mF5wtfhw5wSuRra3N6gGVxkE-kuxUO-Ht9BsD-MlO2No3fyrlsg2WBs3a-8M7t8GeC5Pts00Fbu2sPO-o-LCqem-ICY_JJrrC_zpkDWRqOPuzbtQ7rdB7wmFjY_yPOVfJEeAytVqduS_bVZ6t-PIegyxWRy66rtyPtcQfHe5QKkqcn2IVmo9rYMALAOC7IBcJ649QtpO1L_jREBloiRbC_Smld5h5maUe2LsDLyPX01hZ99yz9G4CjEGdAQzQZ7AsyEZzMVkn0DewGTnVVbX593RhwNRrjO5DpxfT3s_Yf7ZTl2jv_W833DO12LS6qY7fCSeHI5B5ZWaRHSy_Gg5p9DhplROFbxXIwm8zLNLI0Ip9qJg4itxPyh4EEB2lLEGnFmh85FQkjUPmG-Bd9nm_ot3MjZSgusn1UUNjJGbWDeeFHpbM5lkPfRuZ1e5Nnuc-hrB3gEekNFrJTCgr7kRuW3KlDZRc-Gq_5LuZtN2kBHiXwoyk4CuLqrIPyDkbB3w5Boz0TRWc77i0NwPlZyNy5qOaQ_OIb3PqJ2vOKcACwCiTUtXj1zC_kRvZjHbIfFadyeon247GcNLRVXKDuWyRhGR4yg3TzN3C3ehxUiau4T8sTUav1t5U7pA7UwUMQfmHYlI19HWT3IjRJA67IV-WgqaClWEOiHxDFeCPByBWxRqtDBRaYCKOnPOvZH3KFqQ-bQz4PghAKzNfWQlTg5uLYy84QKLKkCYWvATsROeAD3ffSuMeObntgtcSvzfAhC5azUsDTjRq2qpw5XG55mvSh262s3r3VOboKJ7x1RhPP40-GD-cDgtIEQ_0cjIwcUnTZZ6kND7564m332UuVwfdhiHsHNICOy-vNwRBybQa3zhRnpmSAznA_QYqeupRbJ6BVIo97aaQaVyb_utT35K0UK4AcwEfoHv9pgrmerAaL7JT6VY9QOYcbQIDPqUpL-SHeGBus6WTHP4-jll02tbuY1MhXdpqF0mqP3T8Ui-vjAe9oWBURd8owYfcUx_V6zaSFfWMstEQED8vk1Nq3Op1o81LwSSTmCMtmOTVzica5MQa0ehRM5potkzq7BQCxCHC42sR6UeIacjFhJAh2uEnnRYVIFbfbzzoE3s9y5CGWKia9VJXZZa-QFbMIzLsZ3k6MpYUo6Hm0NDgW4pio2txaIK0SnEjZafLqjU6ZL9CaJhAJTCcMzkV6Aapw_djusOG1UI_V-3eVzwykjMo9vugPsMa8akUigAuRa78FEU-AOCdnZc41Yao8Kbe6rAuJZRW3vsE19f0Rz-7EhWmsUO50Pc9aIlFZzzul6q5DF7FG4S1t9bSJBqXQliDNz8YTDf1_wm-Z-1uEsqmrK0pZfXwbpBMXv0WpQ6JTUBGaOJVQ32dMFIckj2cjCHvZolEKbPFSt5D7fx5tQrgnQ16FdCMP2GzZBzG9o1MHUCugzRZRTBFNVZcoz9eKoaI4kbMDLuduamh_6vE1zWXrKRRNq-bIP_NwX5dlXOylpq7Wyv_chHqjjf8-PifcepTiPW2FjVF_lnN7hTtNNlqNIM3DLBHMSgNdN7qn9dTz6ICv87qz3ppjb4w9heIEh5-nhBRj4MyNmfmsMsDsigyebPubnda95HrABE-9QNxTtQmJTY_1_Rcvt1FiParHtFK_1HiyGBTictcZK2yugTUwY6Hr6UlP7MHj4xavdY9QO__R91W7z5UAKVnUIRTGHUbgQ9jna5hDsUyaLhG7L2JKHy6ER4e04cvQlIAFRv7rz56IFSbuP_R9ZvqaHSsk0GcRKHV6hujUD8KXuzbLAEvfZLsXX8cu24f9GwuybDnH2P72oW5labgnMRxBKvo4liQOzXtChZLK6J3oiJUz3tejmv1VPIGFeoS84in_DkFwnJlMMZpDvcSJO8RS5CnlKpYxKEuBt5dtCsYu6Ity6InBES3OMusmPDQoCa_L3JaKfaUJ1ld33ykDnpCmLm4igiZlyzuxECIY0F4EZqdW4fhY9cESamfPA0QRRUbzz8cpQ1ILxukpNQx5PKhDuqTRJ6mE-Y2dZGUgzWPV4OPyIvE_fRaOsXN0QXeCD3ro_SVyau-ynxE-9-czGP4lpk86JPQhTnExzzpwbZlNU_wgFjvN86Rh_de8YUw8-sBqBpcCbRmziYBTvverjHHlUfjLK_uxTovuborMQtSPmPhfo1GN2n2mQ3qSUukaBNIzZVU1fsST6ysxneiibga1ho_ROIzeIZgeGix_sQumsX_JElU6Pu__2ZPfgAOyXs_j4EsYo_kQ4CUgrinjR4iXz6XMKcj8-YhLEtPbulcjtCngqncCBIPulsX21cwIxkyYZi1HOAn56Z67q6s-tDhRg3t_9SrUaGuiAN9_chqzv7qTiGt1co0cXj9oNyw0Br0HDqOoOopdnF2zHqdvOOwLWMaZhxMH0LOJrT5ARhUlyzUNIfekNpBaf7_Pkd_5cqGLbTrkGemi9hDYmtruIbz4PCVYbNSHmn-fKvmT1dHjzlbeRkHG_rQXOHhnBEZGEoanP9yIlERa8CStFdEcnf2qtOVah0QTVZ-5Nf97lyLEKkctROZPUWjThVV0MHaxnKp5ceyP7GhtPHr9VU9Q_l1gKQiCXa0wg9FiDdRq-L1fIiiMP9QnQWSPPXNcM2N_4knnOeUdLEsvxbLyT1B3_zwqFsBdfiszHwoIvW7BpRb_QZYdaPKFmH-bbm8U9zqWttiud57e2FxboS5M9QwbH2olv9WzUutGhFF6dSBxkmEce5OtGz6ST-leVytdUt9VaWnnCdt5B7MGVTBXJsWCqDjQZoLer55P8sLtQC6QqzACViKv5FSzvQHLeXMXRjAQtBI8woMBBRt77CFJ7NleZpDNPvH3QEOSTWhlzwm&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=841462217446813000&adk=2086295851&idt=212&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:25:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88813
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:25:04 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame A557 12 KB
4 KB 60ms
18ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1692331516052873&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCy-om_O3eZImdA5SJ1PIPwP6UgAOm5b2gaa2VnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOgBT9C_XoYu7G-bGCbZeuMXgFpiic-KM_8uSigsQ6ehuNM3FlwaRqDcXB762WlyR40SpqVeCkLLII59-KIh87sUrI2orJOrOClbwo11FLh-oBkZwkai50LPzfZ6C5rMBIV59aTkE_4Q1cVGgo3GtBNSxyodV_PH9Glr1tFQL5HJtVMYKB3-km18owC8Fl6Kz_mykt2uhP5eJqfDf56w4m3Y61GwddY2easx8tBmrosXmd1FvD_z39qcGz8y5G3gG-7-r5B_0j23x0PF809JAhsmOVXGKue7LOfwlLhl1weU4MXr2WFA8ypnm8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIiYvtlqrlgAMVlARVCB1APwUwEAEYASAAEgL3q_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_1bmYJCH99QapHqXe6-F-MX-V37Fg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AMx8RdeaYG5Df1jiPguNuq2JWzXZWlv5Fgq-All6tm50T42-CXOO85MBTK95TJGgLhy05KeuPR21DjPO_Rx-O24D5PzJNYaf_H6D4rFFbPBaiKSA9xj1obM5dK_EdgCn9NM5ihQmomMVIn00I1Hw1Mx053C-DIdIaBVzcMF0jovuYpvOs%26cry%3D1%26dbm_d%3DAKAmf-DuE7z12jJIZXqyXqxOoTVCCa0Ihq2aIZG2hKTvVVhk3-LP9MXfvYvWYHthZYBbHEJKg0BpgVlys_c2wFsnDDdP3Rp6XhpBuCRGVjoAQcqwM3U6luhJxd2wrwqIwUkf0lTVJFepN2AqjfMYoOFGinWsCViAtw2KzND6zUYOwoUvFuI4_McJrXgS4LX8zOeHDuZPQxcoA1HH3ClzETd576Y_Gnrb6fMdFN818XQ-2SpDw161JE65kC3l1Mk7uf9O7ZJZjFZ7-bFUkIdYhFqNqmdcNqeFFlDmLzvZhuxMIl6324DwOYX4C66U-0byH_laVaB5gxovvd1aX7pEgkJ4deCw7VNqJ3DU7IM3z8TsG6CyhNUfR8LcEeur0kSdkWwbRXDpkxIV4eX8zTkdGed3SSEkIpdvg996zqrvag8svGH_RRY5BZ__k5SU3-gugkSJygSDq9FSNQIXaq1ZXb4e2Xvh3DjH7iw4Kabi8-5xhfatH-W9g6H7aOjaNOm_K81bPCZQF_Ro0NMHRbEI4j-aJUZtjqEmVy1F7wg0qefcsaq9377sIjFEN0zPR-ZqO2vkTAhx7oJiM5FHF9rOs86plmza7nVxiv2_vEwd_S2x0g7SbO97yJa842DYWZJs9ifladuQO8YM%26adurl%3D
Requested by: Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4379a58fae27fa220743ee7deaae24348756e9533f33b5f68b65b078bc004d11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 04:05:17 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4251
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK e95xao572jml Show response
hal9000.redintelligence.net/zone/ Frame 7688 12 KB
4 KB 56ms
19ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/e95xao572jml?subid=&gdpr=&gdpr_consent=&rnd=1692331516052870&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbmdj_O3eZIadA5SJ1PIPwP6UgAOm5b2gaeWYnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOUBT9DnH5nodRcF0KismTZQFOLQDy55t5nk2fgmLT-diqaIGuKw-mTvYLK98iC8ewzQkiiWFzbbyNZx53LFvTRh6ORqW35wc1RIpMC9gOaqZKKw4zy6jQ2lTZ_1JlMh0vGXWdtN-TLtBASqDRyiWSsH2NlcQwPlXW2rngOZJ1DhEXXN2E2TCVE8hJFfLEZ24ozA-SOIvmSk7roDr75iDKAwGJvL9PCciLZps1CuPcOJtQbcwnpj6gJknSp7ODQWLafcI80dxkw_qyM5hyrILxf8gfJBNahk86WwdiVktSAztVHxdO_Js8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhovtlqrlgAMVlARVCB1APwUwEAEYASAAEgLjufD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_17qbb8uRqX7DIe7lS5g_xlTdkZpg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Aq7pu4YxTjOvQLb8OIB7SRcVUNgKJSdctZY3Yyb6oDBULLAJYqwdP9jBtPfZUWv11fUAJ7sVtO3VES2K5y2xIjVe-VwTqkYQRuiOAZL75rM0TnWeCw6wIIqWAXflCKse-vxdK6f3LAUMr7sINCX8Ksk1Jd8UpssX4xTXY66vk1pdJGUrA%26cry%3D1%26dbm_d%3DAKAmf-BbXNbLureQoYXcho0a5ZvRBzIzerjuS7HLNGStOKmahBcT1OEmP1JObFErH1jymH2i_PdyLiQ8CKNuFuWxeEdfNVx-h8CtBo1AjyavAkJlTO38FqXd71Rwdob7kX8tdmQVFM8FaqdX5Je0w14wYYPchm-Qvx5RfR8Gf7BLKS61XMfIx-6oJHZmxMhuXgFEkKYIerAUTU3aZHA0_TXcE6zm1gFQdsHOiR7D9aAxuP5DyOxqn95q-Dr7cGK_u_e25VWrXE1yurQqqF3gPyWNCUIKw6cXXQe6qwISecyDL_ffKLurHO0N-oVaPDmD9EejSkCknEhmYLKVB_y8O_0KvSXoxJSqxA4B1STJieRsQx4FeVNxo8-phzL7I9VvEQVzhh3Ix2pURNCaA8pnKrFQDOh046KRSPwC9d_j7kjZqb4RYUQ2kJpcIKoh9v3CJlv7g40a5ot_56RCPYfEKTvnQ1MChxcIdys1rpFm2BuhHPzzTakdgHzQ2eRWPl5O7axq82GfD1FleinvEjZQ2HBX9KHjiEx6Llb2wdHP5e4Lmh3nDdN-kNLlZ7WmK9uOdIyL5pD0DbcXzQt7UqM450YfBLbvLHMlmwZeRBA8VAh7eWzJFeBWvWxqWhTpvzKARO7UpKuaJ_Vj%26adurl%3D
Requested by: Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 022a5e7f09721e9daeb038d0573f46a3acafdfd8dc6109904ecdf450f85d9547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 04:05:17 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4246
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame E7E2 12 KB
4 KB 55ms
18ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1692331516052875&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYE-E_O3eZIudA5SJ1PIPwP6UgAOm5b2gaYWVnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOQBT9DhEaT1R6FsDXHuQ2KxuQJT5rNm3XGkOekCKzalccv6jOled8rAGHGWv1P3p5thpKe5M2A2Y71sMUmOFttANbR1QYwBKZDPI8aUxHNEB5Eo31Hmph_TwX_ox3AqusWI94varDIeNYhmNYUXrzwX-nJXPW-Ovltj7M9jdlJvtmHWNgDvsYewuOlODWYAJEgOjknnIw5JpJziIcCOn6Dom-jmZTZXkFu9uDBZIvhRQSGhR-A_UrTWip8C60Y3yA0Kdx9D8Wac5sFaOisVr82fz9-CvHLUFaHLHBJ6sExXH-5IsE3SwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIi4vtlqrlgAMVlARVCB1APwUwEAEYASAAEgJnr_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_2a98sG_hTWzjta2FmmKuM1p-3Q6A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AmZnStis0gaHGBwByDciZMPFFZDWO-bTdDSrWSMyNC6hAf21o6VAqKR8tVnlMcQhyGyUMp6NG0ua7mRUyWp085lKM_1vP5kDPQCy76tzC9JhiZLEfGmisQGC-4CMfrGW5Xv-ua-Vhlh3emo0q9tKWYC3xkRHTZF8vjjC-3dvXd74nH7KI%26cry%3D1%26dbm_d%3DAKAmf-COUWCmL0yq-0F85Gq98kYgnHQ4I-mfKxA9FkKwK6JFhkt5IUV54aVrtWrM1DrYAUNLWtBxrEmhp0ToC2YpdHaYBtS6KaR8APpMYgUl1Zou77qxwmrNhI6SNEDYPDJ4uI5q9aj1ce7MaZ2DQc24ObBlyyZ_obowSD5GWI0D5kVSG-EI8NRxGAIu7qx3eAW5plVQC52NCYEMn5PV37T_d96CSWCjz-IB9ZuPivoyGQIeDF0CQBY8WrBk4hYAd8RNVs3xNsHnrMlZjy8cP0nAPTC4OF2ChFuDpRUpzyokVqwvTf72FOPXcin321GIBN88FLv3tOVvm4xPWFhZ74VA7JQUSmKhEvrdUvyfeCQiLukBYXVMUGr0OFb5ozvEZEiY6RNGYbAMtVf4nX7XY4htGzyXf3tTwfG97RWw7ir4X9_w_GZ48Rev_UnUQYWrbehTBJ3wGGav2wfRbcFBaGSWpThvVlzE6SpjaTSDTDy4WOmvKz5lLdN-HJ4TcLC0DbZbwLuNY-KHpk0iTn9I6oaEZixFXSrTxSHzRn7SfXc1OtCpd0zItx253tInHOH-nCpvjN895rFVhT4FPXaX6tO-oZLpDWYcxsVSnSgOpuvMTiLLZIs7KYqNPVc_iM27OCvcMjWYo8Cs%26adurl%3D
Requested by: Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 23a31e5de65c32f33a5fc62d890de75b4793686fd883696dcb0da15ebd456131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 04:05:17 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4246
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6493879008008578228/ Frame 9571 28 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dd0461220c3fe1a0946011521aa8e2160e59b4248f069b31552e15943c5478c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 61219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5393
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 11:04:58 GMT
expires: Fri, 16 Aug 2024 11:04:58 GMT
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7073955107534177015/ Frame 05EC 27 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ff4dc66fd6532e1fad835ddd8dd2d5bd85bf16c8446917b35cba94f9ba3fdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 60944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5302
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 11:09:33 GMT
expires: Fri, 16 Aug 2024 11:09:33 GMT
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B15F 0
0 55ms
53ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvs7dpK5Vhv0lh5zTjK7ZZJ6i3fTZPlAhIujevi3E4g5yvFL3mirewWIS4ExgRib46YGW-LNDI_S00grodY6JAMA81KBL2QN8IhRM4KO-SGWXgh-ciYH3V4JLn60i4CX1nPeet7p2C1vVvm_3sb49kOE_Y8O2yg-cLQorp5kw49FpEWVuKY06t7o6r38kb_XlLoPzF_UzZCt59Q9V2jY9KT1w7mUkfuUDB5uKSzpkW_5Zs7MXxLI8Bise6nPAAfvffn3qQ_kuEiCODon1dFt3VLOmOasl_wHKagu4nhzTqzxbIIV2LVYe0I_q3TkihB-EaYItwSOy6PJ5GXv4_auknuiOxEnfxAEsuLTrQb1oEHtk37Ts6tf7OOalt6ZEyxDcY4-jvn86paQIUbsMMSILMzAQnVie6rPZBEnbYiAT1IuHAJ2cwoZtAzdY2M2gR2jJfoX9eKdw6BjL4tJ1-XTje_lpTUpudCCSSvW9NGnAl_a5SFyFSX9KhNsWAcfR3DW2YTCsChf91_3avn918ysWlZGfVud_GdLI5QZEwXuY8x2cayKvVNLjxQBvg0TwXgfILqB-CtI6HQmJ7FJWOlMACt30a72otB9qBxX0w--a8lpCpYgUY1hzUW74SZNOaVlzIO5Tek4N4rB5NgM1GugDLZzc645epFvi1KyCnH09ppIj45u2wJ1-tPxU2p4akK1oXqk2xGa_sRm7O3KB3i4oiIEkfqT9NzTIqz4QLkG4IykptWOmUx8GAdD3YOUei_z7bgfL936Zo1PcJ4PTizhrlA3K4yoGRim7TwZlvS1DKpaVVcnAjj3ShDJHO4vPA86CmidsgPVi5u0qkK3WFW6T5R2gRXbHjyhqVuoMHbvHvxAK4fInKu0hcbseeAJBM3Htvg70GG2OvQ6EwHotCHjljDGwQg3fukNlkqzvEnAPRgunwYYHF8f3E2UuvfyG29ixI86_3Fmnf4D3eqeekInregpxThXKojE6iJWXt7N6eFytTQjY7n4ktM3UBn6SqSgAwf_xW43RRhhYLWOdk7ueIm9aaoGHCGOYaYEBp0-Sxk-UZFma6Z1HUguTJBo7y5PHOxf8_l32fvC4fRKuC137E7Pfom4F4Mv4kbmjjJqIhgDKaCsXfOVl2WabayML76Xie_zUoxtLZChMDd5reTNDvpQXUv5HGDnpqyrP5-IPF-eUD5HI0qHFqlez_d0rF9iXQZz-F36hjbKZCZ_vi3-UV1DH8uGzOBhu5C72XnieBSZLhDhZpt-arZZb4PHg&sai=AMfl-YQvvwaYRuC_qqW87R6DPYyE4v2_KOxMZBXyCDBIY_2ZO232P7sAQbj13eaKM66y_5AG3qAaLF0yz_0pcMXeYqg0haMCJUgZ1Ji272gSncWpgVZKHHrqOS6sf3N1HEuH-uxfTk7dCzuJO82wYx7DIGnaiJbFYBS3ego2tYHj0DqB3HygDAH6-mW_1xew2v0XZ0_DUtNgbEhSwy7kGJN7OwmzWXxAFN2U_z_Kt6Q61c-rGbZq-opPUn5LFUMsRFRwuP-CxMTwCmWOyuL8ZpghilN4yBsUzWlTcK9R5QCyqjVWXcQqcUy8RlsBO38&sig=Cg0ArKJSzJagYxVXC-TpEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=139&cbvp=1&cstd=138&cisv=r20230816.79021&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:17 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12691273737138261013/ Frame 5620 28 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e68ab091dcaac5da2cf84298622805b8a9a002137b779a0416c8358ceaded22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 61452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5415
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 11:01:05 GMT
expires: Fri, 16 Aug 2024 11:01:05 GMT
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E8F3 0
0 54ms
54ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpDGeD5zoprZ_sY7Byq2xeGayvU0uFoRbG-BCgOxs6VYn9XktmSe-Z5YpFyB2LO7moqvAiAiTGEJI_6v0Rgyz-zcJyq7m5x5N_QXhtd5PeHYcZn6tiWpRRerbBF93t5gMgezMmRcPN7am78aScT-2gtciRuYdWu2QREaQvHLor35xaRSjPPQrNcx8k6Ck7PLlahjJMg-n7hxBbZ_fDoF1zYMsqingAp3vLuuf8-2cVPPVcaZkI-RS4mgiOMU3StxAN6592wgO45VrAdpyeZP90HlhOwN2loFxC04GpK1DqERi-NXhlJ5DY_0CZ0VDiB_aa1N9Gsoe1oZdlisypmAh4w9mRkfCTizVNVeK4gfHrr7J6FTI7c9c-yQVjtPSZWhFrFsHfv0LZFHSke45edlmFt0x4JqhbAV7EPTym9fQEuPis4in0mKCWZ1EVCLrwmrhLlPbsZ0RC-6UPTIWg2AGnGPjf10MEVA5Tjg8fe02_hOMNVv3xd_v__PyR7d7tYgG8T4sCW-fyxO025ajACvicbFZLPVpuRsrm79jZ5NT5TRwZR4hTi8FRei7GS3iqebx86Gs78HEC9KYVUPLAzJIoX3c7l7pCgqpGd0R_4W-Po_7EhB7aVULE-fxtXz4-1JyMkUTSD4Rw4BSBtRHtvevsmcm6GMO4Tg8fDDhNCCeVvqmskBYtY4zTWdjD_zln_-omRsj2FT4F7HgxLai2K0g0hFRexaUoiAqSUxxVCshj4XTGSw9o0gTD-ATCUST410pIFAFSzPxF8_MpOqCeZlaH6_7BIpdK3dxRczIMD1FJGKsytG24mQFlBFPECXQnDsEGWNPguJA-l6xCwchEUoYuci2B8_uOjqAVTiIYFTGlsLcfMuLZaSuKeFN7TeberZ8BRMiH9TgzP_q5KVNByOEPmGAxqO0REpswKvu5qUOvC3Ksohi0nb6y3pXGME_KAzzth_MzgDgv5C2C35e9r58R8tvjPm6cREgaXmYuAnRmZ2tNntvC7E6S5okGzup8Hc4GTrTCw7DX42XMaRLiL9XKRk_QVlhcht0nu67q3LYIj0J3IA0yWz6TsiCTuRIDFoQAGNtrGWn-fGU_it7Z4EUm0kG60CMYktvz6oh4eIOH7_6R4hgHTKHPQihsJm9_RliTpMhzl5c0AgumUR3SYvVpzJcughx-TJ6EMCouvT9zZL8CqCPRO7kANdHSGiSiAN2ZO_wlDxIl1cK_LZQ23T0dqDN_9tVXtuC3xlE3Qz5SuZmjR4WRQKIFi7LaMkkd6Q&sai=AMfl-YRwY0ocGpmqPRlueK9AyM-PybnGK9eT7RYL6ajuJkiq9G8IIJEOPuLYk8juccnPKByCEPzDz5hbt1sJAiUALTafKAZlhwbI6aQqHllf3HYsuR0oluGQ2EVzAPncUxKtxayLUgx8U24E5rORRYLtTbh4TYPprdof1dpuF9-h9dMDOoJKQvj9C2l6jgibzC2r8qHvQda7il7JplfBNhxyQ37ZBfdRL-5DeKQplx26vS4xnpr_cD0LJdIxhocHOhqx5T3eRWPVg4P_7HIPYDoMG0VTdAfVaBk6NU6K2RwHmBid4XZ1sQlHk4jumDw&sig=Cg0ArKJSzMfyG0M33ztZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=150&cisv=r20230816.08737&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 18 Aug 2023 04:05:17 GMT

GET
H3 200 cc6b3873eb176a8a951ef41188915745.js Show response
s0.2mdn.net/sadbundle/7073955107534177015/ Frame 1B8F 131 KB
37 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6c6dd40aae49f4a05c22b99e451d3230f78086a1a65d05e243f10e13942275f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38112
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 cc6b3873eb176a8a951ef41188915745.js Show response
s0.2mdn.net/sadbundle/6493879008008578228/ Frame 9571 131 KB
37 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/cc6b3873eb176a8a951ef41188915745.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6c6dd40aae49f4a05c22b99e451d3230f78086a1a65d05e243f10e13942275f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38112
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:58 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 04D1 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 280037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 22:18:00 GMT
expires: Tue, 13 Aug 2024 22:18:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 67EA 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 280037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 22:18:00 GMT
expires: Tue, 13 Aug 2024 22:18:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc6b3873eb176a8a951ef41188915745.js Show response
s0.2mdn.net/sadbundle/7073955107534177015/ Frame 05EC 131 KB
37 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6c6dd40aae49f4a05c22b99e451d3230f78086a1a65d05e243f10e13942275f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38112
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4ADA 22 KB
8 KB 10ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 280037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 22:18:00 GMT
expires: Tue, 13 Aug 2024 22:18:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A3B2 22 KB
8 KB 10ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 280037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 22:18:00 GMT
expires: Tue, 13 Aug 2024 22:18:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 190740797d80b1049e624ef11d8e67ae.js Show response
s0.2mdn.net/sadbundle/12691273737138261013/ Frame 5620 131 KB
37 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/190740797d80b1049e624ef11d8e67ae.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b78f9af2b63768474e2dff1a73b9ad3a7a31b158cc7395afc55f86725e75a150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38114
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame AB5F 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 03:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 03:37:44 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6938 22 KB
8 KB 9ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 280037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 22:18:00 GMT
expires: Tue, 13 Aug 2024 22:18:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C19C 22 KB
8 KB 9ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 280037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Aug 2023 22:18:00 GMT
expires: Tue, 13 Aug 2024 22:18:00 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900024.redintelligence.net/ Frame A557
Redirect Chain

https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95a918b35e&subid=&uid=4de14914390e3d84&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95a918b35e&subid=&uid=4de14914390e3d84&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

161ms
126ms

Script
application/x-javascript

138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95a918b35e&subid=&uid=4de14914390e3d84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCy-om_O3eZImdA5SJ1PIPwP6UgAOm5b2gaa2VnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOgBT9C_XoYu7G-bGCbZeuMXgFpiic-KM_8uSigsQ6ehuNM3FlwaRqDcXB762WlyR40SpqVeCkLLII59-KIh87sUrI2orJOrOClbwo11FLh-oBkZwkai50LPzfZ6C5rMBIV59aTkE_4Q1cVGgo3GtBNSxyodV_PH9Glr1tFQL5HJtVMYKB3-km18owC8Fl6Kz_mykt2uhP5eJqfDf56w4m3Y61GwddY2easx8tBmrosXmd1FvD_z39qcGz8y5G3gG-7-r5B_0j23x0PF809JAhsmOVXGKue7LOfwlLhl1weU4MXr2WFA8ypnm8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIiYvtlqrlgAMVlARVCB1APwUwEAEYASAAEgL3q_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_1bmYJCH99QapHqXe6-F-MX-V37Fg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AMx8RdeaYG5Df1jiPguNuq2JWzXZWlv5Fgq-All6tm50T42-CXOO85MBTK95TJGgLhy05KeuPR21DjPO_Rx-O24D5PzJNYaf_H6D4rFFbPBaiKSA9xj1obM5dK_EdgCn9NM5ihQmomMVIn00I1Hw1Mx053C-DIdIaBVzcMF0jovuYpvOs%26cry%3D1%26dbm_d%3DAKAmf-DuE7z12jJIZXqyXqxOoTVCCa0Ihq2aIZG2hKTvVVhk3-LP9MXfvYvWYHthZYBbHEJKg0BpgVlys_c2wFsnDDdP3Rp6XhpBuCRGVjoAQcqwM3U6luhJxd2wrwqIwUkf0lTVJFepN2AqjfMYoOFGinWsCViAtw2KzND6zUYOwoUvFuI4_McJrXgS4LX8zOeHDuZPQxcoA1HH3ClzETd576Y_Gnrb6fMdFN818XQ-2SpDw161JE65kC3l1Mk7uf9O7ZJZjFZ7-bFUkIdYhFqNqmdcNqeFFlDmLzvZhuxMIl6324DwOYX4C66U-0byH_laVaB5gxovvd1aX7pEgkJ4deCw7VNqJ3DU7IM3z8TsG6CyhNUfR8LcEeur0kSdkWwbRXDpkxIV4eX8zTkdGed3SSEkIpdvg996zqrvag8svGH_RRY5BZ__k5SU3-gugkSJygSDq9FSNQIXaq1ZXb4e2Xvh3DjH7iw4Kabi8-5xhfatH-W9g6H7aOjaNOm_K81bPCZQF_Ro0NMHRbEI4j-aJUZtjqEmVy1F7wg0qefcsaq9377sIjFEN0zPR-ZqO2vkTAhx7oJiM5FHF9rOs86plmza7nVxiv2_vEwd_S2x0g7SbO97yJa842DYWZJs9ifladuQO8YM%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1007000029181&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 059af83c697d94f1234ab0142c52ace71912799f50d435c3a973c914fa0fa281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 47310700009529404444554012420024
Connection: close
Content-Length: 893
Expires: Fri, 18 Aug 2023 05:05:17 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:17 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95a918b35e&subid=&uid=4de14914390e3d84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCy-om_O3eZImdA5SJ1PIPwP6UgAOm5b2gaa2VnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOgBT9C_XoYu7G-bGCbZeuMXgFpiic-KM_8uSigsQ6ehuNM3FlwaRqDcXB762WlyR40SpqVeCkLLII59-KIh87sUrI2orJOrOClbwo11FLh-oBkZwkai50LPzfZ6C5rMBIV59aTkE_4Q1cVGgo3GtBNSxyodV_PH9Glr1tFQL5HJtVMYKB3-km18owC8Fl6Kz_mykt2uhP5eJqfDf56w4m3Y61GwddY2easx8tBmrosXmd1FvD_z39qcGz8y5G3gG-7-r5B_0j23x0PF809JAhsmOVXGKue7LOfwlLhl1weU4MXr2WFA8ypnm8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIiYvtlqrlgAMVlARVCB1APwUwEAEYASAAEgL3q_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_1bmYJCH99QapHqXe6-F-MX-V37Fg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AMx8RdeaYG5Df1jiPguNuq2JWzXZWlv5Fgq-All6tm50T42-CXOO85MBTK95TJGgLhy05KeuPR21DjPO_Rx-O24D5PzJNYaf_H6D4rFFbPBaiKSA9xj1obM5dK_EdgCn9NM5ihQmomMVIn00I1Hw1Mx053C-DIdIaBVzcMF0jovuYpvOs%26cry%3D1%26dbm_d%3DAKAmf-DuE7z12jJIZXqyXqxOoTVCCa0Ihq2aIZG2hKTvVVhk3-LP9MXfvYvWYHthZYBbHEJKg0BpgVlys_c2wFsnDDdP3Rp6XhpBuCRGVjoAQcqwM3U6luhJxd2wrwqIwUkf0lTVJFepN2AqjfMYoOFGinWsCViAtw2KzND6zUYOwoUvFuI4_McJrXgS4LX8zOeHDuZPQxcoA1HH3ClzETd576Y_Gnrb6fMdFN818XQ-2SpDw161JE65kC3l1Mk7uf9O7ZJZjFZ7-bFUkIdYhFqNqmdcNqeFFlDmLzvZhuxMIl6324DwOYX4C66U-0byH_laVaB5gxovvd1aX7pEgkJ4deCw7VNqJ3DU7IM3z8TsG6CyhNUfR8LcEeur0kSdkWwbRXDpkxIV4eX8zTkdGed3SSEkIpdvg996zqrvag8svGH_RRY5BZ__k5SU3-gugkSJygSDq9FSNQIXaq1ZXb4e2Xvh3DjH7iw4Kabi8-5xhfatH-W9g6H7aOjaNOm_K81bPCZQF_Ro0NMHRbEI4j-aJUZtjqEmVy1F7wg0qefcsaq9377sIjFEN0zPR-ZqO2vkTAhx7oJiM5FHF9rOs86plmza7nVxiv2_vEwd_S2x0g7SbO97yJa842DYWZJs9ifladuQO8YM%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1007000029181&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 18 Aug 2023 05:05:17 +0200

GET
H/1.1

200
OK

request.php Show response
hal900030.redintelligence.net/ Frame E7E2
Redirect Chain

https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=b8e883a2b9&subid=&uid=61af113ff704d6a8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=b8e883a2b9&subid=&uid=61af113ff704d6a8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

99ms
77ms

Script
application/x-javascript

136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=b8e883a2b9&subid=&uid=61af113ff704d6a8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYE-E_O3eZIudA5SJ1PIPwP6UgAOm5b2gaYWVnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOQBT9DhEaT1R6FsDXHuQ2KxuQJT5rNm3XGkOekCKzalccv6jOled8rAGHGWv1P3p5thpKe5M2A2Y71sMUmOFttANbR1QYwBKZDPI8aUxHNEB5Eo31Hmph_TwX_ox3AqusWI94varDIeNYhmNYUXrzwX-nJXPW-Ovltj7M9jdlJvtmHWNgDvsYewuOlODWYAJEgOjknnIw5JpJziIcCOn6Dom-jmZTZXkFu9uDBZIvhRQSGhR-A_UrTWip8C60Y3yA0Kdx9D8Wac5sFaOisVr82fz9-CvHLUFaHLHBJ6sExXH-5IsE3SwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIi4vtlqrlgAMVlARVCB1APwUwEAEYASAAEgJnr_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_2a98sG_hTWzjta2FmmKuM1p-3Q6A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AmZnStis0gaHGBwByDciZMPFFZDWO-bTdDSrWSMyNC6hAf21o6VAqKR8tVnlMcQhyGyUMp6NG0ua7mRUyWp085lKM_1vP5kDPQCy76tzC9JhiZLEfGmisQGC-4CMfrGW5Xv-ua-Vhlh3emo0q9tKWYC3xkRHTZF8vjjC-3dvXd74nH7KI%26cry%3D1%26dbm_d%3DAKAmf-COUWCmL0yq-0F85Gq98kYgnHQ4I-mfKxA9FkKwK6JFhkt5IUV54aVrtWrM1DrYAUNLWtBxrEmhp0ToC2YpdHaYBtS6KaR8APpMYgUl1Zou77qxwmrNhI6SNEDYPDJ4uI5q9aj1ce7MaZ2DQc24ObBlyyZ_obowSD5GWI0D5kVSG-EI8NRxGAIu7qx3eAW5plVQC52NCYEMn5PV37T_d96CSWCjz-IB9ZuPivoyGQIeDF0CQBY8WrBk4hYAd8RNVs3xNsHnrMlZjy8cP0nAPTC4OF2ChFuDpRUpzyokVqwvTf72FOPXcin321GIBN88FLv3tOVvm4xPWFhZ74VA7JQUSmKhEvrdUvyfeCQiLukBYXVMUGr0OFb5ozvEZEiY6RNGYbAMtVf4nX7XY4htGzyXf3tTwfG97RWw7ir4X9_w_GZ48Rev_UnUQYWrbehTBJ3wGGav2wfRbcFBaGSWpThvVlzE6SpjaTSDTDy4WOmvKz5lLdN-HJ4TcLC0DbZbwLuNY-KHpk0iTn9I6oaEZixFXSrTxSHzRn7SfXc1OtCpd0zItx253tInHOH-nCpvjN895rFVhT4FPXaX6tO-oZLpDWYcxsVSnSgOpuvMTiLLZIs7KYqNPVc_iM27OCvcMjWYo8Cs%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1217226070022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 1e6497cbd2dcc1e87853df3e0df5f5802cd60c3ba89c5ae79824e18a15659ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 28502400009939404444550012420030
Connection: close
Content-Length: 892
Expires: Fri, 18 Aug 2023 05:05:17 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:17 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=b8e883a2b9&subid=&uid=61af113ff704d6a8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYE-E_O3eZIudA5SJ1PIPwP6UgAOm5b2gaYWVnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOQBT9DhEaT1R6FsDXHuQ2KxuQJT5rNm3XGkOekCKzalccv6jOled8rAGHGWv1P3p5thpKe5M2A2Y71sMUmOFttANbR1QYwBKZDPI8aUxHNEB5Eo31Hmph_TwX_ox3AqusWI94varDIeNYhmNYUXrzwX-nJXPW-Ovltj7M9jdlJvtmHWNgDvsYewuOlODWYAJEgOjknnIw5JpJziIcCOn6Dom-jmZTZXkFu9uDBZIvhRQSGhR-A_UrTWip8C60Y3yA0Kdx9D8Wac5sFaOisVr82fz9-CvHLUFaHLHBJ6sExXH-5IsE3SwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIi4vtlqrlgAMVlARVCB1APwUwEAEYASAAEgJnr_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_2a98sG_hTWzjta2FmmKuM1p-3Q6A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AmZnStis0gaHGBwByDciZMPFFZDWO-bTdDSrWSMyNC6hAf21o6VAqKR8tVnlMcQhyGyUMp6NG0ua7mRUyWp085lKM_1vP5kDPQCy76tzC9JhiZLEfGmisQGC-4CMfrGW5Xv-ua-Vhlh3emo0q9tKWYC3xkRHTZF8vjjC-3dvXd74nH7KI%26cry%3D1%26dbm_d%3DAKAmf-COUWCmL0yq-0F85Gq98kYgnHQ4I-mfKxA9FkKwK6JFhkt5IUV54aVrtWrM1DrYAUNLWtBxrEmhp0ToC2YpdHaYBtS6KaR8APpMYgUl1Zou77qxwmrNhI6SNEDYPDJ4uI5q9aj1ce7MaZ2DQc24ObBlyyZ_obowSD5GWI0D5kVSG-EI8NRxGAIu7qx3eAW5plVQC52NCYEMn5PV37T_d96CSWCjz-IB9ZuPivoyGQIeDF0CQBY8WrBk4hYAd8RNVs3xNsHnrMlZjy8cP0nAPTC4OF2ChFuDpRUpzyokVqwvTf72FOPXcin321GIBN88FLv3tOVvm4xPWFhZ74VA7JQUSmKhEvrdUvyfeCQiLukBYXVMUGr0OFb5ozvEZEiY6RNGYbAMtVf4nX7XY4htGzyXf3tTwfG97RWw7ir4X9_w_GZ48Rev_UnUQYWrbehTBJ3wGGav2wfRbcFBaGSWpThvVlzE6SpjaTSDTDy4WOmvKz5lLdN-HJ4TcLC0DbZbwLuNY-KHpk0iTn9I6oaEZixFXSrTxSHzRn7SfXc1OtCpd0zItx253tInHOH-nCpvjN895rFVhT4FPXaX6tO-oZLpDWYcxsVSnSgOpuvMTiLLZIs7KYqNPVc_iM27OCvcMjWYo8Cs%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1217226070022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 18 Aug 2023 05:05:17 +0200

GET
H/1.1

200
OK

request.php Show response
hal900028.redintelligence.net/ Frame 7688
Redirect Chain

https://hal900028.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=29ec4cc88e&subid=&uid=2e2287e913203111&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900028.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=29ec4cc88e&subid=&uid=2e2287e913203111&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

89ms
67ms

Script
application/x-javascript

88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=29ec4cc88e&subid=&uid=2e2287e913203111&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbmdj_O3eZIadA5SJ1PIPwP6UgAOm5b2gaeWYnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOUBT9DnH5nodRcF0KismTZQFOLQDy55t5nk2fgmLT-diqaIGuKw-mTvYLK98iC8ewzQkiiWFzbbyNZx53LFvTRh6ORqW35wc1RIpMC9gOaqZKKw4zy6jQ2lTZ_1JlMh0vGXWdtN-TLtBASqDRyiWSsH2NlcQwPlXW2rngOZJ1DhEXXN2E2TCVE8hJFfLEZ24ozA-SOIvmSk7roDr75iDKAwGJvL9PCciLZps1CuPcOJtQbcwnpj6gJknSp7ODQWLafcI80dxkw_qyM5hyrILxf8gfJBNahk86WwdiVktSAztVHxdO_Js8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhovtlqrlgAMVlARVCB1APwUwEAEYASAAEgLjufD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_17qbb8uRqX7DIe7lS5g_xlTdkZpg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Aq7pu4YxTjOvQLb8OIB7SRcVUNgKJSdctZY3Yyb6oDBULLAJYqwdP9jBtPfZUWv11fUAJ7sVtO3VES2K5y2xIjVe-VwTqkYQRuiOAZL75rM0TnWeCw6wIIqWAXflCKse-vxdK6f3LAUMr7sINCX8Ksk1Jd8UpssX4xTXY66vk1pdJGUrA%26cry%3D1%26dbm_d%3DAKAmf-BbXNbLureQoYXcho0a5ZvRBzIzerjuS7HLNGStOKmahBcT1OEmP1JObFErH1jymH2i_PdyLiQ8CKNuFuWxeEdfNVx-h8CtBo1AjyavAkJlTO38FqXd71Rwdob7kX8tdmQVFM8FaqdX5Je0w14wYYPchm-Qvx5RfR8Gf7BLKS61XMfIx-6oJHZmxMhuXgFEkKYIerAUTU3aZHA0_TXcE6zm1gFQdsHOiR7D9aAxuP5DyOxqn95q-Dr7cGK_u_e25VWrXE1yurQqqF3gPyWNCUIKw6cXXQe6qwISecyDL_ffKLurHO0N-oVaPDmD9EejSkCknEhmYLKVB_y8O_0KvSXoxJSqxA4B1STJieRsQx4FeVNxo8-phzL7I9VvEQVzhh3Ix2pURNCaA8pnKrFQDOh046KRSPwC9d_j7kjZqb4RYUQ2kJpcIKoh9v3CJlv7g40a5ot_56RCPYfEKTvnQ1MChxcIdys1rpFm2BuhHPzzTakdgHzQ2eRWPl5O7axq82GfD1FleinvEjZQ2HBX9KHjiEx6Llb2wdHP5e4Lmh3nDdN-kNLlZ7WmK9uOdIyL5pD0DbcXzQt7UqM450YfBLbvLHMlmwZeRBA8VAh7eWzJFeBWvWxqWhTpvzKARO7UpKuaJ_Vj%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=8376611265757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 9a81b5c5dba045ac530bee37ef7d1e562a6c0a6f34db17e06a1c2fb494132260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 22987500012292504445008012420028
Connection: close
Content-Length: 889
Expires: Fri, 18 Aug 2023 05:05:17 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 18 Aug 2023 04:05:17 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=29ec4cc88e&subid=&uid=2e2287e913203111&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbmdj_O3eZIadA5SJ1PIPwP6UgAOm5b2gaeWYnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOUBT9DnH5nodRcF0KismTZQFOLQDy55t5nk2fgmLT-diqaIGuKw-mTvYLK98iC8ewzQkiiWFzbbyNZx53LFvTRh6ORqW35wc1RIpMC9gOaqZKKw4zy6jQ2lTZ_1JlMh0vGXWdtN-TLtBASqDRyiWSsH2NlcQwPlXW2rngOZJ1DhEXXN2E2TCVE8hJFfLEZ24ozA-SOIvmSk7roDr75iDKAwGJvL9PCciLZps1CuPcOJtQbcwnpj6gJknSp7ODQWLafcI80dxkw_qyM5hyrILxf8gfJBNahk86WwdiVktSAztVHxdO_Js8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhovtlqrlgAMVlARVCB1APwUwEAEYASAAEgLjufD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_17qbb8uRqX7DIe7lS5g_xlTdkZpg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Aq7pu4YxTjOvQLb8OIB7SRcVUNgKJSdctZY3Yyb6oDBULLAJYqwdP9jBtPfZUWv11fUAJ7sVtO3VES2K5y2xIjVe-VwTqkYQRuiOAZL75rM0TnWeCw6wIIqWAXflCKse-vxdK6f3LAUMr7sINCX8Ksk1Jd8UpssX4xTXY66vk1pdJGUrA%26cry%3D1%26dbm_d%3DAKAmf-BbXNbLureQoYXcho0a5ZvRBzIzerjuS7HLNGStOKmahBcT1OEmP1JObFErH1jymH2i_PdyLiQ8CKNuFuWxeEdfNVx-h8CtBo1AjyavAkJlTO38FqXd71Rwdob7kX8tdmQVFM8FaqdX5Je0w14wYYPchm-Qvx5RfR8Gf7BLKS61XMfIx-6oJHZmxMhuXgFEkKYIerAUTU3aZHA0_TXcE6zm1gFQdsHOiR7D9aAxuP5DyOxqn95q-Dr7cGK_u_e25VWrXE1yurQqqF3gPyWNCUIKw6cXXQe6qwISecyDL_ffKLurHO0N-oVaPDmD9EejSkCknEhmYLKVB_y8O_0KvSXoxJSqxA4B1STJieRsQx4FeVNxo8-phzL7I9VvEQVzhh3Ix2pURNCaA8pnKrFQDOh046KRSPwC9d_j7kjZqb4RYUQ2kJpcIKoh9v3CJlv7g40a5ot_56RCPYfEKTvnQ1MChxcIdys1rpFm2BuhHPzzTakdgHzQ2eRWPl5O7axq82GfD1FleinvEjZQ2HBX9KHjiEx6Llb2wdHP5e4Lmh3nDdN-kNLlZ7WmK9uOdIyL5pD0DbcXzQt7UqM450YfBLbvLHMlmwZeRBA8VAh7eWzJFeBWvWxqWhTpvzKARO7UpKuaJ_Vj%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=8376611265757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 18 Aug 2023 05:05:17 +0200

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 1B8F 1 KB
642 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 7d4bab0f087eef2090a9e1d7a7de0806.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 1B8F 10 KB
10 KB 11ms
9ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/7d4bab0f087eef2090a9e1d7a7de0806.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a27fcbaeaeb55eb3c904d80ea5ed4fca6f0ca2bf7aaa056cbee3abd619803a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10207
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 4a36b3c3ac57aa1342d4dff68a270b57.jpg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 1B8F 8 KB
8 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/4a36b3c3ac57aa1342d4dff68a270b57.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1862caa79dc3c7272dc5ff90c7f8ca7d356005f0a4bd5d0812771305c2fb2f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
x-content-type-options: nosniff
age: 60944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7904
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 1B8F 5 KB
3 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 04D1 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:16:06 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 9571 1 KB
642 B 9ms
9ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:58 GMT

GET
H3 200 35e60908e3a830df0c098dc57e9fb916.png
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 9571 18 KB
18 KB 10ms
10ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/35e60908e3a830df0c098dc57e9fb916.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd02b5306f49bc23613dd599506bab5a73a3f1cefb1cdfa8c08f91cb88fb427a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:58 GMT
x-content-type-options: nosniff
age: 61219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18512
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:58 GMT

GET
H3 200 6e63dc6db0229c6b77723858da8f9e7b.jpg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 9571 8 KB
8 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6e63dc6db0229c6b77723858da8f9e7b.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5285269c35d1500dcbd2686eb455790d6133945217bcd22ebaa42b5c30ff5e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:58 GMT
x-content-type-options: nosniff
age: 61219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8524
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:58 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 9571 5 KB
3 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:58 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 67EA 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 03:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 03:37:44 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4ADA 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 03:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 03:37:44 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 05EC 1 KB
642 B 9ms
9ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 7d4bab0f087eef2090a9e1d7a7de0806.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 05EC 10 KB
10 KB 10ms
10ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/7d4bab0f087eef2090a9e1d7a7de0806.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a27fcbaeaeb55eb3c904d80ea5ed4fca6f0ca2bf7aaa056cbee3abd619803a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10207
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 4a36b3c3ac57aa1342d4dff68a270b57.jpg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 05EC 8 KB
8 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/4a36b3c3ac57aa1342d4dff68a270b57.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1862caa79dc3c7272dc5ff90c7f8ca7d356005f0a4bd5d0812771305c2fb2f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
x-content-type-options: nosniff
age: 60944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7904
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 05EC 5 KB
3 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/7073955107534177015/fonts/ Frame 1B8F 173 KB
80 KB 12ms
11ms Font
font/ttf 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame A3B2 37 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:16:06 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 1 KB
642 B 10ms
10ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H3 200 da31ed3788e96cf03d1a48a187c7ab84.png
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 16 KB
16 KB 16ms
16ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/da31ed3788e96cf03d1a48a187c7ab84.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50a1bd531b87bf322748dbde57c9023eb9bea95bed15c35c3e06fa130443aa69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16035
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H3 200 3cacc47ba04bb023761e049580602db7.jpg
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 7 KB
7 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/3cacc47ba04bb023761e049580602db7.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11b8b4fb9f9509a15bcc1aae9d7bc3df6c99df550ecc3ec7a3fc1e5b83a1acd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7289
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 5 KB
3 KB 16ms
16ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/6493879008008578228/fonts/ Frame 9571 173 KB
80 KB 13ms
12ms Font
font/ttf 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:58 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6938 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 03:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 03:37:44 GMT

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/7073955107534177015/fonts/ Frame 05EC 173 KB
80 KB 9ms
9ms Font
font/ttf 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame C19C 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 21:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 21:16:06 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4405 0
0 49ms
45ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstvz_Z3DwyWmHgzJ7ho0MjtCo2Sl7-QYgnqVWFX1HQ_naPsljEstCLJswJB5Hi1e9ZFnTpX9eMIsEAnQl1Nn1bbKKbuYtx2rqlaMz0VQCkL4E0GCq5V9lTr2sK0HwN5l6GWaR_MVnQH0e-Hwq-oEyHDs0tjz73zzupWyoibhjRlIzd7ZEqmkTcWcu1_UYYt4iDcZW8_o89FDQY9kfFaSGVRA5hGmToH6WaM0n5bTAjyGkOHcDqctp3aFXpWDJQXRuAwaNKuPjnBsNm1O8HK6Z8BZDSHuFPnSGGl7AwnyRX8b1Rg5MB_8Co0pMPCsQvh8hmDgR_vx2gr7Ykym2VfxHw-fu-9ETgtbaH5vRz2B_gvHroCtlkN4Z8M6fIDHHzYY6DZnnNffF6QaBCPNs5olj5j5QPzeM2jxT6Fh2pRPFtdavILDrtXRGdG27aZznzEZi5fN11CAQz2w8ehop2WLiRvMjAGlOkie-ivSPwXu14HUR0bdr5BEqaHcQV012Nu3UJ6ofLXTMGehtDrblz_AiikG-fY9L9_y3Q0X4oyxU7AJayySEtSGjou_4kqpBLzXXSQDiCDn97Gln1Sllmw8hhVJMXBETVg9JsyQ5Xyv8yN7d0F2cdbFXB2nL5HT3t_Pqpx7DuxVuELaBvNq1vmRYFGJWZk8stxbLBpKxsGUzaB456fxY281Yu7AaBZY5Ia-N5F0RXyNZH2cW1R1E7ySYUT5eJrEqiTLDgUHOyepyOXdJw6qga2MwH3FYq-fLU8AiW6qljbkigFXyi8O0ZjcAi9ciSp_ZDWqBIxo98r8hgutvtcTWb_EkEjzq2UKupoGcV_Kd0Jcg-wxaCzW97S9OyG6B6us6r6QV4VqORbbDKyc5GfmBOPi7qxla2Bnea17E1KAw9eQ45witx0ILMGz9cKn-9kqnggIvrlCRy19bmT_5oRfXtkJbAhPxuw7J2ACvqtDVHx2RCPYkAOOZUD-8s5bYPRZ4V3-6nFrq8AE67XWcNRbp6HccdIFQrpVb3b3Chhky_djAnRPgbLCktYpeRK40AHkLOMkT9GfluJGXFVSPBPVR8vfJWetq4SlIQp6uyHAxgo82Pncri6Qlhi7U9le-umrCCe-q55uknk4q890EW3JLQzt-ep7re0apgLDBZqCpnU29GXtY_0sFcMpISb3zJ8E9puQ5TjBGWacyp6uhOhLp-pFgFYxNq5mUnYnJ2ezDaVO4VKDHwIHJC2N14zsXpR3ZtN5zgYt4kZDn-bsVyAsdMh9FB1&sai=AMfl-YQqwM1BoRIyjjinuMf5_qem4GmD_Vj66OymO4m9Z3xm0tuTUAlfP4SWj1B4qgjW4dvXpmCjxMse62wgT4uVKqCC8STXuq6LSTOgs0hGUv2kLtF8GzvZ-upqyZwD2_bFQynjSPFMofgYOjFv3hDvu3jfBtouhRgzaVTt_f_B3NHesxSBnutYzA3BL4EVkFTia2FbOgHn_xe8fO5oFZMvQe2lAxt8vmgr5o8ZA5Cj7UbOjKw_I44bfV7RIOlwUAlIUK30X-7i01NSZhILR-1Agl5gJghSUaOsZJEmiXBbTx7czE_LXoFlkXyc81k&sig=Cg0ArKJSzMFUNEGuMe2OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=467&vt=11&dtpt=247&dett=3&cstd=217&cisv=r20230816.51507&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 18 Aug 2023 04:05:17 GMT

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/12691273737138261013/fonts/ Frame 5620 173 KB
80 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 1B8F 1 KB
642 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 1B8F 5 KB
3 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 d39bc38b8e1b6d2ecf4f73f6f40ab434.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 1B8F 4 KB
4 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/d39bc38b8e1b6d2ecf4f73f6f40ab434.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c77f9f006debdee2ec120a6349a31bf3678e42001251f2c4495b32f5fb77598f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3654
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B15F 0
0 46ms
45ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvs7dpK5Vhv0lh5zTjK7ZZJ6i3fTZPlAhIujevi3E4g5yvFL3mirewWIS4ExgRib46YGW-LNDI_S00grodY6JAMA81KBL2QN8IhRM4KO-SGWXgh-ciYH3V4JLn60i4CX1nPeet7p2C1vVvm_3sb49kOE_Y8O2yg-cLQorp5kw49FpEWVuKY06t7o6r38kb_XlLoPzF_UzZCt59Q9V2jY9KT1w7mUkfuUDB5uKSzpkW_5Zs7MXxLI8Bise6nPAAfvffn3qQ_kuEiCODon1dFt3VLOmOasl_wHKagu4nhzTqzxbIIV2LVYe0I_q3TkihB-EaYItwSOy6PJ5GXv4_auknuiOxEnfxAEsuLTrQb1oEHtk37Ts6tf7OOalt6ZEyxDcY4-jvn86paQIUbsMMSILMzAQnVie6rPZBEnbYiAT1IuHAJ2cwoZtAzdY2M2gR2jJfoX9eKdw6BjL4tJ1-XTje_lpTUpudCCSSvW9NGnAl_a5SFyFSX9KhNsWAcfR3DW2YTCsChf91_3avn918ysWlZGfVud_GdLI5QZEwXuY8x2cayKvVNLjxQBvg0TwXgfILqB-CtI6HQmJ7FJWOlMACt30a72otB9qBxX0w--a8lpCpYgUY1hzUW74SZNOaVlzIO5Tek4N4rB5NgM1GugDLZzc645epFvi1KyCnH09ppIj45u2wJ1-tPxU2p4akK1oXqk2xGa_sRm7O3KB3i4oiIEkfqT9NzTIqz4QLkG4IykptWOmUx8GAdD3YOUei_z7bgfL936Zo1PcJ4PTizhrlA3K4yoGRim7TwZlvS1DKpaVVcnAjj3ShDJHO4vPA86CmidsgPVi5u0qkK3WFW6T5R2gRXbHjyhqVuoMHbvHvxAK4fInKu0hcbseeAJBM3Htvg70GG2OvQ6EwHotCHjljDGwQg3fukNlkqzvEnAPRgunwYYHF8f3E2UuvfyG29ixI86_3Fmnf4D3eqeekInregpxThXKojE6iJWXt7N6eFytTQjY7n4ktM3UBn6SqSgAwf_xW43RRhhYLWOdk7ueIm9aaoGHCGOYaYEBp0-Sxk-UZFma6Z1HUguTJBo7y5PHOxf8_l32fvC4fRKuC137E7Pfom4F4Mv4kbmjjJqIhgDKaCsXfOVl2WabayML76Xie_zUoxtLZChMDd5reTNDvpQXUv5HGDnpqyrP5-IPF-eUD5HI0qHFqlez_d0rF9iXQZz-F36hjbKZCZ_vi3-UV1DH8uGzOBhu5C72XnieBSZLhDhZpt-arZZb4PHg&sai=AMfl-YQvvwaYRuC_qqW87R6DPYyE4v2_KOxMZBXyCDBIY_2ZO232P7sAQbj13eaKM66y_5AG3qAaLF0yz_0pcMXeYqg0haMCJUgZ1Ji272gSncWpgVZKHHrqOS6sf3N1HEuH-uxfTk7dCzuJO82wYx7DIGnaiJbFYBS3ego2tYHj0DqB3HygDAH6-mW_1xew2v0XZ0_DUtNgbEhSwy7kGJN7OwmzWXxAFN2U_z_Kt6Q61c-rGbZq-opPUn5LFUMsRFRwuP-CxMTwCmWOyuL8ZpghilN4yBsUzWlTcK9R5QCyqjVWXcQqcUy8RlsBO38&sig=Cg0ArKJSzJagYxVXC-TpEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=393&vt=11&dtpt=254&dett=3&cstd=138&cisv=r20230816.79021&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 18 Aug 2023 04:05:17 GMT

GET
H3 200 7d4bab0f087eef2090a9e1d7a7de0806.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 1B8F 10 KB
10 KB 6ms
6ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/7d4bab0f087eef2090a9e1d7a7de0806.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a27fcbaeaeb55eb3c904d80ea5ed4fca6f0ca2bf7aaa056cbee3abd619803a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10207
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 4a36b3c3ac57aa1342d4dff68a270b57.jpg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 1B8F 8 KB
8 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/4a36b3c3ac57aa1342d4dff68a270b57.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1862caa79dc3c7272dc5ff90c7f8ca7d356005f0a4bd5d0812771305c2fb2f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
x-content-type-options: nosniff
age: 60944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7904
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 05EC 1 KB
642 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 d39bc38b8e1b6d2ecf4f73f6f40ab434.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 05EC 4 KB
4 KB 7ms
7ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/d39bc38b8e1b6d2ecf4f73f6f40ab434.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c77f9f006debdee2ec120a6349a31bf3678e42001251f2c4495b32f5fb77598f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3654
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 05EC 5 KB
3 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 9571 1 KB
642 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:58 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 9571 5 KB
3 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6493879008008578228/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:58 GMT

GET
H3 200 ade14ddece1fb96d3c38225539814db6.png
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 9571 6 KB
6 KB 7ms
7ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/ade14ddece1fb96d3c38225539814db6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

703912524593a505b4b2e4380556ad8eb04f5bf22b2c57474f57e1928d473fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:58 GMT
x-content-type-options: nosniff
age: 61219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6377
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:58 GMT

GET
H3 200 7d4bab0f087eef2090a9e1d7a7de0806.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 05EC 10 KB
10 KB 6ms
6ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/7d4bab0f087eef2090a9e1d7a7de0806.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a27fcbaeaeb55eb3c904d80ea5ed4fca6f0ca2bf7aaa056cbee3abd619803a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10207
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 4a36b3c3ac57aa1342d4dff68a270b57.jpg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 05EC 8 KB
8 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/4a36b3c3ac57aa1342d4dff68a270b57.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1862caa79dc3c7272dc5ff90c7f8ca7d356005f0a4bd5d0812771305c2fb2f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
x-content-type-options: nosniff
age: 60944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7904
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E8F3 0
0 45ms
45ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpDGeD5zoprZ_sY7Byq2xeGayvU0uFoRbG-BCgOxs6VYn9XktmSe-Z5YpFyB2LO7moqvAiAiTGEJI_6v0Rgyz-zcJyq7m5x5N_QXhtd5PeHYcZn6tiWpRRerbBF93t5gMgezMmRcPN7am78aScT-2gtciRuYdWu2QREaQvHLor35xaRSjPPQrNcx8k6Ck7PLlahjJMg-n7hxBbZ_fDoF1zYMsqingAp3vLuuf8-2cVPPVcaZkI-RS4mgiOMU3StxAN6592wgO45VrAdpyeZP90HlhOwN2loFxC04GpK1DqERi-NXhlJ5DY_0CZ0VDiB_aa1N9Gsoe1oZdlisypmAh4w9mRkfCTizVNVeK4gfHrr7J6FTI7c9c-yQVjtPSZWhFrFsHfv0LZFHSke45edlmFt0x4JqhbAV7EPTym9fQEuPis4in0mKCWZ1EVCLrwmrhLlPbsZ0RC-6UPTIWg2AGnGPjf10MEVA5Tjg8fe02_hOMNVv3xd_v__PyR7d7tYgG8T4sCW-fyxO025ajACvicbFZLPVpuRsrm79jZ5NT5TRwZR4hTi8FRei7GS3iqebx86Gs78HEC9KYVUPLAzJIoX3c7l7pCgqpGd0R_4W-Po_7EhB7aVULE-fxtXz4-1JyMkUTSD4Rw4BSBtRHtvevsmcm6GMO4Tg8fDDhNCCeVvqmskBYtY4zTWdjD_zln_-omRsj2FT4F7HgxLai2K0g0hFRexaUoiAqSUxxVCshj4XTGSw9o0gTD-ATCUST410pIFAFSzPxF8_MpOqCeZlaH6_7BIpdK3dxRczIMD1FJGKsytG24mQFlBFPECXQnDsEGWNPguJA-l6xCwchEUoYuci2B8_uOjqAVTiIYFTGlsLcfMuLZaSuKeFN7TeberZ8BRMiH9TgzP_q5KVNByOEPmGAxqO0REpswKvu5qUOvC3Ksohi0nb6y3pXGME_KAzzth_MzgDgv5C2C35e9r58R8tvjPm6cREgaXmYuAnRmZ2tNntvC7E6S5okGzup8Hc4GTrTCw7DX42XMaRLiL9XKRk_QVlhcht0nu67q3LYIj0J3IA0yWz6TsiCTuRIDFoQAGNtrGWn-fGU_it7Z4EUm0kG60CMYktvz6oh4eIOH7_6R4hgHTKHPQihsJm9_RliTpMhzl5c0AgumUR3SYvVpzJcughx-TJ6EMCouvT9zZL8CqCPRO7kANdHSGiSiAN2ZO_wlDxIl1cK_LZQ23T0dqDN_9tVXtuC3xlE3Qz5SuZmjR4WRQKIFi7LaMkkd6Q&sai=AMfl-YRwY0ocGpmqPRlueK9AyM-PybnGK9eT7RYL6ajuJkiq9G8IIJEOPuLYk8juccnPKByCEPzDz5hbt1sJAiUALTafKAZlhwbI6aQqHllf3HYsuR0oluGQ2EVzAPncUxKtxayLUgx8U24E5rORRYLtTbh4TYPprdof1dpuF9-h9dMDOoJKQvj9C2l6jgibzC2r8qHvQda7il7JplfBNhxyQ37ZBfdRL-5DeKQplx26vS4xnpr_cD0LJdIxhocHOhqx5T3eRWPVg4P_7HIPYDoMG0VTdAfVaBk6NU6K2RwHmBid4XZ1sQlHk4jumDw&sig=Cg0ArKJSzMfyG0M33ztZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=488&vt=11&dtpt=337&dett=3&cstd=150&cisv=r20230816.08737&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 18 Aug 2023 04:05:17 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 1 KB
642 B 6ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/190740797d80b1049e624ef11d8e67ae.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 5 KB
3 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/190740797d80b1049e624ef11d8e67ae.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H3 200 f96b1a490dda2f2b2367b9a0eb7a4039.png
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 7 KB
7 KB 6ms
6ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/f96b1a490dda2f2b2367b9a0eb7a4039.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14045b1e42485d4b7ab414732eef9cb5e242d6e348047317a6b0855bc5d07bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6924
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H3 200 da31ed3788e96cf03d1a48a187c7ab84.png
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 16 KB
16 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/da31ed3788e96cf03d1a48a187c7ab84.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50a1bd531b87bf322748dbde57c9023eb9bea95bed15c35c3e06fa130443aa69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16035
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H3 200 3cacc47ba04bb023761e049580602db7.jpg
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 7 KB
7 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/3cacc47ba04bb023761e049580602db7.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11b8b4fb9f9509a15bcc1aae9d7bc3df6c99df550ecc3ec7a3fc1e5b83a1acd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7289
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H2

200

activityi;dc_pre=COvTzZeq5YADFagTogMdQggOfA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6978281399097.637 Show response
5994599.fls.doubleclick.net/ Frame 7AF0
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6978281399097.637?
https://5994599.fls.doubleclick.net/activityi;dc_pre=COvTzZeq5YADFagTogMdQggOfA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6978281399097.637?

391 B
285 B

52ms
51ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=COvTzZeq5YADFagTogMdQggOfA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6978281399097.637?

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

1809c31a2f8cc12dd01d8adb7a6467d00044769d7d62a0565c726cb48889955b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:17 GMT
expires: Fri, 18 Aug 2023 04:05:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=COvTzZeq5YADFagTogMdQggOfA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6978281399097.637?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame D7BF 7 KB
3 KB 33ms
11ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=22987500012292504445008012420028&a=a65ee92a
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=29ec4cc88e&subid=&uid=2e2287e913203111&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCbmdj_O3eZIadA5SJ1PIPwP6UgAOm5b2gaeWYnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOUBT9DnH5nodRcF0KismTZQFOLQDy55t5nk2fgmLT-diqaIGuKw-mTvYLK98iC8ewzQkiiWFzbbyNZx53LFvTRh6ORqW35wc1RIpMC9gOaqZKKw4zy6jQ2lTZ_1JlMh0vGXWdtN-TLtBASqDRyiWSsH2NlcQwPlXW2rngOZJ1DhEXXN2E2TCVE8hJFfLEZ24ozA-SOIvmSk7roDr75iDKAwGJvL9PCciLZps1CuPcOJtQbcwnpj6gJknSp7ODQWLafcI80dxkw_qyM5hyrILxf8gfJBNahk86WwdiVktSAztVHxdO_Js8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIhovtlqrlgAMVlARVCB1APwUwEAEYASAAEgLjufD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_17qbb8uRqX7DIe7lS5g_xlTdkZpg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Aq7pu4YxTjOvQLb8OIB7SRcVUNgKJSdctZY3Yyb6oDBULLAJYqwdP9jBtPfZUWv11fUAJ7sVtO3VES2K5y2xIjVe-VwTqkYQRuiOAZL75rM0TnWeCw6wIIqWAXflCKse-vxdK6f3LAUMr7sINCX8Ksk1Jd8UpssX4xTXY66vk1pdJGUrA%26cry%3D1%26dbm_d%3DAKAmf-BbXNbLureQoYXcho0a5ZvRBzIzerjuS7HLNGStOKmahBcT1OEmP1JObFErH1jymH2i_PdyLiQ8CKNuFuWxeEdfNVx-h8CtBo1AjyavAkJlTO38FqXd71Rwdob7kX8tdmQVFM8FaqdX5Je0w14wYYPchm-Qvx5RfR8Gf7BLKS61XMfIx-6oJHZmxMhuXgFEkKYIerAUTU3aZHA0_TXcE6zm1gFQdsHOiR7D9aAxuP5DyOxqn95q-Dr7cGK_u_e25VWrXE1yurQqqF3gPyWNCUIKw6cXXQe6qwISecyDL_ffKLurHO0N-oVaPDmD9EejSkCknEhmYLKVB_y8O_0KvSXoxJSqxA4B1STJieRsQx4FeVNxo8-phzL7I9VvEQVzhh3Ix2pURNCaA8pnKrFQDOh046KRSPwC9d_j7kjZqb4RYUQ2kJpcIKoh9v3CJlv7g40a5ot_56RCPYfEKTvnQ1MChxcIdys1rpFm2BuhHPzzTakdgHzQ2eRWPl5O7axq82GfD1FleinvEjZQ2HBX9KHjiEx6Llb2wdHP5e4Lmh3nDdN-kNLlZ7WmK9uOdIyL5pD0DbcXzQt7UqM450YfBLbvLHMlmwZeRBA8VAh7eWzJFeBWvWxqWhTpvzKARO7UpKuaJ_Vj%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=8376611265757&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 098ae1e1a8e076a07d6eb36650c63679ed40a26637839c123288b88128e01f66

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2295
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Aug 2023 04:05:17 GMT
Expires: Fri, 18 Aug 2023 05:05:17 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

activityi;dc_pre=CLDUzZeq5YADFVwFewodm4QMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9499452244257.32 Show response
5994599.fls.doubleclick.net/ Frame 1A65
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9499452244257.32?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLDUzZeq5YADFVwFewodm4QMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9499452244257.32?

390 B
324 B

50ms
50ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLDUzZeq5YADFVwFewodm4QMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9499452244257.32?

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

b98ed8acb7c128aef357317a0d401ab9c18cbc05366e791c9b968e156c882e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:17 GMT
expires: Fri, 18 Aug 2023 04:05:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLDUzZeq5YADFVwFewodm4QMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9499452244257.32?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900030.redintelligence.net/ Frame 269B 7 KB
3 KB 33ms
12ms Document
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request_content.php?s=28502400009939404444550012420030&a=ee0df00e
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=b8e883a2b9&subid=&uid=61af113ff704d6a8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYE-E_O3eZIudA5SJ1PIPwP6UgAOm5b2gaYWVnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOQBT9DhEaT1R6FsDXHuQ2KxuQJT5rNm3XGkOekCKzalccv6jOled8rAGHGWv1P3p5thpKe5M2A2Y71sMUmOFttANbR1QYwBKZDPI8aUxHNEB5Eo31Hmph_TwX_ox3AqusWI94varDIeNYhmNYUXrzwX-nJXPW-Ovltj7M9jdlJvtmHWNgDvsYewuOlODWYAJEgOjknnIw5JpJziIcCOn6Dom-jmZTZXkFu9uDBZIvhRQSGhR-A_UrTWip8C60Y3yA0Kdx9D8Wac5sFaOisVr82fz9-CvHLUFaHLHBJ6sExXH-5IsE3SwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIi4vtlqrlgAMVlARVCB1APwUwEAEYASAAEgJnr_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_2a98sG_hTWzjta2FmmKuM1p-3Q6A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AmZnStis0gaHGBwByDciZMPFFZDWO-bTdDSrWSMyNC6hAf21o6VAqKR8tVnlMcQhyGyUMp6NG0ua7mRUyWp085lKM_1vP5kDPQCy76tzC9JhiZLEfGmisQGC-4CMfrGW5Xv-ua-Vhlh3emo0q9tKWYC3xkRHTZF8vjjC-3dvXd74nH7KI%26cry%3D1%26dbm_d%3DAKAmf-COUWCmL0yq-0F85Gq98kYgnHQ4I-mfKxA9FkKwK6JFhkt5IUV54aVrtWrM1DrYAUNLWtBxrEmhp0ToC2YpdHaYBtS6KaR8APpMYgUl1Zou77qxwmrNhI6SNEDYPDJ4uI5q9aj1ce7MaZ2DQc24ObBlyyZ_obowSD5GWI0D5kVSG-EI8NRxGAIu7qx3eAW5plVQC52NCYEMn5PV37T_d96CSWCjz-IB9ZuPivoyGQIeDF0CQBY8WrBk4hYAd8RNVs3xNsHnrMlZjy8cP0nAPTC4OF2ChFuDpRUpzyokVqwvTf72FOPXcin321GIBN88FLv3tOVvm4xPWFhZ74VA7JQUSmKhEvrdUvyfeCQiLukBYXVMUGr0OFb5ozvEZEiY6RNGYbAMtVf4nX7XY4htGzyXf3tTwfG97RWw7ir4X9_w_GZ48Rev_UnUQYWrbehTBJ3wGGav2wfRbcFBaGSWpThvVlzE6SpjaTSDTDy4WOmvKz5lLdN-HJ4TcLC0DbZbwLuNY-KHpk0iTn9I6oaEZixFXSrTxSHzRn7SfXc1OtCpd0zItx253tInHOH-nCpvjN895rFVhT4FPXaX6tO-oZLpDWYcxsVSnSgOpuvMTiLLZIs7KYqNPVc_iM27OCvcMjWYo8Cs%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1217226070022&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: ad0924e0461fa8f01d5588d37fae87c6e645449e70e6c7cfbc399e5c5faeabdc

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2295
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Aug 2023 04:05:17 GMT
Expires: Fri, 18 Aug 2023 05:05:17 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 7688 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 196114f36b6a99e2eb4c071504ce5b267d485c6252b09ede4e776195becaaec2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

activityi;dc_pre=CNf6z5eq5YADFVUOogMd9J4M5Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6589618366142.878 Show response
5994599.fls.doubleclick.net/ Frame C28D
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6589618366142.878?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf6z5eq5YADFVUOogMd9J4M5Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6589618366142.878?

391 B
241 B

53ms
52ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf6z5eq5YADFVUOogMd9J4M5Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6589618366142.878?

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

f63d19b9a342ae543d008110fb42dad5eff8dc1166623e855b1495adeaf06d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:17 GMT
expires: Fri, 18 Aug 2023 04:05:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf6z5eq5YADFVUOogMd9J4M5Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6589618366142.878?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900024.redintelligence.net/ Frame 80EB 4 KB
2 KB 55ms
21ms Document
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request_content.php?s=47310700009529404444554012420024&a=81fec6fd
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=95a918b35e&subid=&uid=4de14914390e3d84&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fad.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCy-om_O3eZImdA5SJ1PIPwP6UgAOm5b2gaa2VnKfJD_AuEAEg3rionQFgleKQgqAHyAEJqQKzF9owuj6yPqgDAcgDmwSqBOgBT9C_XoYu7G-bGCbZeuMXgFpiic-KM_8uSigsQ6ehuNM3FlwaRqDcXB762WlyR40SpqVeCkLLII59-KIh87sUrI2orJOrOClbwo11FLh-oBkZwkai50LPzfZ6C5rMBIV59aTkE_4Q1cVGgo3GtBNSxyodV_PH9Glr1tFQL5HJtVMYKB3-km18owC8Fl6Kz_mykt2uhP5eJqfDf56w4m3Y61GwddY2easx8tBmrosXmd1FvD_z39qcGz8y5G3gG-7-r5B_0j23x0PF809JAhsmOVXGKue7LOfwlLhl1weU4MXr2WFA8ypnm8AE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIiYvtlqrlgAMVlARVCB1APwUwEAEYASAAEgL3q_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ%26sig%3DAOD64_1bmYJCH99QapHqXe6-F-MX-V37Fg%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-AMx8RdeaYG5Df1jiPguNuq2JWzXZWlv5Fgq-All6tm50T42-CXOO85MBTK95TJGgLhy05KeuPR21DjPO_Rx-O24D5PzJNYaf_H6D4rFFbPBaiKSA9xj1obM5dK_EdgCn9NM5ihQmomMVIn00I1Hw1Mx053C-DIdIaBVzcMF0jovuYpvOs%26cry%3D1%26dbm_d%3DAKAmf-DuE7z12jJIZXqyXqxOoTVCCa0Ihq2aIZG2hKTvVVhk3-LP9MXfvYvWYHthZYBbHEJKg0BpgVlys_c2wFsnDDdP3Rp6XhpBuCRGVjoAQcqwM3U6luhJxd2wrwqIwUkf0lTVJFepN2AqjfMYoOFGinWsCViAtw2KzND6zUYOwoUvFuI4_McJrXgS4LX8zOeHDuZPQxcoA1HH3ClzETd576Y_Gnrb6fMdFN818XQ-2SpDw161JE65kC3l1Mk7uf9O7ZJZjFZ7-bFUkIdYhFqNqmdcNqeFFlDmLzvZhuxMIl6324DwOYX4C66U-0byH_laVaB5gxovvd1aX7pEgkJ4deCw7VNqJ3DU7IM3z8TsG6CyhNUfR8LcEeur0kSdkWwbRXDpkxIV4eX8zTkdGed3SSEkIpdvg996zqrvag8svGH_RRY5BZ__k5SU3-gugkSJygSDq9FSNQIXaq1ZXb4e2Xvh3DjH7iw4Kabi8-5xhfatH-W9g6H7aOjaNOm_K81bPCZQF_Ro0NMHRbEI4j-aJUZtjqEmVy1F7wg0qefcsaq9377sIjFEN0zPR-ZqO2vkTAhx7oJiM5FHF9rOs86plmza7nVxiv2_vEwd_S2x0g7SbO97yJa842DYWZJs9ifladuQO8YM%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1007000029181&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2469a12844df2786fd75e6fcc5bca7093c8b01d7585bd4ca6376b2b2a2500bd4

Request headers

Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1500
Content-Type: text/html; charset=utf-8
Date: Fri, 18 Aug 2023 04:05:17 GMT
Expires: Fri, 18 Aug 2023 05:05:17 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame D7BF 89 KB
32 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=22987500012292504445008012420028&a=a65ee92a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 17:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 17:46:53 GMT

GET
H/1.1 200
OK S-320x480.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame D7BF 80 KB
81 KB 61ms
17ms Image
image/gif 85.114.131.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-320x480.gif
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=22987500012292504445008012420028&a=a65ee92a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.233 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21037.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 41d2b9e4024405dbcba3d806a1cb5f2bdcc5882d59b8ac60023b7bcb2a9e0a8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 04:05:17 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-14156"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 82262

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 269B 89 KB
32 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=28502400009939404444550012420030&a=ee0df00e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 17:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 17:46:53 GMT

GET
H/1.1 200
OK S-728x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 269B 24 KB
24 KB 59ms
18ms Image
image/gif 85.114.131.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-728x90.gif
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=28502400009939404444550012420030&a=ee0df00e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.233 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21037.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 04:05:17 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:29 GMT
Server: nginx
ETag: "5b55f201-5f90"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 24464

GET
DATA 200
OK truncated
/ Frame A557 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86099660b15c636252f4433967ef961ee95f2b2cf4468f466b9c9b858602eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK S-300x250.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 80EB 70 KB
71 KB 54ms
18ms Image
image/gif 85.114.131.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x250.gif
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=47310700009529404444554012420024&a=81fec6fd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.233 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21037.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 04:05:17 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-119bc"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 72124

GET
H2 200 dc_pre=CLDUzZeq5YADFVwFewodm4QMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9499452244257.32
adservice.google.com/ddm/fls/z/ Frame 1A65 42 B
401 B 66ms
44ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLDUzZeq5YADFVwFewodm4QMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9499452244257.32

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLDUzZeq5YADFVwFewodm4QMkg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9499452244257.32?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COvTzZeq5YADFagTogMdQggOfA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6978281399097.637
adservice.google.com/ddm/fls/z/ Frame 7AF0 42 B
107 B 67ms
46ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COvTzZeq5YADFagTogMdQggOfA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6978281399097.637

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COvTzZeq5YADFagTogMdQggOfA;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6978281399097.637?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNf6z5eq5YADFVUOogMd9J4M5Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6589618366142.878
adservice.google.com/ddm/fls/z/ Frame C28D 42 B
107 B 55ms
45ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNf6z5eq5YADFVUOogMd9J4M5Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6589618366142.878

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNf6z5eq5YADFVUOogMd9J4M5Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6589618366142.878?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame 80EB 0
150 B 52ms
18ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=47310700009529404444554012420024&a=6ada9627&vb=m
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=47310700009529404444554012420024&a=81fec6fd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900024.redintelligence.net/request_content.php?s=47310700009529404444554012420024&a=81fec6fd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 04:05:17 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 80EB 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 370B 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3133
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 03:13:04 GMT
expires: Sat, 17 Aug 2024 03:13:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E683 829 B
1 KB 76ms
55ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f2c6f9be096ca5105c72777c4ec0b0f66ca647ab684df53dda841f31a64884b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MrwU2GvAeJ0Va-Ycmglm0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-MrwU2GvAeJ0Va-Ycmglm0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 04:05:17 GMT
expires: Fri, 18 Aug 2023 04:05:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame D7BF 0
150 B 34ms
12ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=22987500012292504445008012420028&a=b121a884&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=22987500012292504445008012420028&a=a65ee92a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=22987500012292504445008012420028&a=a65ee92a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 04:05:17 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame D7BF 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame 269B 0
150 B 47ms
25ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=28502400009939404444550012420030&a=abc73ac1&vb=m
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=28502400009939404444550012420030&a=ee0df00e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=28502400009939404444550012420030&a=ee0df00e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Fri, 18 Aug 2023 04:05:17 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 269B 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB5F 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVaVL_O3eZO-RMNyl9u8Pvoqn6AwAAAAAOAHgBAI&bg=!e3ileCzNAAZGPLJIZjw7ADkAdvg8Wg3yGAJHzvKFfJggvwh2lD7SUxuRbcOJ8bjRnroBSXF4I95MjoZNU4bbcg090FIymlk-e9cCAAACB1IAAAAGaAEHmQMeGGoiVG4M60_rmOzx3f6SFVwXPBVx4t5sRrcYUfOsjkXDBZYWHTbxaWYUxK1nAb4O3aiY2o4bUtnd1ZFlChl1pGQxuE7aqgmwQFX_CvAmhk3jXdwhyRYolOcRpo3IfEPbW1jLpmWwNUteZa-6zb1dS8R4hGVCdEs0NoV8cCuy29nhLqQRBelN9sIh6yY5yZzvT9v3tNnPHYXCkizOWpJxUQfarXFzPDojxeFexkuT_1j7p2apoQRJvNqXVJKTri4haAfxM_-n3MBMWwjvxQDU25ca5ZV_B9QbDVP1g2G-OdsAmlOaaba6gwpvJ59XVrBlJCq9VK7dUuKqhW0efA9dUVy2rGW5JX-Rp596eGtSmKipDu6XhGN-SdqgqccahlJtVS136gOQ0JxH8X-LVFgldaCfVNTcAS5A-_ZyRWc7qU01PiTO8OfV81F74kKhSOYi3NPybMV1ZBiPiMkyvTowdi3-DvRgG6n_onMP_Lr8gbZCuGLbxGfVrKa5hT4wUbYKQFbA4sY1RI2vWuj0xbb0S_niWr6HE696kmulAqJUdq7Pah1tZ9COJSXrYqiQNBRKpc0M7GO8lncTKbUObe58vOHNfeVKqVCpr_L8h6zk1GQcOLhf2TlYTSzDW9lj57wry9FJdLIWZlKaLwDzdogccUiCeNY8eRP0RK-craxuJDhIN-Ow96uOTGKkltDJCtsl-4HrfpoKEWJ3n02BQ1uJoBXpO6vLfNlvyA_GDeu1PCNIONTf3U4iqIJ-EuIH3G9INddh4vCrSw_c5MVGjMI8IH0Oq2CJin61qbMYLKKNI4F6G24pyJk_zV1-axOdWNn8rsxgXVlIBSJY3D2k8WT0dU5PUb7qUxVxUA3op6uY90_vBTWi8fFHAAmL7PrgMrR5QzxhulThtD28sM8AGs8fTSU-eapxGZP6FoYnl3Ll4mfiuMQ62KF-h8tsJVX9GcKxU_ggfE_20DAGJeTrVcmt-knpH6i7pMSVSONVpvX2gWCgeIsutyDAbBvr4djqDuVhVWEHKyeDkDaWFsrJHH80RJg2r9a90dQSHX69HolP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4405 42 B
174 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszeSo0bdCDlOHeDmhK-EvL8hUM2nyPzoit89tHiB8uR4B_8mROC4-m6fxgrnrdmuAtK1A3I-sxYzT0eljI0KIZgRWOtT6ShzvZjY_vOSUDSxFCr5ZwIlnzguLJ46GSBeIHYdyjnHvUEfJC&sai=AMfl-YRzos1Ru78MSZySvsjmJ8OyE3TnvuTBBl2imEHHQ54Bo2q38njfFI-GcHCuKsKoHdUeRbj0pa5mtyAtWx4-aJeZICY9uE_rYXerOzuoEdH4w4AvTJ9lyd1yITGQEK-Ltd14Qkvr9PcqOs4Tig&sig=Cg0ArKJSzGna8888AY-XEAE&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&id=lidar2&mcvt=1046&p=75,436,165,1164&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=299942153&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692331516474&rpt=428&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 67EA 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB9mv_O3eZMiKM_C39u8Pr-e0gA8AAAAAOAHgBAI&bg=!hoWlhdHNAAZGPLJIZjw7ADkAdvg8WsSPslqawtP68u64HN5ncHj1K1xumJvuKHnTL9nrYLDuC4LT-TYcd0lVQfWjbPV-_ID97RUCAAAB_FIAAAAFaAEHmQNbpE91JtYa5gQ-RknvUv203Z1IBwiAYt72VySE-TWBXtcwD8whnr4buMeBwQeRPZPUvEYXeMGdKZ7JrlrC0Fh22ryFE4ygvNpmUlfIA0eUKadzp2Bpd_lTgjDmuj53LkEQmR0dK4O9qF6j7t6Vpw72CBvKW7MEFBifE2D0RQm7eFJYwnoLbdOW2rJmAHKsnLx3GGIpRuXC-22URSNwKTNHO7kDufJxB3ymZb_qFTdKHqQeireIdlKY1joHsG3-PxHEmEJsp1MnUjdU92Ne3ZD_axwnjGaNrQUB0WMNXXvlzOelF2SR9gMkcqIhyNAWKa6CobasTZE76qJQACn25Y5wu_UqBvGHTSPu0aOKbz88Ayp5Z459RjaZJWJDJLqVJY8Xns8jzrqnVM5PPdhmc1QbI_SrKM6G7Sx-Ld_4OLJloFp32kqIlRY4RLdGfsIYejtZgzME_Z_QiiQFOuNOm96oNquW1cGhYCqUp3w5urELFLXiUonCj28hnCxs4z9thY0TYPu3EBVQKV7NRJ4DstvFv0kfFu5la4Hv9ru4JKhAE43HIpQWVz6oJ_oA7sxzgQ7CqGXifZnngR8gbivPhJF1nNhptFAla_V0uDNLkE9qRlbbRMRsjnYplbZfbdO8_TDvaVulWEAHSOsfb_fWW4lAIZHRh2ledU1U3MG4FbS0Nq8KyVlmUuHz6sUkep7CU66vm54LKgzOUM_0FMY7ar9_ibT1sBVf57g2IuXv0gara6xBWtcuF_2o4NQ62yrW8AxzocWC8NF1p_atL_JwgTQ6yu6Nt4hIB25NXMr4nehgywDaWg31qS3BebzlDLv2NCUDrcfFJxlgwjEZm1609Gz2YofkstoTPj81kXW6f2YgwUvYgbjEZSOURrEtpjbPvj5trVheBAvuj2tZT4tfKDzc1huB7-VUNkkBMMNUjNUgJa_B-B7XDZIrAiMaum4fpg07g8xA6qTNR8Joma_CK5pLRjpb2nt5QmYRbg0WvdZoOecTJCqna1EFbBUF3p1WhAvi1HF2WZRWtZ8rsm9ZCph1yMohURZUUD0cZfHX1MOerKp_gF15HD240za9BaeJikX6ONZL89muIRu-XIXS5kOrsir_34qVIJMH6mZRcnE732ghwnVhfDPhfkN6ew

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4ADA 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6WFv_O3eZPCwM9fA9u8PrLS9sA4AAAAAOAHgBAI&bg=!YWKlYjbNAAZGPLJIZjw7ADkAdvg8WleeiJQk22bYwtOhBeFsagJQ8torTLIO8esGzmJdFgzLUCS5hg9mmoKSPLa7P16mWKVnC48CAAAB7lIAAAAEaAEHCgBqlwC4gPFYKndKz7ukjZa0JkUw7sYnU9c_0-6awT2yLwn9rQwCFjfir9yT7EfAQPS2tbd5EOkO5CvOfJ7cgqx0FamSqe6IBecxKgZlRlWvzfXZT8M1MIfxbtQgkporDWdaz729wfmNw9KBTZkDCXl-rEe71sp4wU4NYwmwmfcBZLOzZ0uS1WKxqWH9isl83B2bnvBsBG4Y5bjAEbfhAH58EoUQcJ0yN-ZlLDvo71uaJYDcR7-66EssoKlzPzw8ffEnTDHr61jxnQzoHQHTEAcRIdN_Vy-3nPO471SUxkZ885sXVQW0HfPaYr0832D_RUhaBIrmDB2Hp1umZLnI9Wh6kah0cfnlcw8gxd-IbQKWfpCVjQ2AMEuQTXrvIu1JN52w-XF5Eq78z0hkxUoNz9NnLsEM1Cdo7-lg2txE2Kb-zXkIs5Bu_Bmh-0TxrET9PG_NFYWwM8DKBuVzpfitgSMYwwryIXJapFHSb9vWKU2EBAMZ2dyQTfr5A7Lm2ApCG7yW7xGFNzRdzWoCnr0DB6GHQzxjRrP0bGxUjFfCpFuF0KaaGsLM7uP4XGlEacQg5FRbezjATyF2ATyib09vpw9ZWr091Ot9O-daFfRIrK8RTSmMTNxsi5DIBKFJq-lKQGk4ZhCQDUFmCcFq0XyfQk3ICUuKaLaZDL1bMFTIVcIjE-cn_GBqH14L4MDKNrREqb8MfLqRKcdgkMsX2mCLxLN0vt6GMksTek-WNUkGOwWFyDnB7ze-CgF0yRj3OB8iDuW5w8AkoOfe1N4XhloTN_NMUBiF3wfM1L5A2XFeXATUFbQT0yRIqFOkV2UqgWbZLADWAjBaHIBEtoFoL6E-LV-m4Agc7-qp7erFF6NrpG3oHirYtRqg-tBN5OnLyQnQhanZfiNX6_hP522F7yuWNEWUSgHMAi5IAkTs-37xvy2pPy3wUruIc1ukN0XWqz3PnaQyiifUrJh_8lEoodk75ncvN8U2AjqOecS_FEIwzSkBPNMmh8gK5YlBHGojV734Zuc6BvrCp4mMybJjyHsYF6QUTzckkHFeRl7XheYyk5iphD1mIF7w_j-v1AlHd1AmAVgeYXD4kPgFHzugq9Xir5Zi93FoV3lD2V_JAsK66sCz9508uxqAyYOlVSF2dEI2EqlhJKVHKxMFMFX0tYOYPxiozp4gnjeyrA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04D1 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWp5T_O3eZLulNqyXjuwPs4q7-AcAAAAAOAHgBAI&bg=!iYqlit7NAAZGPLJIZjw7ADkAdvg8WizmXIGm-8rcJx6Ee9G_nkGTvx0vjfgMxgxogn491GlUaqXOgObc6Ms_GvzP4mQc8qz4Il8CAAACTlIAAAAEaAEHmQMVlzzdTAA6nkC72fLW5EgLvU3nSjYkZ1bqA_w9ZRRB0_BxNh9r7Tlpws8K1lkX_zhXAWQn3VaEMC_oVb0E85iSXJo3ynwmQ1P1DIP1_lp6BGmaxCQaCeYPn-vDf6GcxDb7YkfuXhcrFpfhIjqWQ2HoBM9Rj_JcWpbtE0jByqfapcjeWTZpThPWIb2lwsSXQtzjET3gbxdlYd0pygZj41V-luw56-SwLK124Rkj5ruxOWVAKhUXNe4eg0kcyB5jbuzosH32TBzF6SxyK46Hy4DcQDLOLGRnU0Iewr9xehECJLZyiqncSTbUzrzOuDmWapVZpg4xVYAhXpWtI5Aw7U07ZCAqIfv_b4b_Xqpe874KUw5NdIVQaxWk4Ju5ZTGVMwIZFefIh7iTih4h0ciB6P0X-hMZDSouvrbLkEKdQeYNN3lkuv3hN1fCffWIqpg8NxBADqKoPeS5ehE3kwye7eGN0SZunjGL2kwR7eQaPZspXNR6k-v-oxPJp6G0AJuD8PCvs43uHZm7USkhPEfnsqlFtLmbVoVAEQWe5FWRocYoU_K9muU9gwmOyuS9CeexnCLVkXZ3m987qUtIVIeOc79jfLsQhVNW-62gEsIl09ALnMSuUseBJ44B1xBwzX9chu8hEVtcGXSzhADsKQcR1Zawl5ahq00zg1hpVrVHT95qcxgD9XRcyUYO2kOvAhQ4yY_oS3Iggjznl0i61uyl1JxLbJr5tdaAoY-G60ajAryyImUAEL_NS_U7xHXO8b1AnTCUqhbh8fTFemFkIq1sDF0bEVV747cj4k874CGRwC00vA9yev_VWqN8NeocrB6m2UL-n5jyXODzt_aGuPOAB5OwIIkH2MtwG1dkC_iRH0r-A3wgL89wQ5OM_lZmT_Ry2diPVOL3Y4URH_AUSBJNTstsgVnP4-yrUipjDYj1wq5uK_k_IPaKrHQgVHZyvT-K3bJtQfqDxNRpP04Wnm949PBdKPk3amo0XQZnuo5usszxlqNv7BOAkoEFrIGedvvNpcvfSLmf8BAoiH6x_sUB44rbQuZl4QuF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6938 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAqZC_O3eZOrbM5LC9u8PgqeZgAYAAAAAOAHgBAI&bg=!mpmlmc3NAAZGPLJIZjw7ADkAdvg8WuKThugPXlVvXdylgWXysZ4qW86Tf3aRLrFHPjONw2VOS5Wxh64GFGzzTenOXN8Mp0NwuzECAAAByVIAAAAFaAEHmQNVjDaL6yvFwnwnCUu8ZOIvbkm9uU7lp2j00tPX7v44uDfBBc40QyEl2W1PDHZvcg2RFtv196erMcWPIpOBUTtKVztM2KjgWxqLAaiDjD1wR_RSyMp2TUQihHOIEnmd1ovj3J0ZKGkj32Flgaurb2gdyHGJz_PNl4jVjJra9gnau2d1oFC2cfioqmJ-l55b8FLUEXSc1Jp6zBjvKGj-A46UGbeZ3gs_srhmlyD_hMv3p7AxngMPXcO_vtSRQ87UbzSbzyGyUbiE1IfolQF3Rh6MqknhchE1JnSDmnNyP_-K1cL-5bT-9jfYIXboWq51sJtpKJ8Enf1hv9s45I3phul6aEiEyO5lZbKgqEr48CU-a_Cf-wlilE9QJlPEHKmvIdAuTev5_ykzXzDXIEooASWtxmkBsD-f3MuxAG1Q8dvg7gl22ArjSndYshMsaeLLn_rHp2W1ysXIYv_S8h3xehrhT5K9ErCE3WifzyzjRR6BMn6vjP8kU9hfmVxmedjmyK0WFIz7KabWqneASaWm4pYwAbkHzjTDNGnN5UfUK8jqbOPD4H6He8XjaM-N4Ql5nLs7IZHAtlV6EJz-ZLmSaCxqvPweMVUxydABGcD_1Yqua_MnajtuSuUZ-ZOC5B2HJQPL5y2J33Fm4lGa48hzw5bqr-NMj8zt4OLJiNKv57zsBnIKMvqdt4HxVDyXqhHqammZYALIL9d4MQT-_7_R7KUv1HMjzZlZZWXyACGXwzag4UWh4BVr180hCPGMSvAseuMtuDmBCjqG0xHq791cKKO5VJxAqyPGOuC70NvOXyGaeXG-sqn19FmykVUE7ZhMGiTIgs1T0H5ZvMyyeSjJ1VcczvNVA-CrIjOKd8ldmXIuk6q6khMh9l1-IOaeOq2lV0FDduZH4tIHN0MMsvk9ndoDfk0Ec8hHMrMoYtoqi0fvsOHDSRYg6T4PHgyRAMwU4mdH3EhSH64RfowNwrytNe_UNf0Oe3pRqj76J3njTCWd_cFzG-wo_2xJAtqqkB49QNenJew6_m_qBfOJiP0Z2zWFIqq0Fpn3RxWpirQZKB3tZNI5nnLgHwk2KYNKTmSTN3sriUJRVvtCXsIzFf7XOnK3qTZ8eJzB2kkF-WGILr_obe2JIkOIyw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3B2 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuZCI_O3eZLTlNoqI-gaNuLVgAAAAADgB4AQC&bg=!KCulK3_NAAZGPLJIZjw7ADkAdvg8Wue56KuIVY8GIbtYHgUXp9sfMFomu38RpoPIOrZsdjTxsgW5OArwPlMu6pOKVqq3Hz-3n-ACAAACJFIAAAAFaAEHCgBYxo096UFWTIKdfOpM3GJUSkeLzs_iJMm-ucW6t1zbaOZsejjH4UrHv1F3VvqB8GkMmjLcI35Sc_KjiAc2BGjPxkmClwCXbgshwoJKjfeKvYG6C0bJVZccgJkDDuaaD3xYPGFcWdvxIJgG5VP5EdfVFosoIyoqfUj-CHW0Xm-80_cL77aElYWIT4NuXhWdRR7_z2x5KJUDBwwvSnYrtoIPmLDzjB6aAt64uArryY6rAp8Pk4uZwmDLd0z7iLnehW_c8W7jKdYzpdHYTCR_Pp31U0UfmpeofKjeH3giJxL1CBwC2FLInRZ_mpeXnog6Etq6m3pFctfsDJtHKmzPoppfF1xLQBN4PwDadYtzqQg9wwqsTsleaYGSKkdc_M_9QTyhFnxQeQI4IZa7hq8aZwk-vFz4f914xyTPpE5NSbwGK_rm16p4Aj5aZ0Yw0WDPOBPF2rb0_LlKz6g9ZvYihBNqAP-EAp7JpjsudT8tgVe14PV1VhHAzCpCZbcEs-u2HCaa4l_-vWnyicvz4P3XmYg_Fvy-c75rhtep6Texxz4fzSTeFujiMOMYwaBQnRSRXXpkkXsgcnGwc0-kWTYGiOo6GfpUS9OC19pMAoqRBxynTo7pcyCoGDMkjZnSiwSphvdTO5YZqGZvbUfVTOSRvPZjU_G0kiZyCzsuCEXZWNYvrHIcX5qaNAImQe1-Ua4O_ucBuSGYlCUeW2LjwvWb7r1p5NmV26jzzi8E1UIdqSrmkUOMoIPiXxYPxM4Mcu1y0ViI2GnS823g32YxNIKGOZS8TA7e8XduHzckZjaHHIOZbyk2bOJQ5CHKdbLbZ4S9YGEuN9cWp9cHOn6n1MS861xp3RZJqmtjG2qQ8QuLKIjftmbmPKgD_xrQEe46xzT3i5DMbpKwGKjK_Tk3A0fDiywvPYtg35ljxo_pEmoqWowmF2vWP8O8yB-0DJ9PxzlxJcx_FLZp2FjarpJkIl-o9XAhfkYCaEuKzuA7Iad4SZEGOhKR2cIFVXrDhlZzJfJxchhsy0F6myPAfDG1AThqkyXGNnaj1-XNHKWoG3fYXoGCXQn1CUFpdeaG5GfzdwJmfPJtzC7NeCVtsuqZV6G8F1SXm9jCU9g6cBnnqnCqg0LrA57SYs5GCqmS9mbAhLGBLd-uPlef9Gwk5aEo

Requested by

Host: ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
URL: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E683 0
0 41ms
40ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308100101&jk=117602319255164&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 370B 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 03:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Aug 2024 03:37:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C19C 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6ctD_O3eZK-4ON2I9u8PyvaH6A8AAAAAOAHgBAI&bg=!y8ilyJzNAAZGPLJIZjw7ADkAdvg8WvzKl_7_Wov1hJY_OcPnKD5lZJJVf976d5-BAzLgC_iPJmqc5w43OJ04w_oRv4zOw22DpyMCAAABs1IAAAAGaAEHCgAdkLzTigihYfeItkK46qOnjxR1Bakx8M5fshBQqf6ZAwVlpsRIglmRIQfq_R91lLdnKr_7LlBWfbdrSLKTA47ox2FUjtTI9neXUZIDnsNcnTkcjTyztJLaQLYH8yha1l1uRlGVJOU0psCvJfJ1GYGbWC6AE-gOd_0o3vxZGCwakhdOygB6mYfxFZHaPN7du6IzdFnGN6y3KMlZyvDJLSbID3hD4yUfPeTUyZCWlYgJK0XJ5igF-VgJgVR_ZxIMQeoAWLm7kG4FlEth2zKe65GeHUY5sYY4g7f_awB2S_sqeeXY5NB3xp3Hxe7JZba2IrSvvRhacu925p2Il4d180AiarMQZasJsjg47BpuCqRJOOir8K2lsZ_KADmGrQQTzAdpstn8dTe1AA9sb88FSB0kpVUw6JCI5bqi2Jko4zocRV-ZM-CSsx_rWPFVDnlgzq6fpabYOHq-7Xa_qQqN1WXx4WmEAt2GGJfQKiEVQDHlWEtqHQYlyPL0Kt9WNZT_hrjBCggYKejjanLZKTywWDeOHb5BPMJkr5qvO30PVs33YLHOb_vxvez5USuS6Gu3K6kK5K53BFHBw6ywFosPcU5ApQZk7gdVu_JC2R5BiiPJ1oJDnnSKAw4TwOr50kXTrJ4SfrpejBFYPSiZ1--lo6EHKg5tvNsoUbKRS6LBpaREon5XXH31zSVkBxUJBOHILJKxXwaKPcG_XQkhDGxHG2LehAcr227or-Vk5oR1dyj-qN0UdZyfRbRyXAW3E_ZH7qVYMnA-cv6p5iKMckC0ZmnmnEzFnbX2_YS-hRJQBsJ9uKm7JmxQN2KMDnt4iGmRYQgIpmxtsH6wdrx3HhUJKowHJo_QT_kG7GsfqQDG3DMMHR36CEfZrhwrVli28aToHjEb6E3V4Ba05r22HdRqOcEOWfcoUgjcqzzn9aoUeJRtPOoQWFj-jwuM7X5xSuEfUmQWQG2m_Ue6jHB-weTCBPKDUoH5XN5W1e3SlcKl9irsYv7iuEMi1FY-lUm_pP3GOwRogbJ70KpeSTVfAm8ehY1Cx4dSycfQ7RGluNnUsQ6ksrScyVZvVw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B15F 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsva29Sg3pPgcEZQpxmODOJdXwfZiyYvtzcfiwIkcCE0cx9--wLNKQwier1I7dlPBbQLKgk1lljbuSLVlHUcdG_e8yEEk5-zeZJfaaYyCgl6hyO_4fWt1X_twSDvayQE1cN06zTenAmamrNj&sai=AMfl-YTbo8hEGHe53gK72_0WAFM7yfhesEZshn-YkUec0-SoAB-ESTtzssNEG4t-mq_aO6_DDXx1YzWO-2PnyOqVS_5Fjd8YOxOtduQ6hwdGWP1sjVo1NuAaXnpfw8w2eoXSMV8wCbVy8-JbwGxmcA&sig=Cg0ArKJSzAmwo6HhTyuQEAE&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&id=lidar2&mcvt=1013&p=0,0,90,728&mtos=420,1013,1013,1013,1013&tos=420,593,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1309157062&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692331516600&rpt=393&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 370B 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jaIWcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:05:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E8F3 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwE6p0Sha337YiwYjWPjombwANN6NP8Vds2BzTbTtA5k6bRba8XNUsQIyv5qA4C4cwR7ghjKeMVOQ3UwKiU0yWSMC-rhDDI5sl9UIlXB1RA9VbnT8PX2gKRqHoqqVsis3ge6BvazFcGQgF&sai=AMfl-YTAmKP-YPr0QxuFIgB3L_I_Tu2xHsuvI8VQj_RjvQ7dQZGR2mGwe0XcYV-NSYBPP134lD-Bt0LApyQTLrQMANXCgKOe7WkiJuqUpmE9y99MCBh6jSOoGD56hrHtmlO_W2q05AXnk6xJttpvOw&sig=Cg0ArKJSzCSN6_ZscePTEAE&cid=CAQSTABpAlJWKCDInKTzUQNl5lV_xbgqUm1JKwHwlSIlZ1udo5tgGNyXr0OK81GJ601KLNRL4zHbkxanEoZ4In_NJJmeXO1kXfbjFJcPbJoYAQ&id=lidar2&mcvt=1001&p=539,278,789,578&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2763825005&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692331516482&rpt=565&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4405 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8384167742134&version=m202307240101&ct=76&x=1&cor=1149130399373311000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B15F 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6768757827329&version=m202307240101&ct=76&x=1&cor=7859409463556102000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B7F5 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4731834790829&version=m202307240101&ct=76&x=1&cor=12638222213369367000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8F3 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9817522743924&version=m202307240101&ct=76&x=1&cor=16472897085382877000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308100101&jk=117602319255164&bg=!ra6lrvrNAAZGPLJIZjw7ADkAdvg8WjMMh9Z64J2g3jFZzP0rPw5xo4RuOiVnmB_maKhc2_deeriNEdUuHVVIkeFrjcpVF0HgzB0CAAAARVIAAAAEaAEHmQLBxXreOC64pCwY0z2xo3sbpePN1_y-X5j2tmQrs4h3XflePtvRifiTX1Yy9EmeflRt8lSbO4xZKIos3-cuu-Chc6vBgdV9hVfbH20ffxZrESVGa1lVJ0d4YmDWbb__9NaE0-3l-p5Ylv5V9cMkRLOkTw30sv8TiY3o4MY0Bf_rmv_wCQz-8XHMrRkdkGNoPgN6y1q3v_lV_Fls8hkyAvTpu_tx8FzM-TG4G2rEFB_bVjnhJdHUmxRpEKAafkDwzne6QRnhsNSjEKBfUj8vSpaAnprfZCKk4ZCN9ha7XI2yat9ksBSxzxxZc59UbHOaCr-X5N4cBlMoifF_8-xDLGNnEy956arpfar2OF7RPLdIB2tk-zQ1hCuEvLFf2pLbpVhj6Qmco9HsjuPJZOMPX9192AJoySgDGnzEZpyt1OWdYR4grka3n5Qyj4Ff9Jiw3OqzvNOrsZ0KOsDKifs0bNFfA-QZfa4uQYZBvyMSX9sQNNi385fljL3mDRDjOkezZO8XkF3RoCDtku7In7wJlrjYaawSm2fZBRnwdD74rA4pS2Znw6r4oFlqMJmPRHsPGJr0uLvgsOP8aujg91dtwmS5LdSYxXztPfFuxrad0Mi8EgttI-stRTsHXkzAOg19dJH3VzmxQiGpwtV5Lzkd9mRG-9TB2ZUDoj1v99dy6KsyVXh5gh7QxnFlmpMhOvWk2tHSvF2q5_iCWLRqx3zxqmJo4kAUEj-66ZY1WvveKe4JaDvY9d9q-A1_JH_aMzPbYUXeoaQpPTzy4G_C_O5ubooJjy-k8J9PcZ_KzJCerTE3Ub6srPvo_C47MxeaAWRLxQcom7VhUL9l9knMexxqP5DVY24QPNLv9rNVPqMqTszhJegQWLtGCLB71Vdt0FzoCCa-Nl1IbjFZznsh0GsJbcO6xlzenR65KLVQnHiZLr3Cu_0n
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A557 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3325702095448&version=m202307240101&ct=77&x=1&cor=3779378467800955400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7688 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4121644562631&version=m202307240101&ct=77&x=1&cor=3521504422493596700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7E2 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4032840779210&version=m202307240101&ct=77&x=1&cor=841462217446813000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 04:05:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 1B8F 5 KB
3 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/6d7052ff6df13eae564657f4b45cc79a.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 d39bc38b8e1b6d2ecf4f73f6f40ab434.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 1B8F 4 KB
4 KB 7ms
7ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/d39bc38b8e1b6d2ecf4f73f6f40ab434.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c77f9f006debdee2ec120a6349a31bf3678e42001251f2c4495b32f5fb77598f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
x-content-type-options: nosniff
age: 60947
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3654
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/7073955107534177015/fonts/ Frame 1B8F 172 KB
75 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/fonts/ibm_plex_sans_700_normal.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:38 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 05EC 5 KB
3 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:33 GMT

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/7073955107534177015/fonts/ Frame 05EC 172 KB
75 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/fonts/ibm_plex_sans_700_normal.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:38 GMT

GET
H3 200 d39bc38b8e1b6d2ecf4f73f6f40ab434.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 05EC 4 KB
4 KB 7ms
7ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7073955107534177015/media/d39bc38b8e1b6d2ecf4f73f6f40ab434.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c77f9f006debdee2ec120a6349a31bf3678e42001251f2c4495b32f5fb77598f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:09:34 GMT
x-content-type-options: nosniff
age: 60947
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3654
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:46:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:09:34 GMT

GET
H3 200 18e69e740fc2e818b3a337f11496090b.png
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 9571 13 KB
13 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/18e69e740fc2e818b3a337f11496090b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb9055d4402fa3bac664d6bc6eed253ecadbecd5a618ed1d1b23bf08a7571bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:05:02 GMT
x-content-type-options: nosniff
age: 61219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13192
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:05:02 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/6493879008008578228/media/ Frame 9571 5 KB
3 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/media/6d7052ff6df13eae564657f4b45cc79a.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:04:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:04:58 GMT

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/6493879008008578228/fonts/ Frame 9571 172 KB
75 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6493879008008578228/fonts/ibm_plex_sans_700_normal.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6493879008008578228/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61219
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:05:02 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 5 KB
3 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/6d7052ff6df13eae564657f4b45cc79a.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

GET
H3 200 2f746b2da0a7141497458aa87c51cb26.png
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 11 KB
11 KB 10ms
9ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/2f746b2da0a7141497458aa87c51cb26.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60e4d178cce4a76b62f9d8fe57b4216cc29e78e0b11ee891f029b71a03666094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:09 GMT
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:09 GMT

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/12691273737138261013/fonts/ Frame 5620 172 KB
75 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/fonts/ibm_plex_sans_700_normal.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61452
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:09 GMT

GET
H3 200 f96b1a490dda2f2b2367b9a0eb7a4039.png
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 5620 7 KB
7 KB 8ms
6ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12691273737138261013/media/f96b1a490dda2f2b2367b9a0eb7a4039.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14045b1e42485d4b7ab414732eef9cb5e242d6e348047317a6b0855bc5d07bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 11:01:05 GMT
x-content-type-options: nosniff
age: 61456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6924
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 08:45:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 11:01:05 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.a2zapk.io/	1970-01-20 23:41:31	Name: _ga_SS5VJ1BTPE Value: GS1.1.1692331515.1.0.1692331515.0.0.0
.a2zapk.io/	1970-01-20 23:41:31	Name: _ga Value: GA1.1.1085837916.1692331516
.a2zapk.io/	1970-01-20 22:51:07	Name: cf_clearance Value: MeTrLA9tMOmWdIoLiQ1dxYp36qyaydqmkMqSY5u7PpA-1692331515-0-1-86a5b163.868ae36f.d1a4ee83-0.2.1692331515
.a2zapk.io/	1970-01-20 23:27:07	Name: __gads Value: ID=c4379f39ce10f5b5:T=1692331516:RT=1692331516:S=ALNI_Mbc6NpLg3wC1fKAepsFt43TqAceKA
.a2zapk.io/	1970-01-20 23:27:07	Name: __gpi Value: UID=00000c6223729bed:T=1692331516:RT=1692331516:S=ALNI_MYnl1dLO7KH0wN_9k5BE0SdFoWAGA
.casalemedia.com/	1970-01-20 22:51:07	Name: CMID Value: ZN7t-NhJDqbxJC3DadWK0gAA
.casalemedia.com/	1970-01-20 16:15:07	Name: CMPS Value: 2187
.casalemedia.com/	1970-01-20 16:15:07	Name: CMPRO Value: 2187
.adnxs.com/	1970-01-20 16:15:07	Name: uuid2 Value: 8187655002082417196
.doubleclick.net/	1970-01-20 23:27:07	Name: IDE Value: AHWqTUkaUQmmuJ9219Vu-Llu4wk68cf1E9gcQ3gyMUSx77dyfGcW1xGKCwhfZY8C
.adnxs.com/	1970-01-20 16:15:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il`vyMI_!]tbPl1M>e)ZlrFUfJ+tGXxoaWzL1HYs?1ScO^+:c=>Y/<pHXPb#owrcV+5x3If)y3KL9D3I?-5YHUz5
.doubleclick.net/	1970-01-20 18:24:43	Name: APC Value: AfxxVi4Mmp0qYPhYCfiNnyzzfpy0TR__0iOf4KWQb0-PBZfaI5fHSA
.redintelligence.net/	1970-01-20 16:15:07	Name: 8lcfmzhxc8d6_uid Value: f9ffb2fae4559663

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://srtb.msn.com/auction Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a2zapk.com
a2zapk.disqus.com
a2zapk.io
ad.doubleclick.net
adservice.google.com
ajax.googleapis.com
cdn.contentspread.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
ee82a17730a2413ed2221b0e8eb8e0e4.safeframe.googlesyndication.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900024.redintelligence.net
hal900028.redintelligence.net
hal900030.redintelligence.net
ib.adnxs.com
pagead2.googlesyndication.com
play-lh.googleusercontent.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
srtb.msn.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
136.243.149.243
138.201.63.165
138.201.84.252
142.250.186.130
142.250.186.162
172.217.16.198
172.217.23.102
185.80.39.216
185.89.211.12
199.232.192.134
2001:4860:4802:32::36
204.79.197.203
2606:4700:20::ac43:4b79
2606:4700:3035::ac43:8d79
2606:4700::6810:3865
2606:4700::6811:190e
2a00:1450:4001:800::2006
2a00:1450:4001:803::2016
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
85.114.131.233
88.99.165.19
022a5e7f09721e9daeb038d0573f46a3acafdfd8dc6109904ecdf450f85d9547
03c3cdc21d2bff5ce75dcf0a2eff01acefe9a72463d18631dbd8e92adfb194a6
059af83c697d94f1234ab0142c52ace71912799f50d435c3a973c914fa0fa281
061dd6591dde25591931dc9470fd0bc3b63f4bf0ed8696af047f5a020c50c542
064c351cf64ddd4ac7120ad7398a6d53d5d6d28b8ab57e3926459f2fad3f9da3
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
098ae1e1a8e076a07d6eb36650c63679ed40a26637839c123288b88128e01f66
09bd45fe01671fdad5a4001b58da114cc4fbcb80280268ff6ff3c2a55fc4b0cc
09ee3a9ec1bb979ad643c44d4f4f66db3b59f63ab033efa6f47963f408ae9420
0a43e8215d7623c9aa0e1420eb35cc952a92d9784af1111e668ee5c79e4f4e3d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf9cd1267e65f4b946d11e5147ea5322fa5a1f99581f64a5d57b52e551073dd
0d06c9325c6d891f705aa524747c63186f34930d0b89738cebfa18aaa32b413b
0e084babd4353d34bffd625f8d3940438615ae5cb342b908f3717ca2e23e3d10
0fb6826010e7c2cd49aaa4d145b99763f6c5aca921a7ebbcd45b350f6ea0fa10
10c7d137c8d802161e880da81e30b751f9e338e9d4fb8bbd24419ddf1f656fd1
11a2e2c02f8299b791c0aa1f850fdaeeb48ddc9e6974f6c55a281b55ae46a0d5
11b8b4fb9f9509a15bcc1aae9d7bc3df6c99df550ecc3ec7a3fc1e5b83a1acd2
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
121d26ded0e138ec0552d7298fb338c40b0b467a50448b2bcbb9121cc1cdb0a0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14045b1e42485d4b7ab414732eef9cb5e242d6e348047317a6b0855bc5d07bd6
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1809c31a2f8cc12dd01d8adb7a6467d00044769d7d62a0565c726cb48889955b
1862caa79dc3c7272dc5ff90c7f8ca7d356005f0a4bd5d0812771305c2fb2f39
196114f36b6a99e2eb4c071504ce5b267d485c6252b09ede4e776195becaaec2
1b582acaf161db1ef436343a487e95a35a5ee579d35893ad726dce7fa4b85b4c
1e6497cbd2dcc1e87853df3e0df5f5802cd60c3ba89c5ae79824e18a15659ba4
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
1fd93de5dab28bfc6583e39bdaac6a7a4b610e0c5c9560984a4ec04f84099f99
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
23a31e5de65c32f33a5fc62d890de75b4793686fd883696dcb0da15ebd456131
2469a12844df2786fd75e6fcc5bca7093c8b01d7585bd4ca6376b2b2a2500bd4
25a09c44ecdf00f1c9e110084125735ce49e1e3ee9e631a9af960756d8a85a94
26d109dc8c72f6364a4ca1d488adc24a54db5a28074afebbe677d608b7e9976e
26ef1399edc15fddc1cf7e2fedcd2f5be0103c4c23e1c81c72d332407cefe1cb
272f2244814e649578b0ea90e4cc0ba8c97752f5ee3d6dbbb32082a1dce382fc
27686f826ed1dfe39698b13eba4ac46241a32852e3fac100dd519dde58425fd4
2925735552eb35109c7d23a42579810b5f46bad2bc1b602fd0a1aff0d215eda9
2987f8ce761dbdafa880a50e06360cb287d2db365d490eb5ef0ddfdf9d8cab45
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2ae11b8d7458ea7d87d6889e190ad6b5701aaf6072f54df327f745c997c3a0d0
2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
336451140780463825a9afcfefdc4e6e29278c430adf290c991a93b7f40bd48e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34b6fe92215687cbed1be732be428ee1b0e4b4a6af5ddb106b8857aadf6bbbab
40973a3e0be1b19f1d4a5c766421814dc51eaa807a8568e95619bebe2903473d
41d2b9e4024405dbcba3d806a1cb5f2bdcc5882d59b8ac60023b7bcb2a9e0a8a
4379a58fae27fa220743ee7deaae24348756e9533f33b5f68b65b078bc004d11
43c25479fb19fcee766eb4b4324ae44f24ce530b983299e51bfa40acc68ae5a2
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
474de49452f0af955929f1a648c110716bdcf8818545d631ada6db1fa0b7a7cb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4cd915d53edc08548146cfba94b7f759610235ea0d364e9d835023e4f9c2a19b
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a1bd531b87bf322748dbde57c9023eb9bea95bed15c35c3e06fa130443aa69
5285269c35d1500dcbd2686eb455790d6133945217bcd22ebaa42b5c30ff5e9a
52c9cce79e8b2492b54a2e15d690b83ed90889fc04097321e041ccebe47d004f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b2ee5bf0628946267ddcaf4be02035e2f89ec2d050157614a6e99e0375e94d
57bb12e0be7d9f8b609ca29da52321717febd067a55c9533d248b29ae9007a7d
5826144799f647b4f1074a120ca360fbc54b415d6303548debc5b3d6f9626f5e
5cdb2c5396bb0a74a7f4c38a37e0330c9ff64349dafca6a8a4ad27842d3623fc
5e7128eb745beeb6c800cafadeac31b112d017d0ff67b5536a2316d4e3781b7d
5ff4dc66fd6532e1fad835ddd8dd2d5bd85bf16c8446917b35cba94f9ba3fdf7
60e4d178cce4a76b62f9d8fe57b4216cc29e78e0b11ee891f029b71a03666094
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
703912524593a505b4b2e4380556ad8eb04f5bf22b2c57474f57e1928d473fac
7560081f09d7c7cc914628f0d6f9bd2f91a1c33ccd0403e130c441c607d06f33
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
78ee5a5b37a1565a279ca4eb5fca67b8433c71d2977e5f0588dc6f8778629092
7c67dc1e9ecce0d3757d97792fd606effaa6fe799ebe7423aff81e26e07900a1
7d331fb82724f45c59327c435134c753bc5a07be33b7c94b621d5401d2156fab
7dd0461220c3fe1a0946011521aa8e2160e59b4248f069b31552e15943c5478c
7f66644120c585bde10c2f1f1a08c67b198d772267d1e40c0f291b39e830f86b
80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e
8529e3fffa55b646cc22871b0910591c79802c193c45a2e6c191a7830b118787
8555fd4d9b084d0196daff5bcd75bff3931dec40f27ba33b5ab400ac9d90ceb7
856b7627332054da5d97c14110a9d32817707ce60898c83d97004a7268858d60
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
85a27fcbaeaeb55eb3c904d80ea5ed4fca6f0ca2bf7aaa056cbee3abd619803a
8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37
8f065413821906c08494a9ee618b18645e3a596b3c4b4c88f9589b94ee76b4a4
996993bfeb7cd9c381255c28e21b63f2c391ef090fe0266f016991eb8e3efdd8
9a81b5c5dba045ac530bee37ef7d1e562a6c0a6f34db17e06a1c2fb494132260
9ed4919d8289e7eef10aa9eac027a166480a0dec03cadd53a9500ddb4d1df101
9f560d70a83b256d7af9d99049284d7a1c1bbe06af13eb0a9cac5b86580a4645
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a231c8c9b85655bd11127d15c1fe0692cf75405dfb436a2614a581caf175453b
a41620a90c460d71993a408748ecc6be5bd243708f42d7289fbb45a2860dc153
a71cb45d021e8ebb5002ef6b1d6225685de15cfc2c874c5cbc41e89282389c2a
a946d6c05507146c08263b30ac32a801fa29da4c822ecee750a9ef321fa8dafe
aa300a570cc50f33f0dbe6fa43169017bb99a2518e002f72b5a445ae07f7edc7
ad0924e0461fa8f01d5588d37fae87c6e645449e70e6c7cfbc399e5c5faeabdc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b236703213487637a1eb830dd2ecb4debd01c53e5521dd1c0c1f808f7d2ba4e6
b257d5d9d3e857f54d63ff3c6139e086e5c8ca31ab501a7da4b21edd22bdf78a
b2c6e114d26c42d9a678f0a81a15c8c876fde4b711e852ce7e9735f90bdef370
b78f9af2b63768474e2dff1a73b9ad3a7a31b158cc7395afc55f86725e75a150
b937f009c5bc3f1066b51b73189ed939a054f883211fab460008ac8080d5aa17
b98ed8acb7c128aef357317a0d401ab9c18cbc05366e791c9b968e156c882e83
b9f24416dc04e9b661270520183a4080ef0bc4862be4043278716f6debe2d0ec
bb9055d4402fa3bac664d6bc6eed253ecadbecd5a618ed1d1b23bf08a7571bc8
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c6c6dd40aae49f4a05c22b99e451d3230f78086a1a65d05e243f10e13942275f
c77f9f006debdee2ec120a6349a31bf3678e42001251f2c4495b32f5fb77598f
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
d14655909420f9ebf6ead0163a23930907885e2d7392b00d5897a7b85799c89a
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d3e7c9d1d732fe534c60742d3cea93253de6f365a244b1e76628cb9ef7b4e49c
dc60e6f6e60e1cc56e2ebfc8d51811b55fc04a29e0a383dfceba765c2e870ba6
dd02b5306f49bc23613dd599506bab5a73a3f1cefb1cdfa8c08f91cb88fb427a
dd6d8c66459f7e8833acec381118440961ddd6c8f1aa8ca79a39aab3408bd3d3
de16fd70e645265335ce7453f787726ee7c95d9d379d9759eea0a48d99d28913
e37817763c084e0af5a14e4a4025b49862effe93608b0fd1644103beb518f68d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68ab091dcaac5da2cf84298622805b8a9a002137b779a0416c8358ceaded22d
e82be3fc67946ffb05d1254d420a2b4233822b0f773409264c74bdbb1289ea4b
eaaf7638b59a07a0404e97b077b179525fc9b4a0f2d5c9f397b6727bb6244c17
eb41b019613aa88688529bdb45c6496a238f4496d51e9077e2b69ba01102006a
eba7a7a39459c37cc784afeb2ef1613d0b046b4e1988984fd2f801b568cb7a08
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d0cfc322eef2504a71973cdccf2a6b0d2ed6cadf8c2ee812b0f57cfc91f49a
f23d7f84662c43e898bfbed6b3e6f633250b48e83ed7ebb1e88c8416f53d63c4
f2c6f9be096ca5105c72777c4ec0b0f66ca647ab684df53dda841f31a64884b2
f6135796cbdc91d896457d04e673761aaf6e3b54f51b8dc2162c30a523a81b64
f63d19b9a342ae543d008110fb42dad5eff8dc1166623e855b1495adeaf06d86
f86099660b15c636252f4433967ef961ee95f2b2cf4468f466b9c9b858602eb8
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
fc1f5610c96200875fb98043688653e3edeb19c69d4037823918a573eca2c9ed
fc95001c73188c9ebec45e6a66bc369f6b78cf75d3234641a7222b4b2066f0ae
ffe96b98423bb7a4e0ca465361afca090f1896831face3abdbd51365e6675c1a

a2zapk.io Open in urlscan Pro 2606:4700:20::ac43:4b79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

326 Requests

90 %HTTPS

57 %IPv6

19 Domains

31 Subdomains

30 IPs

3 Countries

3311 kBTransfer

8018 kBSize

13 Cookies

13 Outgoing links

Page URL History

Redirected requests

326 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

a2zapk.io Open in urlscan Pro
2606:4700:20::ac43:4b79 Public Scan

Screenshot
Live screenshot

Full Image

326
Requests

90 %
HTTPS

57 %
IPv6

19
Domains

31
Subdomains

30
IPs

3
Countries

3311 kB
Transfer

8018 kB
Size

13
Cookies

326 HTTP transactions
8 data transactions