welovewolves.club Open in urlscan Pro
2400:52e0:1e00::1081:1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://welovewolves.club/?bypass-cdn=1
Submission: On December 11 via api (December 11th 2023, 10:03:28 pm UTC) from US — Scanned from DE

Summary HTTP 204 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 42 IPs in 9 countries across 31 domains to perform 204 HTTP transactions. The main IP is 2400:52e0:1e00::1081:1, located in Germany and belongs to BUNNYCDN, SI. The main domain is welovewolves.club.
TLS certificate: Issued by R3 on November 26th 2023. Valid for: 3 months.

This is the only time welovewolves.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
7 12	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4 8	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	213.239.199.234 213.239.199.234	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1720	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	35.157.253.10 35.157.253.10	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2.19.244.218 2.19.244.218	16625 (AKAMAI-AS) (AKAMAI-AS)
13	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a393	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3	95.217.106.24 95.217.106.24	24940 (HETZNER-AS) (HETZNER-AS)
1	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1 2	2.23.68.89 2.23.68.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:440... 2606:4700:4400::ac40:9b32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
204	42

25 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

welovewolves.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.2 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.239.199.234 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213-239-199-234.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1720 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.253.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-253-10.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.244.218 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-218.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.229.233.6 (Brigham City, United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:1b::1724:a393 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.217.106.24 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.24.106.217.95.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.68.89 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-68-89.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b32 (United States)

ASN13335 (CLOUDFLARENET, US)

pvx.freenet-mobilfunk.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	1 MB
37	doubleclick.net 7 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139	261 KB
25	welovewolves.club welovewolves.club	1 MB
18	revjet.com ads.revjet.com — Cisco Umbrella Rank: 6785 cdn.revjet.com — Cisco Umbrella Rank: 6853 pix.revjet.com — Cisco Umbrella Rank: 5801	765 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	227 KB
9	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 229 cdn.adnxs.com — Cisco Umbrella Rank: 1605 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997	32 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	4 KB
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	81 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 60	13 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	319 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	228 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 13930	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563 static-de.ad4mat.net — Cisco Umbrella Rank: 192580	1012 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	725 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 780	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	598 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 711	98 B
1	freenet-mobilfunk.de pvx.freenet-mobilfunk.de — Cisco Umbrella Rank: 305483	1020 B
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	327 B
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4453	32 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	187 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	50 KB
204	31

	Domain	Requested by
30	pagead2.googlesyndication.com	welovewolves.club pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
26	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net welovewolves.club
25	welovewolves.club	welovewolves.club
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com welovewolves.club googleads.g.doubleclick.net
13	cdn.revjet.com	ads.revjet.com srcdoc
12	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
5	www.bing.com	2 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	welovewolves.club googleads.g.doubleclick.net
5	www.google.com	1 redirects welovewolves.club tpc.googlesyndication.com googleads.g.doubleclick.net
4	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	ib.adnxs.com	googleads.g.doubleclick.net
3	pix.revjet.com	srcdoc googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	welovewolves.club googleads.g.doubleclick.net
3	www.googletagmanager.com	welovewolves.club www.googletagmanager.com
2	www.awin1.com	1 redirects as.ad4m.at
2	dis.criteo.com	googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	um.simpli.fi	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	ads.revjet.com	googleads.g.doubleclick.net ads.revjet.com
2	ad.doubleclick.net	googleads.g.doubleclick.net srcdoc
2	www.google.de	welovewolves.club
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ads.travelaudience.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	pvx.freenet-mobilfunk.de	as.ad4m.at
1	pv.medialead.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	cdn.adnxs.com	googleads.g.doubleclick.net
1	adsdk.microsoft.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	welovewolves.club
1	s0.2mdn.net	googleads.g.doubleclick.net
1	region1.analytics.google.com	www.googletagmanager.com
204	47

This site contains links to these domains. Also see Links.

Domain
store.welovewolves.club
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
welovewolves.club R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://welovewolves.club/?bypass-cdn=1
Frame ID: AEC6AA213B5395D72A1A65B137D336F7
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup.html
Frame ID: 65F76F0A39C2C75069D5198AC0685172
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&adk=1812271804&adf=3025194257&lmt=1702332204&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332204090&bpp=7&bdt=332&idt=221&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5599824519156&frm=20&pv=2&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=240
Frame ID: 4EC396E3067A88083806FA7CCC8F5C07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=2293688473&adf=1133003084&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702332204&rafmt=1&to=qs&pwprc=2144566648&format=1200x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332204097&bpp=1&bdt=339&idt=240&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=242
Frame ID: F80D29446EC089F790593A6A05EA6C47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4
Frame ID: 60851A856C93AA88647B3A19F12C350F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3093830012~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=1&bdt=1472&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12
Frame ID: B0D40042F05CBC3F26FDAFC2A95E60A8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F430F67B7B9F41BE942EE1F808741EC4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4ECA321C12385ED647B20499D750B889
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
Frame ID: B73D2C964C12E95766085D7403D5D433
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 67FB448AA1B2423DAF0FF9F8CCFFCEAC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3CCD0F803C807AD1D8978F00E8A70848
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
Frame ID: B81A0352592DF09E6B89881A81A02758
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJbH7PgBMAE&v=APEucNXyzbqYY2DE93Uj0sTwsgaNHJbciAXw8ut0qVXLHcs8ibZyEhsGUwUBOVDhUgYh-8SXsbgXARnp4LaehUQQ2dy8SL-emy94h2YQfxFdDc4z88HRjGrtyp12EHD2XoGlZih_B6OyXSUoXmAIFI9QuJWWCYpb7Z6ab6uVrrrkzD9YD8GoakU
Frame ID: DB7CB1F8D239BDB4DDEE66751DF5D5B9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Frame ID: C1F4DAA94426B75BDAB2902DB7EC417D
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A77608A18C651244FBC6BB824A5D26AB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNXvupZmgD7KhNDkmIihuVaSRleDWOCh6JHawwbaSwMHIXjwo6lIMVhcEi3bpGpYpc7BgkzdJyBKaosowxTCpvp74-Xq0AG3wGcmvliybceX6D5M14DJmaKLaR-A24L5n0dW6uLbHQ95Z1m9PbEWKGxpC9ZZLo5yRqgtbjXIO286ybLuIgc
Frame ID: 7D9109EDFA6AACC92EB7AC4BAFB98A0C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8643E7FA60E369AADC0A351C69B3FC9F
Requests: 17 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: BCED4B020BDDE56D0E0C0F6F2992B106
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AA6D9E44FF448DF8D0E6322D800E58E1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: F3C543726ECB2556622EB839A4C4DE68
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: F6949A327825F8F37AA756D8FF907FCD
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jtsk8pb6qmn8x6mx9j7ds5t3zyjgdapmnqaypwzg84whdp29qk1rdvmfxvyjg9wbdve3n1jbcwptk5wpqk66rceh254pnja8jdgdvsnyvnasttpxy8r9r0fmqh28jfecsxwtg5vwdcr4x34gd54dkd7zn8zt1zgbess0kyx8s48bh2m6rkvgd2smdnvd7sv97g8a4a8tj82dq7rdqh9rcxbawmkyteyfztfhzr6bbrcdema8k21tpvfajxkf9z94xb0m9wepv69a5h2vw97tjrazcqc4fsgghshdwnz75y4sbdsnkphzaz7j5trfpm7fcw1pcayhznnh7c1xvvemma6nmazfbcxj5b2qv6gqk876zf5h05f7yaxmn8g3ervhm7xn13k497y4qypf5099zwnppg093ex08ycrevtzzgsqz5534&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%26client%3Dca-pub-1870775526215126%26adurl%3D
Frame ID: 7925A5215A594878FEB34632C5603AB5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js
Frame ID: 85CD0CDB4278372C61BD30E57FCF1832
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8AEF2C511E46C764FE080D9B8A188FD8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6BEE0ADC7DEB98D75EEF23EC34C3FDA2
Requests: 3 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 2494089A1CEAC6C0C9EA955955681DF9
Requests: 15 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Frame ID: 11D2274A15754D2897F0DE0F67DEA080
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: FC5B90F7218E5425DE2F339759770BF4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Frame ID: 16BFC09C94C3E2BBE91FC1E1D737B4E3
Requests: 15 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Frame ID: F509F4826D8C73920A7F2477C69CF247
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B5EDAB861EDBA647BAFF91158403865F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

We Love Wolves Blog – We Love WolvesSearchFacebookTwitterInstagramYouTubeToggle MenuContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueContinueNextFacebookTwitterInstagramYouTubeToggle Menu CloseSearch

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

204
Requests

93 %
HTTPS

53 %
IPv6

31
Domains

47
Subdomains

42
IPs

9
Countries

4979 kB
Transfer

8319 kB
Size

28
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://store.welovewolves.club/
Title: Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/welovewolvespage/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/welovewolves
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/welovewolvesinsta/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC3vXoAa8jPHi86yz6NBF_bQ
Title: YouTube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGCzR_CBJDOZoNF-XiBqcQg&google_cver=1

Request Chain 89

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXeHLU06BrSIxhOCmm667QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMF4YJxZlj82lhe4GswkQR0&google_cver=1

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1

Request Chain 103

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXeHLSDUVcVy34E9zAv9GwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMF4YJxZlj82lhe4GswkQR0&google_cver=1

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 127

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDkPaIxm7Yfti82GFXk8gpw&google_cver=1&google_push=AXcoOmTDBSIo6EXScVxe6feFsPlNw8O9qgocX_-0CdL2KBG6d_u62XBsv4YGo2wvT3kHm-XxprTX1O5KKXfBpn4OkccqwYI6ounnXfQpT28bagP3tw-oBEDaP12nwe9libPW0Wz_bM-jOqXev6p9yWpWhS2U9Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTDBSIo6EXScVxe6feFsPlNw8O9qgocX_-0CdL2KBG6d_u62XBsv4YGo2wvT3kHm-XxprTX1O5KKXfBpn4OkccqwYI6ounnXfQpT28bagP3tw-oBEDaP12nwe9libPW0Wz_bM-jOqXev6p9yWpWhS2U9Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDkPaIxm7Yfti82GFXk8gpw&google_cver=1&google_push=AXcoOmTDBSIo6EXScVxe6feFsPlNw8O9qgocX_-0CdL2KBG6d_u62XBsv4YGo2wvT3kHm-XxprTX1O5KKXfBpn4OkccqwYI6ounnXfQpT28bagP3tw-oBEDaP12nwe9libPW0Wz_bM-jOqXev6p9yWpWhS2U9Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTDBSIo6EXScVxe6feFsPlNw8O9qgocX_-0CdL2KBG6d_u62XBsv4YGo2wvT3kHm-XxprTX1O5KKXfBpn4OkccqwYI6ounnXfQpT28bagP3tw-oBEDaP12nwe9libPW0Wz_bM-jOqXev6p9yWpWhS2U9Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 128

https://um.simpli.fi/gp_match?google_gid=CAESEGcTmbienpuJpNJgEjwYcf4&google_cver=1&google_push=AXcoOmTmA5iKWaJ1LOaBhly1y0dS4RfewwuxjdCz_cRcO3e90Btjzgpn7bR3ciZKfC8yTIR3xUuWhkTPOOrI01uIDzMHcaPIXqgxrpY8Kfex9bazJ-ifPILiVSCsRRfbFu3Plh5Np9_ei_AerkqTuqwwVQg8_w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAACB0D3F5F74FA09C494417A5431454&google_push=AXcoOmTmA5iKWaJ1LOaBhly1y0dS4RfewwuxjdCz_cRcO3e90Btjzgpn7bR3ciZKfC8yTIR3xUuWhkTPOOrI01uIDzMHcaPIXqgxrpY8Kfex9bazJ-ifPILiVSCsRRfbFu3Plh5Np9_ei_AerkqTuqwwVQg8_w

Request Chain 154

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=762b3ac5-e219-4869-9045-5dac0d1fd7da&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=13132c1a-06e0-45c3-82db-07545b9a142c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%2824-0%29%3F%26RG%3D48874735429f45ca919e37b6d0aa6510%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_cp_i1&aid=889852586169166328&wp= HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(24-0)?&RG=48874735429f45ca919e37b6d0aa6510&SNR=1&GV=2&med=10

Request Chain 180

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRGoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702332206_1c072226-9871-11ee-a9f2-22382f104756

Request Chain 184

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJnhu4LVRGKzC68L-KhfPBY&google_cver=1&google_push=AXcoOmSEFPEhY_7c34IyRtZhARyk1PWEHPFNO7zrB2x8FNCPhIzWjTTby_XCh1o32-fttRVDV-3-tT4KKpInyjTN5Doj_oVga5RdmbTCcJUdKMmz-Az7oqzFGWrTuk60GaXH8TKCFxSAPexRdR1HEWWqFEa8960 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUyOTg1MTE3ODM4OTAxMjI0Mg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJnhu4LVRGKzC68L-KhfPBY&google_cver=1

Request Chain 186

https://um.simpli.fi/gp_match?google_gid=CAESEHV_PQUrv_Sk6CmIAc1eLfM&google_cver=1&google_push=AXcoOmS4tdk8SVJ-BwD_d-52LqjX8nas4b4FKd0hWK-5PgohMmCijGK7UDokOdNGypr3RF7u6Fggg7ROrI0o8T2cud20P3p6XWnA8swnCTBRWK95AJqAJSo7RcISZ1tnKBmT9gr9yWsh5_GE9hObobL1fiN2aZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAACB0D3F5F74FA09C494417A5431454&google_push=AXcoOmS4tdk8SVJ-BwD_d-52LqjX8nas4b4FKd0hWK-5PgohMmCijGK7UDokOdNGypr3RF7u6Fggg7ROrI0o8T2cud20P3p6XWnA8swnCTBRWK95AJqAJSo7RcISZ1tnKBmT9gr9yWsh5_GE9hObobL1fiN2aZE

Request Chain 189

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEVQb0hwW4ejzNdXhRPZAzo&google_cver=1&google_push=AXcoOmRbU9QDu0mTIlMs7fPUo5bfSNiP83i-Cs_Hr_ms6DKE6icXLH9j6rnkx1jLZGn_Qow7RMlKEBEpDq4Vwmj7N5brF0Li8-Uwe6KSOjqty8pvhsRCEJ2ElPv9l19Rp8SIscOfwHeTCRF3i5UN4x6RgO9eog HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ahzSFCzZStgQvh3t5E3kbA&google_push=AXcoOmRbU9QDu0mTIlMs7fPUo5bfSNiP83i-Cs_Hr_ms6DKE6icXLH9j6rnkx1jLZGn_Qow7RMlKEBEpDq4Vwmj7N5brF0Li8-Uwe6KSOjqty8pvhsRCEJ2ElPv9l19Rp8SIscOfwHeTCRF3i5UN4x6RgO9eog

Request Chain 197

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=762b3ac5-e219-4869-9045-5dac0d1fd7da&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=13132c1a-06e0-45c3-82db-07545b9a142c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D48874735429f45ca919e37b6d0aa6510%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_cp_i1&aid=889852586169166328&wp= HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=48874735429f45ca919e37b6d0aa6510&tids=1&med=10

204 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
welovewolves.club/ 111 KB
20 KB 1015ms
977ms Document
text/html 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

6f7cbe6a6a0350070440a0c5cc0ac998bf39c62fa63b65ec995a86279a42daa1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
cdn-cache: BYPASS
cdn-cachedat: 12/11/2023 22:03:23
cdn-edgestorageid: 1082
cdn-proxyver: 1.04
cdn-pullzone: 1353075
cdn-requestcountrycode: DE
cdn-requestid: 6ce56c583c5345155b9a5f2b9d6d584c
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 11 Dec 2023 22:03:23 GMT
link: <https://welovewolves.club/wp-json/>; rel="https://api.w.org/"
server: BunnyCDN-DE1-1081
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 style.min.css
welovewolves.club/wp-includes/css/dist/block-library/ 93 KB
15 KB 13ms
11ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.4

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 11/02/2023 18:47:11
cdn-pullzone: 1353075
last-modified: Sat, 20 May 2023 14:36:43 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6468dafb-1732d"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 8f6ee2dac956331f1470f92c4359a4b0
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 classic-themes.min.css
welovewolves.club/wp-includes/css/ 217 B
900 B 33ms
32ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 11/02/2023 18:47:11
cdn-pullzone: 1353075
last-modified: Fri, 04 Nov 2022 15:26:53 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63652f3d-d9"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 6481d993f029a83c8270ccd09d1b624b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 styles.css
welovewolves.club/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 8ms
7ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 05:12:16
cdn-pullzone: 1353075
last-modified: Wed, 31 May 2023 14:45:25 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"64775d85-b2b"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 2316476d3b2eca6cc93ebfbb31789998
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 global.min.css
welovewolves.club/wp-content/themes/kadence/assets/css/ 19 KB
6 KB 14ms
14ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.31

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 11/02/2023 18:47:11
cdn-pullzone: 1353075
last-modified: Mon, 23 Jan 2023 09:19:23 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63ce511b-4bb7"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: c5fecec7d7d3715a42db7a51caf525c5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 header.min.css
welovewolves.club/wp-content/themes/kadence/assets/css/ 27 KB
6 KB 9ms
8ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.31

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 12/08/2023 22:02:11
cdn-pullzone: 1353075
last-modified: Mon, 23 Jan 2023 09:19:23 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63ce511b-6c84"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 1a181892c101731de366e0569dd60c6b
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 content.min.css
welovewolves.club/wp-content/themes/kadence/assets/css/ 32 KB
7 KB 10ms
9ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.31

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 11/02/2023 18:47:11
cdn-pullzone: 1353075
last-modified: Mon, 23 Jan 2023 09:19:23 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63ce511b-7fcd"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: afbfa89d7a343a68be6dab1eda377f5e
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 footer.min.css
welovewolves.club/wp-content/themes/kadence/assets/css/ 18 KB
3 KB 11ms
10ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.31

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 12/08/2023 22:02:11
cdn-pullzone: 1353075
last-modified: Mon, 23 Jan 2023 09:19:23 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"63ce511b-49c0"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000
cdn-requestid: 568805a24c502f8b96b8781801fddc90
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 47ms
26ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-100410125-1

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6925c37beb5cd101abb3f8c2d87b58915fda304a97ef6ec978eb1ec471c60d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68963
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Dec 2023 22:03:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 184 KB
185 KB 72ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1870775526215126&host=ca-host-pub-2644536267352236

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a18847464e3aaf21065e9e7ffce0cf2ec5ac03c9799a6ed0d0463c96d9f9b9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovewolves.club/
Origin: https://welovewolves.club
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 188921
x-xss-protection: 0
server: cafe
etag: 426881152232858054
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:03:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 642 B
598 B 35ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:regular,700%7CRubik:700&display=swap

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

900c064667e28c705ad2be69c21d56ae970546beab96bd721a85a27eea62fb43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 11 Dec 2023 22:03:23 GMT

GET
H2 200 wp-emoji-release.min.js Show response
welovewolves.club/wp-includes/js/ 18 KB
6 KB 12ms
12ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.4

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 12/08/2023 22:02:11
cdn-pullzone: 1353075
last-modified: Thu, 20 Oct 2022 10:58:23 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"635129cf-48b9"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: dc23eb4a6d001c31a128dab2dbc662e2
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RJ1MXGPJPF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100410125-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e99bcf98f47326f9a0b5c74930d797a3d3e3a1491ae4d698d62ccb7e1025c397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81770
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 22:03:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100410125-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 21:22:27 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2456
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Dec 2023 23:22:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
80 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-WB5DRJ2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-100410125-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9849846c7a01fd5f4bfa25977c5b71e9c0cb5c6641ce4ba87f17d883cde4fa82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81753
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 22:03:23 GMT

GET
H2 200 Positive2.png
welovewolves.club/wp-content/uploads/2021/08/ 37 KB
38 KB 9ms
7ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2021/08/Positive2.png

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

93eab9366d31cc71d2a27c14b0b2946e8fdaac0973d6841a4111a241b91a189a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 11/02/2023 18:47:11
cdn-pullzone: 1353075
content-length: 38383
last-modified: Thu, 20 Oct 2022 11:59:19 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "63513817-95ef"
x-frame-options: SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: db96fd5bfe0e2f0a031d52eef36821f3
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Screen-Shot-2023-10-05-at-7.37.32-AM-768x431.jpg
welovewolves.club/wp-content/uploads/2023/10/ 71 KB
71 KB 10ms
9ms Image
image/jpeg 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2023/10/Screen-Shot-2023-10-05-at-7.37.32-AM-768x431.jpg

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

eb1c6dfc10537497d3a4a7481eb85b9fca99fb72a39ce04c4b04c2a1561e3cd5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 10/06/2023 07:59:14
cdn-pullzone: 1353075
content-length: 72234
last-modified: Thu, 05 Oct 2023 11:42:04 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "651ea10c-11a2a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 3a04a33bdf5dacf951eada47f4ce2206
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lP.ttf
fonts.gstatic.com/s/karla/v31/ 26 KB
17 KB 40ms
15ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lP.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:regular,700%7CRubik:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5366cb9693295f3a5b3139c2019e453ce7b13618768cfd53f534135bfb95d9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://welovewolves.club
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 18:31:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17145
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 18:31:38 GMT

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTDH52aE0lP.ttf
fonts.gstatic.com/s/karla/v31/ 26 KB
17 KB 32ms
7ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTDH52aE0lP.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:regular,700%7CRubik:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51ac6181d4f3f2c537c5761f642158c593b61f0fbb57675ba1340603f148cbdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://welovewolves.club
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Fri, 08 Dec 2023 23:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17319
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:41:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 23:00:26 GMT

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0Uw.ttf
fonts.gstatic.com/s/rubik/v28/ 47 KB
25 KB 34ms
9ms Font
font/ttf 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0Uw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:regular,700%7CRubik:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd824ca47370640d99212636ddd97cbe07c530e398ee7806fef090abbdb8b433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://welovewolves.club
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 05:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25871
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:07:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 05:30:21 GMT

GET
H2 200 Wolves-Trivia-768x432.jpg
welovewolves.club/wp-content/uploads/2023/09/ 51 KB
52 KB 19ms
17ms Image
image/jpeg 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2023/09/Wolves-Trivia-768x432.jpg

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a7c5e3b9bd5fab03d8efdf7885f4fbd4c2bafdafc35bcaa97291e823d641d270

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 09/11/2023 21:56:09
cdn-pullzone: 1353075
content-length: 52351
last-modified: Mon, 11 Sep 2023 10:03:26 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64fee5ee-cc7f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 27f3d11790fa7bfd73b0527c6d3753b3
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Alexander-Archipelago-Wolf-Trivia-768x432.jpg
welovewolves.club/wp-content/uploads/2023/09/ 66 KB
67 KB 431ms
429ms Image
image/jpeg 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2023/09/Alexander-Archipelago-Wolf-Trivia-768x432.jpg

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a2e1e1d8f6d2d84122d848d7db02a324a80b4a40c4c892b3d653ade0a177fd27

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:24 GMT
cdn-edgestorageid: 1081
cdn-cachedat: 12/11/2023 22:03:24
cdn-pullzone: 1353075
content-length: 67992
last-modified: Mon, 11 Sep 2023 11:32:02 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64fefab2-10998"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: MISS
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: f1932f8af96f0715ca4703c93442e9bd
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Eastern-Wolf-Trivia-768x432.jpg
welovewolves.club/wp-content/uploads/2023/09/ 71 KB
72 KB 12ms
10ms Image
image/jpeg 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2023/09/Eastern-Wolf-Trivia-768x432.jpg

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

b35f4e21f3254008cb06cf756ce16f29a6f30df77c3129ac4ada5dfe46ccd1f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 09/11/2023 21:56:09
cdn-pullzone: 1353075
content-length: 72842
last-modified: Mon, 11 Sep 2023 11:32:02 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64fefab2-11c8a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 1d6d1a0155f4998dd1f3bf2137103e12
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Arctic-Wolf-Trivia-Game-768x432.jpg
welovewolves.club/wp-content/uploads/2023/09/ 31 KB
31 KB 10ms
9ms Image
image/jpeg 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2023/09/Arctic-Wolf-Trivia-Game-768x432.jpg

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

f13b1f1ccb620c828ce5c2e97a86c492f47b744a6fbf92fa07c34a50eb0d2945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 09/11/2023 21:56:09
cdn-pullzone: 1353075
content-length: 31399
last-modified: Mon, 11 Sep 2023 11:33:09 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64fefaf5-7aa7"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 86fcdcb2953fa24188fcf9bc3be51a27
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Northwestern-Wolf-Trivia-768x432.jpg
welovewolves.club/wp-content/uploads/2023/09/ 56 KB
57 KB 9ms
8ms Image
image/jpeg 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2023/09/Northwestern-Wolf-Trivia-768x432.jpg

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

33132c478940a5b241e07cdb26d0f28c6cfb17d17c0276cd87ea3863cb2a3dde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 09/11/2023 21:56:09
cdn-pullzone: 1353075
content-length: 57400
last-modified: Mon, 11 Sep 2023 11:32:02 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64fefab2-e038"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 1da040d1b5737d94721ecdda5a8addd8
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Eurasian-Wolf-Trivia-768x432.jpg
welovewolves.club/wp-content/uploads/2023/09/ 36 KB
37 KB 18ms
16ms Image
image/jpeg 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2023/09/Eurasian-Wolf-Trivia-768x432.jpg

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

3362ad234c6da8ce5f7db4d53504f1b909c258b2028abdb6709c6a14df627138

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 09/11/2023 21:56:09
cdn-pullzone: 1353075
content-length: 37035
last-modified: Mon, 11 Sep 2023 11:32:02 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64fefab2-90ab"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: e732384ee6c326a496cdcee073864470
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Indian-Wolf-Trivia-768x432.jpg
welovewolves.club/wp-content/uploads/2023/09/ 30 KB
30 KB 17ms
16ms Image
image/jpeg 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2023/09/Indian-Wolf-Trivia-768x432.jpg

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

48106a711ba6b8469395c27723713c37f2076fbb68e3c6a458f0647bced65c38

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 09/11/2023 21:56:09
cdn-pullzone: 1353075
content-length: 30423
last-modified: Mon, 11 Sep 2023 11:32:01 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "64fefab1-76d7"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 4a16a83e96ce61fdbcc780bc7f45432a
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 14ms
14ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1698558509&t=pageview&_s=1&dl=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ul=en-us&de=UTF-8&dt=We%20Love%20Wolves%20Blog%20%E2%80%93%20We%20Love%20Wolves&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=1419246429&gjid=1139934436&cid=1719194481.1702332204&tid=UA-100410125-1&_gid=361710279.1702332204&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=942710591

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://welovewolves.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welovewolves.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 black-wolf-768x511.jpg
welovewolves.club/wp-content/uploads/2023/01/ 79 KB
80 KB 8ms
7ms Image
image/jpeg 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2023/01/black-wolf-768x511.jpg

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

e89ea0d080365119977aa1b54759cdbf8c2010746cfcecb1960be67abae7c78d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 07/02/2023 16:51:13
cdn-pullzone: 1353075
content-length: 81111
last-modified: Sun, 01 Jan 2023 20:57:26 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63b1f3b6-13cd7"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: b155a0e34f16628bbe546caf6600c09f
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 wolf-in-nature-768x512.jpg
welovewolves.club/wp-content/uploads/2022/12/ 118 KB
118 KB 9ms
9ms Image
image/jpeg 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2022/12/wolf-in-nature-768x512.jpg

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a8f924bbc3f381636d98cfff0cb411053b4bbbf78ada2b499f8ef8f087c7b179

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 17:15:14
cdn-pullzone: 1353075
content-length: 120372
last-modified: Wed, 21 Dec 2022 01:45:45 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "63a26549-1d634"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: e472d028fe2392b332bda305d5f2040a
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Screen-Shot-2022-10-12-at-11.08.23-AM-768x471.png
welovewolves.club/wp-content/uploads/2022/10/ 572 KB
573 KB 12ms
11ms Image
image/png 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2022/10/Screen-Shot-2022-10-12-at-11.08.23-AM-768x471.png

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

f0125e3b0134cc123d18987c208c2266ad12de3f298c91ec7a40b38b9d25f3c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 07/02/2023 16:51:13
cdn-pullzone: 1353075
content-length: 585875
last-modified: Thu, 20 Oct 2022 11:59:10 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6351380e-8f093"
x-frame-options: SAMEORIGIN
content-type: image/png
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 1378fd753fbf7bbae8d68248127d4e22
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 wolf-768x513.jpeg
welovewolves.club/wp-content/uploads/2022/08/ 58 KB
58 KB 9ms
9ms Image
image/jpeg 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://welovewolves.club/wp-content/uploads/2022/08/wolf-768x513.jpeg

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

650786bcf4f941b13370042a766dbbd1995e3524e0046b620c29deb379fa65ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 17:15:13
cdn-pullzone: 1353075
content-length: 59130
last-modified: Thu, 20 Oct 2022 11:59:09 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6351380d-e6fa"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 53c0dc11d06e6422f801dff1c8c034d2
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RJ1MXGPJPF&_ono=1&gtm=45je3bt0v9112148127&_p=1702332203794&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1719194481.1702332204&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1702332203&sct=1&seg=0&dl=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&dt=We%20Love%20Wolves%20Blog%20%E2%80%93%20We%20Love%20Wolves&en=page_view&_fv=1&_ss=1&tfd=1211
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RJ1MXGPJPF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welovewolves.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 58ms
19ms Ping
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-RJ1MXGPJPF&cid=1719194481.1702332204&gtm=45je3bt0v9112148127&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RJ1MXGPJPF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welovewolves.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 41ms
17ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-RJ1MXGPJPF&cid=1719194481.1702332204&gtm=45je3bt0v9112148127&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=897428966

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-100410125-1&cid=1719194481.1702332204&jid=1419246429&gjid=1139934436&_gid=361710279.1702332204&_u=YGBACUAABAAAACAAI~&z=862878536

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://welovewolves.club/
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 11 Dec 2023 22:03:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://welovewolves.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.js Show response
welovewolves.club/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
4 KB 9ms
9ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 07/07/2023 05:12:17
cdn-pullzone: 1353075
last-modified: Wed, 31 May 2023 14:45:25 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"64775d85-2801"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 9f6142ab16bac3c328ab064bdd08ca98
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 index.js Show response
welovewolves.club/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 18ms
17ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 11/29/2023 21:58:14
cdn-pullzone: 1353075
last-modified: Wed, 31 May 2023 14:45:25 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"64775d85-328f"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 226b9002d8ff966e7f24f2a3d650b62e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 navigation.min.js Show response
welovewolves.club/wp-content/themes/kadence/assets/js/ 21 KB
6 KB 7ms
7ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://welovewolves.club/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.31

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/?bypass-cdn=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:23 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-cachedat: 07/07/2023 05:12:17
cdn-pullzone: 1353075
last-modified: Mon, 23 Jan 2023 09:19:23 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"63ce511b-543e"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 413adab1-c8d3-480c-b64f-f1e6e8e8f466
cache-control: public, max-age=31536000
cdn-requestid: 49cc08b46b3d08ef18c954db31461e93
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 40ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100410125-1&cid=1719194481.1702332204&jid=1419246429&_u=YGBACUAABAAAACAAI~&z=2064460054

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-100410125-1&cid=1719194481.1702332204&jid=1419246429&_u=YGBACUAABAAAACAAI~&z=2064460054

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 458 KB
458 KB 64ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama.js?client=ca-pub-1870775526215126&plah=welovewolves.club

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1870775526215126&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a911d00cf9bae444cd4c844a65fca6e8d079337a0456e36dedc5a6e7cf636a26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:24 GMT
x-content-type-options: nosniff
server: cafe
etag: 16704641264690964787
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469327
x-xss-protection: 0
expires: Mon, 11 Dec 2023 22:03:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 65F7 10 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1870775526215126&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovewolves.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 62321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 04:44:43 GMT
etag: 14902866265712643852
expires: Mon, 25 Dec 2023 04:44:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4EC3 516 KB
175 KB 701ms
701ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&adk=1812271804&adf=3025194257&lmt=1702332204&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332204090&bpp=7&bdt=332&idt=221&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5599824519156&frm=20&pv=2&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=240

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama.js?client=ca-pub-1870775526215126&plah=welovewolves.club

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1be5c00c4748de2de674b71af59a7cf0060673953caee9d24e3826d4cc40fe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovewolves.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 178485
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:03:25 GMT
expires: Mon, 11 Dec 2023 22:03:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F80D 730 B
641 B 553ms
553ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=2293688473&adf=1133003084&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702332204&rafmt=1&to=qs&pwprc=2144566648&format=1200x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332204097&bpp=1&bdt=339&idt=240&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=242

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90aa8105602fac230b09110c709bec96885e62bdcbfa876d1d2b6fa4e694a883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovewolves.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:03:24 GMT
expires: Mon, 11 Dec 2023 22:03:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 56ms
56ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ef37de34244f627f95f6478562a1153c64bdfd03a51125a0e4ee7654f10582b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11962
x-xss-protection: 0

GET
H3 200 reactive_library.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 190 KB
190 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ba56d2d49f34187487e370afc0207fa941eaf8586b6c39cb390e70b54fca447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
server: cafe
etag: 11843540233875606921
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=1209600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 194076
x-xss-protection: 0
expires: Mon, 11 Dec 2023 22:03:25 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6085 57 KB
22 KB 627ms
627ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6521ed5ca6b8cb0dbf0fb8571e37b8497cb888005c615bbb0b0d3f83fa7449d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovewolves.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:03:25 GMT
expires: Mon, 11 Dec 2023 22:03:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B0D4 46 KB
18 KB 540ms
539ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3093830012~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=1&bdt=1472&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c49ea72eb719dc487321fbf87c2f54313d67fabad62f9cb7cbe66700eeb1216b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovewolves.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 18326
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:03:25 GMT
expires: Mon, 11 Dec 2023 22:03:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44808454&hl=en&pvc=1761861794546958

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=1200&eid=44787782&pos=UNKNOWN_POSITION&vpt=DESKTOP&pvc=1761861794546958

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 69ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 22:03:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F430 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovewolves.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:36:38 GMT
expires: Tue, 10 Dec 2024 16:36:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4ECA 829 B
985 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee945c54dff07802e81a7d57d7cb271e7b7deaeb9c868594ccefe22cfa19ac82

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-X8GwcRbfDi7p9zm61kbMtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://welovewolves.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'nonce-X8GwcRbfDi7p9zm61kbMtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:03:25 GMT
expires: Mon, 11 Dec 2023 22:03:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F430 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 11:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 11:45:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4ECA 0
0 41ms
41ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1761861794546958&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: FreshStoreAva/1.0

Response headers

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame B73D 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovewolves.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 61467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 04:58:58 GMT
etag: 14902866265712643852
expires: Mon, 25 Dec 2023 04:58:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 67FB 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovewolves.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 61467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 04:58:58 GMT
etag: 14902866265712643852
expires: Mon, 25 Dec 2023 04:58:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 3CCD 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovewolves.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 61467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 04:58:58 GMT
etag: 14902866265712643852
expires: Mon, 25 Dec 2023 04:58:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame B81A 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://welovewolves.club/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 61467
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 04:58:58 GMT
etag: 14902866265712643852
expires: Mon, 25 Dec 2023 04:58:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame B73D 400 B
302 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2653eac85c0e5d5cd119bcf4245d02143d64f5b2eac7aba62f73dc94424111f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 11 Dec 2023 22:03:25 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B73D 205 B
295 B 33ms
8ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Sun, 10 Dec 2023 23:43:31 GMT
x-content-type-options: nosniff
age: 80394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 09 Dec 2024 23:43:31 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B73D 604 B
1 KB 32ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 20:12:22 GMT
x-content-type-options: nosniff
age: 6663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 10 Dec 2024 20:12:22 GMT

GET
H3 200 fullscreen_api_adapter.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame B73D 26 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afe89fe2627e2661d781a84f97d6756b1c3918e34c1c19602192ffbd96d14c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10128
x-xss-protection: 0
server: cafe
etag: 1070317485174665276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 04:31:49 GMT

GET
H3 200 interstitial_ad_frame.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame B73D 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6689f5194509eaf1423dab888f54a0b30278820c9272e7e5849d7e046689cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 04:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13246
x-xss-protection: 0
server: cafe
etag: 5770450008647702631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 04:31:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DB7C 624 B
300 B 49ms
49ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJbH7PgBMAE&v=APEucNXyzbqYY2DE93Uj0sTwsgaNHJbciAXw8ut0qVXLHcs8ibZyEhsGUwUBOVDhUgYh-8SXsbgXARnp4LaehUQQ2dy8SL-emy94h2YQfxFdDc4z88HRjGrtyp12EHD2XoGlZih_B6OyXSUoXmAIFI9QuJWWCYpb7Z6ab6uVrrrkzD9YD8GoakU

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:03:25 GMT
expires: Mon, 11 Dec 2023 22:03:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame C1F4 31 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:42:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame C1F4 11 KB
4 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:57:58 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C1F4 41 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 16:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 16:25:15 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C1F4 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 01:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:56:04 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C1F4 30 KB
12 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 20:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0
server: cafe
etag: 2895842962934950836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:49:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1F4 202 KB
64 KB 94ms
48ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:03:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1F4 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DV8JhC9ISeQfHUy8vIzmwcANMd0bdyEeKWRVpCKlQffG7Tu9PdUKUhtqPNhp_6NfxaUUBhsJClYFT9THRSs3TqEM36jVRnuCPg8XPQU_QgQjevfc0

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3992229840010924531
s0.2mdn.net/simgad/ Frame C1F4 50 KB
50 KB 59ms
7ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3992229840010924531?sqp=uqWu0g0HCNgEEHhAZA&rs=AOga4qm_5xbP9bqvgWBmr8VRI6J8WGm7Dw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c59e045f05274327afab76d3338e31e5ae5ac357ba4428c9d81b95eb395c06f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 18:33:48 GMT
x-content-type-options: nosniff
age: 12577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51087
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 14:40:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 18:33:48 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame C1F4 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 21:52:54 GMT
x-content-type-options: nosniff
server: cafe
age: 631
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 12 Dec 2023 21:52:54 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame 3CCD 295 B
319 B 8ms
7ms Image
image/png 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 21:52:54 GMT
x-content-type-options: nosniff
server: cafe
age: 631
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 12 Dec 2023 21:52:54 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 3CCD 31 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 01:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:56:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A776 143 B
166 B 9ms
9ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 2027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 21:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3CCD 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 01:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:56:04 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3CCD 30 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 20:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0
server: cafe
etag: 2895842962934950836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:49:03 GMT

GET
H3 200 16641305991265644500
tpc.googlesyndication.com/simgad/ Frame 3CCD 35 KB
35 KB 10ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16641305991265644500?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnd4QOMrAovy1shV4_AYUiWt6MgJQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee696a7f7a7a0401e2e3a1f81fd8e8e6e4a1c875eda791e81cb42a6a98c4f87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 09:10:06 GMT
x-content-type-options: nosniff
age: 46399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35677
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 18:59:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 09:10:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CCD 202 KB
64 KB 81ms
50ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:03:25 GMT

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3CCD 54 KB
20 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60fed3181b6988afdf2820001db18b9ebde443b9899fc4e89c6ae5c6bf6bdd33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 02:18:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20059
x-xss-protection: 0
server: cafe
etag: 7956693243444632869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 02:18:52 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7D91 624 B
300 B 51ms
49ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNXvupZmgD7KhNDkmIihuVaSRleDWOCh6JHawwbaSwMHIXjwo6lIMVhcEi3bpGpYpc7BgkzdJyBKaosowxTCpvp74-Xq0AG3wGcmvliybceX6D5M14DJmaKLaR-A24L5n0dW6uLbHQ95Z1m9PbEWKGxpC9ZZLo5yRqgtbjXIO286ybLuIgc

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:03:25 GMT
expires: Mon, 11 Dec 2023 22:03:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8643 89 KB
89 KB 99ms
97ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91013
x-xss-protection: 0
expires: Mon, 11 Dec 2023 22:03:25 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8643 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 01:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:56:04 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8643 30 KB
12 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 20:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0
server: cafe
etag: 2895842962934950836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:49:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8643 202 KB
64 KB 59ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:03:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8643 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AucR7U9Htlcu3OURjJ9kmvQzlrl-MjIhXxdezM19MkRs_HDa4cInrgHNQBSVClxn26oeoQ1lQ_rrhjBDj0kfaNHgWK4GDAeYSXkr-q_8gaSO2mrNU

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame DB7C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGCzR_CBJDOZoNF-XiBqcQg&google_cver=1

43 B
339 B

19ms
19ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGCzR_CBJDOZoNF-XiBqcQg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJbH7PgBMAE&v=APEucNXyzbqYY2DE93Uj0sTwsgaNHJbciAXw8ut0qVXLHcs8ibZyEhsGUwUBOVDhUgYh-8SXsbgXARnp4LaehUQQ2dy8SL-emy94h2YQfxFdDc4z88HRjGrtyp12EHD2XoGlZih_B6OyXSUoXmAIFI9QuJWWCYpb7Z6ab6uVrrrkzD9YD8GoakU
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2y4zU7BYTEgSv5fV8FAfQhEscxV%2BqcvN%2B69PWzMIVzxp2MAdnNyjVJByX89m3CJxUR59khRks1eyiwxYGmzfe20GpUBxjzTYDQrZLLQ4UQRH0hjRFpmkelNCgrMKQN9b8pI6cKz%2B3kHNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8341047cbf68049b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGCzR_CBJDOZoNF-XiBqcQg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DB7C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXeHLU06BrSIxhOCmm667QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1

43 B
768 B

24ms
24ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJbH7PgBMAE&v=APEucNXyzbqYY2DE93Uj0sTwsgaNHJbciAXw8ut0qVXLHcs8ibZyEhsGUwUBOVDhUgYh-8SXsbgXARnp4LaehUQQ2dy8SL-emy94h2YQfxFdDc4z88HRjGrtyp12EHD2XoGlZih_B6OyXSUoXmAIFI9QuJWWCYpb7Z6ab6uVrrrkzD9YD8GoakU
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5PtP%2BmUGPbKmr84Rkl%2B9Qs2iVFxVIolfqmLHj3zuxXQq5vSTNdoi5PgiBDM3gptmNgNAVvfuPV0mPZXC3u0igsvFs3fZI8TrtQMwryo8WfmjqXNeJ2jr5laJ76x71Okd9Syg8Dsu%2BwPZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8341047d0a8e91ea-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame DB7C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMF4YJxZlj82lhe4GswkQR0&google_cver=1

43 B
519 B

22ms
13ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMF4YJxZlj82lhe4GswkQR0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGJbH7PgBMAE&v=APEucNXyzbqYY2DE93Uj0sTwsgaNHJbciAXw8ut0qVXLHcs8ibZyEhsGUwUBOVDhUgYh-8SXsbgXARnp4LaehUQQ2dy8SL-emy94h2YQfxFdDc4z88HRjGrtyp12EHD2XoGlZih_B6OyXSUoXmAIFI9QuJWWCYpb7Z6ab6uVrrrkzD9YD8GoakU

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
an-x-request-uuid: 0f44474a-f54f-46ff-a382-c6b100f63677
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.42; 81.95.5.42; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMF4YJxZlj82lhe4GswkQR0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuid
ib.adnxs.com/ Frame DB7C 43 B
569 B 58ms
14ms Image
image/gif 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
an-x-request-uuid: 91e4a18e-b3e2-4779-934a-90307705d9f2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.42; 81.95.5.42; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BCED 557 B
302 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be62dcd9be0d9bc619ea4b12d44e7ac1da40db23011580272cf0129a3226de9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 11 Dec 2023 22:03:25 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BCED 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdbe9b84c30a00229826b0b1e354c94d36dd6bf16e6580bbef43877689c8f5bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Sun, 10 Dec 2023 23:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1182
x-xss-protection: 0
server: cafe
etag: 16216481440669322801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Dec 2023 23:44:04 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame BCED 295 B
319 B 9ms
9ms Image
image/png 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 21:52:54 GMT
x-content-type-options: nosniff
server: cafe
age: 631
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 12 Dec 2023 21:52:54 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame BCED 31 KB
12 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 01:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:56:04 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BCED 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 01:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:56:04 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BCED 30 KB
12 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 20:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0
server: cafe
etag: 2895842962934950836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:49:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCED 202 KB
64 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:03:25 GMT

GET
H2 200 54d1c22c3cbefc4e5c3655ead0d764a5.js Show response
www.gstatic.com/mysidia/ Frame BCED 54 KB
20 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/54d1c22c3cbefc4e5c3655ead0d764a5.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b496fae0bf22e95b2ff8eb5477cb418c118245ac7e9a042dc5bac4a59e7ec249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 09:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20527
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 09:18:12 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F430 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5Efr5w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame AA6D 38 KB
13 KB 12ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 12:30:32 GMT
expires: Tue, 10 Dec 2024 12:30:32 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7D91
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1

43 B
331 B

24ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNXvupZmgD7KhNDkmIihuVaSRleDWOCh6JHawwbaSwMHIXjwo6lIMVhcEi3bpGpYpc7BgkzdJyBKaosowxTCpvp74-Xq0AG3wGcmvliybceX6D5M14DJmaKLaR-A24L5n0dW6uLbHQ95Z1m9PbEWKGxpC9ZZLo5yRqgtbjXIO286ybLuIgc
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0%2FK2JTG0VR%2F%2FjIyAoPr2iGtUcWF%2F%2B1To2ij26KBToB1nIBHd3X5CPnur4Q6%2BA%2BhjXVJrYBgowEKxx0gAORtCPGqiwI2r1V3xiFDiV2sZg%2FhT722gLEc7maI1U5CY77m2eiRZT3MvM6G3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8341047cbf66049b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7D91
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXeHLSDUVcVy34E9zAv9GwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1

43 B
738 B

26ms
26ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNXvupZmgD7KhNDkmIihuVaSRleDWOCh6JHawwbaSwMHIXjwo6lIMVhcEi3bpGpYpc7BgkzdJyBKaosowxTCpvp74-Xq0AG3wGcmvliybceX6D5M14DJmaKLaR-A24L5n0dW6uLbHQ95Z1m9PbEWKGxpC9ZZLo5yRqgtbjXIO286ybLuIgc
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2Bsl23NDjFKOK7VLyKvzLs6Co%2FGCsX3S3FVLXzdbYv5BdJST2D38mTdbKGRGNeMTmsZp0u6ynrMuOgXJmUS%2B%2FSItDLYDjBnJrR6m7I0TXqjUsDgr%2BnvGlPgEfPawMFQLiCdCtUtI5j%2B9eg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8341047d0a9091ea-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKc7L4Ml5hcnQzG2H7NN2w0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7D91
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMF4YJxZlj82lhe4GswkQR0&google_cver=1

43 B
518 B

14ms
13ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMF4YJxZlj82lhe4GswkQR0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGOWv3d4BMAE&v=APEucNXvupZmgD7KhNDkmIihuVaSRleDWOCh6JHawwbaSwMHIXjwo6lIMVhcEi3bpGpYpc7BgkzdJyBKaosowxTCpvp74-Xq0AG3wGcmvliybceX6D5M14DJmaKLaR-A24L5n0dW6uLbHQ95Z1m9PbEWKGxpC9ZZLo5yRqgtbjXIO286ybLuIgc

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
an-x-request-uuid: f1ed37cd-6a3e-4ed0-9fd7-02efc35ce047
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.42; 81.95.5.42; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMF4YJxZlj82lhe4GswkQR0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuid
ib.adnxs.com/ Frame 7D91 43 B
570 B 36ms
16ms Image
image/gif 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
an-x-request-uuid: 733f7dea-88fd-4f1e-9f50-fb8d685e4c5d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.42; 81.95.5.42; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A776
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

17ms
16ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:03:25 GMT
expires: Mon, 11 Dec 2023 22:03:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:03:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame AA6D 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 11:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 11:45:46 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8643 32 KB
18 KB 173ms
173ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKeGpw_e4SHLD0_sa4KZ09BiBiyAubUoqxMqiAnLerZUEiLwsy8E5EjVXpBFQT4Y-hiCCgYgVnsgXCTmUaK0qvK0Dl6n3xdFEFeUwhQ_fMeuRJNzPLB9UHHgxeZPdjisX28p6N43JapFCtuCX6G46JSdayKCPmhL7LED6y0MeKn68ZMDc&cry=1&dbm_d=AKAmf-ALfjuFGXjRN8VcRNo9QC8ir9mb1S42hu69fFFFKPggJJEiqpckjOwWrVRICQkMzkRW0EqtYQBxjMIzxekFfDrIzwnFscNhPc4akefTQwEhZaah6c0vjfNZpGj88hfbJLiBlz9gRKjLhgFdAJmggJek1TEy4T3GdnBws9xf7LvN5nFQjqBNPpAmVbEANkptVoULicBRliig4YHLwfuMIyfd_hKoF695REJV3z8jSyHpqHLBTERH-lOhxsBuhLbPexJowYK_J4LoDuEZbRvP9uIdCOHD1n2O2eOTzXqVF5kCiBkYXffbKd7elmcYcg7UFyqLMj59p9beApAmzUENKVdCMWW1nZLkl4EToprz2Bjf3GPwO75gjEAzi79qKVgteWf_Gov3M-wnoomcQCAg2gF6-awxPZ_r0WzXMcli2SMPxvhcLzSOc0UNXMzJNEKB4Jk1PTlATistJhKZayWWKbBrXJJx3yel5lnuYbOeZAoWWVhQd5m4eVTXwRr01E5PY--rufIRwLvSX1HrRYh9KtsI2e2cDSeWoPpzxe89DS5AHAI4Mb2_uiFw6upiTQxyN9mw4wfxkd0ReTu8Ar1KVuP1Z73Ic1cjtSBJmp2cn1OZh_-Fs-mSNgMK3wJsbwvzirHszh2TN7UDPGzaNdUEpVzw0xrEUs0SuUMT8L9zh85MAoB2x1JhYtTXylQaRRLGL00UgPSAeUApIdrwxj1c9BG9QeWQ_0H7GvBe_LTykx97WqcH2hRkKSsc0gML_NhdBDmuXepBZ26BMRiA5encDD4kQjPwK5i54nkIT0ingZvkCm4TCSC4GcPIZpIC89fDy5Srpquu701-taRXRJ_86wBNUBIl5EusZKTQVr2J3L-ATL5DrfSyCLGITfTgqPX3wJ8tSpiK8aBBbtEgi_nPgNEyvzaMua2Ns3zr7XR7NOYqwSaJbpmqvI_DdM6PMXgLsITNl8zSJtwLR-ovAABg2GRGm8FrqSvavQK2X68HH88mwmT9ULBRwXRZdYoi_59bnhkfTY6kUzUj5rC4mwGQTyX4xoROC5rBRzw1hSnNfjKT-XIovzqJgLYE9C1fqXBhRsSPUQahYEJkQduWvPiORGDrI-wCZAwF3RBNqTgj-CIiJnMflnfFwJ97xGV-_NyM7XA0EIdPilr4kr_Fdjsy9jjByvz43ldXX5xUD_bdQZi6BlRcHjZ_RXsDK1acjEqEd3tlQlt4S8ZHrI368AIZZ0Rbj2e1JZ-lfW3vFM03isX5UAPH6l7658ONeiW9mDshn3yOgXtvMV4F-M-BuQk6zvn5apMAaayElC8jSPQxF-rIGVFhUdMG2PTV2-jvCADXvdior3Eg39dl1rmTQkV_q-QPa9eKdkQd6rQKyU4ibgxf8DPxPbvAubo2OBygq5Irytmdpg0w7tv9vGCllC1DwxZ-I5h-gX-NdS-xG7jKQRtcW2FLjbjelauRjNOJpeV8hTo4ZLvgEXH_WcxXCX36KjSAq2yKem4AK4FZa1H3-ruZ_WQmve3CnUEILVS1kIja6d9aHj8JRMo2qcyz2Tlb6JyPTRCW6MipMRnjNEuH-HL0MLKisXxjlGLEjtQoEvGlCSpeyZd7srayZar-leaKLSUAhA94lJbqyuWeWHWy07d9_mtQueRb1nJbbBj_syN84sDRGXCt5z1fuaBTSFoSNdeIGxHWHa0ffgxJLQ9cn4dtHDQlW_xJPLgPGPMrNnP2LK-YVzhTZX0qURacwz-Ut2skHxZKytwhpRlh9wMBPgU3t36Gl88eHL5q13wPuhERyyBtnN0vqtVnKF12zCYP2D941_dUUxdZOHuOMTYOW8inTMP2FGsF78-mMFfbGXGUfdRueWQ4P17TnbUbObeXzbfSb70D0Um0GDawMBbZrgXOrDQyE01jXISTHpfpKTZvsWtm9yeoOQ8cW7qGVmKw4XECFBlpGtJqEGCIfFu0Sgu-28R4F8PKnGViK9i-qU4EA47uQuEPPvk7ovIVn_9QUpbXy2r061XSEcQiEc1eQuyD2yAtZraRkrklSi5gF0FGCUZqFNxal8wslspyer0iyDhJrxxqIb5uWPtgkPfpuRG3PXP6dUarP9Nl9FByjRMWspg2BRXzCkt9v2QwkPEAznwUD7AIWCAlAx43sgQ1mw_jfFNUTOmSUytuAyPRpU1uBIBxCYIl2Bx_vckw4FoJMkr2SzrkqbLhEi6rSXgbcbvwuMtDVZXyUXuxFflJpvJOHnyXehBBFAmBhCuGjJQyFbCeX7F4T3DZntvPqcA8pzUHRYvM3y-LZg-3CWvk3hi25Hu9-K1XaxWl4ZNN6-RdmlqwV2dG8XDq15teg1cHvJrq4GDglmyRoevaeVFrvdf2eG0bzHBRzTKeRNaH9jd-FMPeiN-Vb9PRBB5kKRcw6CCMEMOYqur1KIUj1qOgDCc2ltLcUpzuNrrZVtIXte7S78n46UXg6MU0oI5VKEE_Hsv81xi-JJNauIWM3W87UMLX8fmcbbkOFgPLoIWIZUKntcxAVPa1jjdFuXU-BbYgQMhibtXpwABvMKU34NbnK5u30DGqY__HOfw3n5hPrjhnsxilMA3CrPHcS98tAUWhoU0IC-Waak8vAiO9mDg4zSHHhVWzPTR_E_3x4yCyVjI2LAu3XBWWnY0TCIjewYOYO4i6WJfvQBHRY469nKrEb1ia6_vTfhMyRcnGVDKN6A8m9SpRhmKj8ii82fDicTUfznRfaAAXjGhJsoR_CqMO9BU7GtKfksskTc6NLBpnUO-5A_VyahI-3WVsRzVBEzP5TAu0B01pHLr5dhfBcti_P4Z0EVo752OFGvPoxq0nmLgD2ZOoubLUrb9jqFOEv53fjVm0r7bY-Mfw2kE3wrXUtdUKfJgSB-tFnXR5XC5y9hpmUsv1a19jkv-er7FuCvmMOfsiHELo0cpMoDbwJlz0bnDKIasPSNo_p5R9dDpIpMU7-IFGvfozMyxet9X5GR-IUPRDFKSDsCEhhm6KrijFUXaa2xl4rgEFmgdfzzW29gqUeL1P6okEjDUom3TO9uITMJN0nwCvRqDRrD2UHQRTLvNxsPr-hcZgygo1lincklgbrTe5rN97W-b6-kaanqSudvvGGmcuhCpbDUMXBp_TTLoUtKjphkoGDz1ZXQWuj3Owv4QgTuUNbTCXH1SQ5QtH7RtES6qepnpF7zi7o-ad0Mo9QjSmxUZhW1fjQwMpmIAT2EnJNXgl5M-_j1cOkmI_jcRUgF1TD5QhZEKQ-TfDcWH6pFoQ4HpxnvJQWOWONQlltV55iRqwwUq69dnmHW0K0FmUaS3PYop_V6ZxDmn9VZyRKpSt0kLK6y_RBoW8PVTxZQlAGdOhsButuJl_nav3u8635uRsIy9ctXsgOWObnQfIvzNdl-8n3JzM7iYzGU_ka7jW66pl7yEzCUEh1ZOZDfth4d-Mh-zjv6jFvEoJ7sspbrUzyNd-5YqQjVjbIrBZsJCHXpn8N0m1lPJ-BM1rrzIg4lzq1KKEDf2vpcqKXw6R0Klg7tAqQn6btYaC_86Z1802gt749ZdSvOhVwADYs-4nl7QDtNDAqIPzexkaP6PqVdDTdh5kJax2ZetgxwUuhP9XP8RGPYrtzClnLzGKyxzB8bTPunlR-yHK5FRV4Fumr7jXFA--rMVb9tRsBZEw_SwmCdA2aTgR3s_WOSPrsamBRVfSiaU&cid=CAQSTgDICaaNgsA84zmgkHEziPo4uBQI9tkJdUIStBuqGThrnV7GAk0qN2jUFUyIPvINT9ptuWsMcIyoTuk9QCQdBLpB8M_MmWWjxnMi4sg3yhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwelovewolves.club%2F&ds=l&xdt=1&iif=1&cor=263009624836499260&adk=2935317966&idt=152&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b87aaf942758a5e007daa885d0e92fd189f5da0eb5135395e7d9c11e6b907a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18731
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8643 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=729924016837&version=m202309260101

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8643 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=729924016837&version=m202309260101&ct=77&x=1&cor=263009624836499260

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F3C5 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 10:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 10:25:47 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F694 50 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 10:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 10:25:47 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C1F4 0
0 147ms
54ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyuat9U3M0NVUu1lsEInZmxnTqD9aK8Xt1bn8jhKk2BmqMcmTjo8M1AIwWI8-obJYZk9ZaA9LqIAUhhL8pHKO6z6qJQd7LR38frL8F36qN798sP7mVq_0TCoTcpl9PdN-QE2KKvB-UIWAbD4uH7VjaPLysvQSIxWJ-k6y955dHunxUxyIT-OyeUB70SUrAiFH9cl8VE9O6xx396_xds5g5UO9JMXphAqIYmg6svwUP_8TYDPhTpIDbQ6ETnq7tf3ENxIV92ICQVeMdc2zQJuzbCiYTI9rY_CiBs2fEJch2IGGyWwehC0UAaq734aiD3Q0tMeMNQSieP4yB7dhgL8ngpSqnmjjCImP1g21TGqjXnpvlFO4xG32g80DcwXGT7y5YUnakirMmoYCzLWEj5OVsBESV6TgIyLGWbqA4zUyc3Kn5bUSVo0c7rMji7i535vJbOxCj8tTwQwGUCTBiONSXT8FPtO0PtFY0HQGI7k98PzPFVdjE3A8VhgIiifinsrAqOdjVVAT4Zy7yWNf0mFkO6Ew3ZLSaiNRLEWNaYJi9NhLhRJoLdGcYX_ApXnttTR6btgUhFiTnTf2I38vo3q9fQmAiWnDjkC9_xgTsqvxwoMJHaWShZAhK5gbeiEKyN7Qf21NrDbPW6K-f94vRS-_sUd-GsPYboIborfCqW6q4am1AKKCwSett8lau6yzqqo2qhl5GGUEuGII_o2eJYGR29kM3swtxhikC9kl78s588GLbe9ZRjXdMTSqhbTx5aV53RycJ_mD4mNhzR9hI2rhsHrVs5N_Xzu6yDwI_xoYm3wKlzo-AXmaztWX_clgT7a8Fb6JdDArPI4CfU_oftSxdqSsc1J5fcT6E_V_nYqqSBU4twTDClLUXO-kSRUHMVoIoKCcht6-3knLCzXxsbnG6zEzKdVNdTHesAUYogeTm7moHyukaqoFTQsR-x26PAYy3Rzu4Wi6NBri8AsQJJw1fP28Fw9NFa6sUKwmMSKUJtwA5YkJ4YcNcDMl6OCkWRKoWHHQmplOc7Y9WAZe4iN86uH9aZKnD2iiFLXw0QYs7yEKzokJKGZgHHRJ8iUhOEbDOIOYK62voqhSPdJyVN6PI-oH83bD0KRCY4vuj5XcUr43UM22bTNlVdorXc-vOCflgZ8sYLVInDREDTjEAaDBbL-r8dQ-s-4wfStept8hSiAYFTD6T-RQO30QQ2TkuZFYIPiLDWIiqT6-7DV-V-4ec6s8VyCy1TrT-5EstyM-6L8FZeY1oSalQlo8olUteZvP_b6pFj-f4-uVXoWSKvo0lDP793rD3z89nk0t87_qwHBRZ4xuS8MLRLZfiVwa3kQ&sai=AMfl-YQ6RlLzaQpq_s37A9KP7nTEHgZRfifSZnM1WNw8bymwSfiI7maeIIlpzUGJspObAMXH0NRagure3aVLkf0dbG4wpOcnTodWRz6qlNOqZfssS5U_CJqlHttV2pvVyWYjhGKMyfekBtPDDcCTw2vuVPpL1nQgynxkTGJdXA6-o2TqdrwJxXi3ThZyfJqsEqPY9KRYQDJqZVEkDiQiwjL_7faXLJcuI3cY0ouvZGBKGiMs2FwaIOa20K8UersqQ6ZPHZSKrPylCEfvf5xU8gEcSWL4SR9YRUcPdxPeLxskO9tRzcWVBTvJ6FWTmGXmTbPhV61jr4XJIwA4xwQmJ17_s_7u024Nv2qy3TaK8YJNdAK9BArGYviOy6x1vsW14VWtjkw1O8RxVikurtaNvf8jPUovHwP68MwRDl51ZaZpI26CxZyJPDCNgXyKzvrORhRcGSnA5K3x-rtesd7aaXpXzKdNNuQ96axySQqzznrt0DUREMnJl7UfIfE&sig=Cg0ArKJSzEp0ex8uaNYCEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=229&cbvp=2&dett=2&cstd=0&cisv=r20231207.47175&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: welovewolves.club
URL: https://welovewolves.club/?bypass-cdn=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA6D 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTUKnLId3ZcuOGs-z5LcPttypIAAAAAA4AeAEAg&bg=!LS6lLmHNAAY3kmNgF5I7ADQBe5WfOKsq53fobfEqM_XvOOYbmCtkv78fc6u0x_STxqnzqobox0zWP2ihchDsLQfYj2OfAgAAAFtSAAAAAWgBB5kDA99O62NCvGZZbecwUlL-dS7FHRl9x3L73KZIHeHhgQ-8a0OoFq6S1sjk_2IzlviOXgmpNtdUYrAJGxP8r7tgEBcgcSo-PAveroeL9FmY7wm919mSlzEUVe764vWC_Nk79HGdF0-n-oLA7oFvVWPXDIuPg0cvCNGu4k7uizqm2uyWGvCdwpkCCxLpTGY4bcB9MjhZHBlrQ9WNMjnGcuFGlDVjtk9y4b32pP6tEF2aMlbGgzjKdJajznQbMunZgvrg07l5u0oRGtT7zg2SZ5w4p64PxDQyeegVNqdl6yxGVe754jyQVpHsPrFl0VP3lGwO0kKRby7dUEEJakosWYy16cwAaeclyDZRHQnsfjL0VuzOY_gPNyBzJKm7QaogoyXTX1Omoiw4TxXvLMxPqqkSuOcCdw1z0D-2oLKeICdp6EoJ6NRlcuf_pq7CHxbFnJXisWhxaNT_LtRpCJKAtPQ_zra9Xl4J_P38C3eyIBaNKtd0ntOc-LjcUHpqDXUUDpAQXvyX4G0kW-qp4Fmxw7bJ2ZOTlOrHj9OiSI6fMWNoJF0YM4hVK9H-VNF0-ovesk6Nw1u5Mil39MiTPo0q87oqEQCMT5fGDhzziWOM4U5h6Tvtox4t-ZU1JRC5E84yd4dnUWIHR59eDG0UzUpCqKEYchjHgQtcG7LqvMjDSUQvhS6lv5lECU8eJGev1c032gKJveSLbFIskcu6Bkd4jjmWgTyDoHiFormaBMuwdG3w4YQjwUNKFaRfzxLnjIWBVJbwEYaZmZxD8GmQkgYJhv3XjRqWxiXhsx56Xd5DBFyX63UHthuIVGLT2MI-ItmVXwt9TQsFkdLOk5VqY6NHHcS4xOvPHoP3-DuVD1OH7SFIE0Vkp4SGNRBeNYNR2a1ZNNR-HCX-I0PZ9Tr2x26LH5OLQRHIo9Sxn7JMfFSAU0tQVDKvzhoRVDrePP2BUiTcCY_Bnr88DI2KuwDjUHs8kkwZiOuE-1umXfrlJAw8T1xf6gJlW8GigvYgU7KDKj4D0illSxwHGg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 7925 2 KB
3 KB 67ms
35ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jtsk8pb6qmn8x6mx9j7ds5t3zyjgdapmnqaypwzg84whdp29qk1rdvmfxvyjg9wbdve3n1jbcwptk5wpqk66rceh254pnja8jdgdvsnyvnasttpxy8r9r0fmqh28jfecsxwtg5vwdcr4x34gd54dkd7zn8zt1zgbess0kyx8s48bh2m6rkvgd2smdnvd7sv97g8a4a8tj82dq7rdqh9rcxbawmkyteyfztfhzr6bbrcdema8k21tpvfajxkf9z94xb0m9wepv69a5h2vw97tjrazcqc4fsgghshdwnz75y4sbdsnkphzaz7j5trfpm7fcw1pcayhznnh7c1xvvemma6nmazfbcxj5b2qv6gqk876zf5h05f7yaxmn8g3ervhm7xn13k497y4qypf5099zwnppg093ex08ycrevtzzgsqz5534&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%26client%3Dca-pub-1870775526215126%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3093830012~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=1&bdt=1472&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bb91d1ee79bb03fcc0e6f6368bfe3450d59208d9739f8fd486ae98ce280d29b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8341047e680c3835-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:03:25 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 85CD 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 01:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:56:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8AEF 1 KB
644 B 9ms
9ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 5011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 12 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 85CD 30 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 20:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0
server: cafe
etag: 2895842962934950836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:49:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 85CD 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQT_5NclfPh1nZiiFaxBil_l_MX8e-pffeEEv-3GuTCKMMO9pZ5WWtqVC1d7z_dwqXq0e_jq49bGyaNiV9iuu54aeMKfA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3093830012~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=1&bdt=1472&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 85CD 202 KB
61 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 21:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:47:42 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame 8643 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKeGpw_e4SHLD0_sa4KZ09BiBiyAubUoqxMqiAnLerZUEiLwsy8E5EjVXpBFQT4Y-hiCCgYgVnsgXCTmUaK0qvK0Dl6n3xdFEFeUwhQ_fMeuRJNzPLB9UHHgxeZPdjisX28p6N43JapFCtuCX6G46JSdayKCPmhL7LED6y0MeKn68ZMDc&cry=1&dbm_d=AKAmf-ALfjuFGXjRN8VcRNo9QC8ir9mb1S42hu69fFFFKPggJJEiqpckjOwWrVRICQkMzkRW0EqtYQBxjMIzxekFfDrIzwnFscNhPc4akefTQwEhZaah6c0vjfNZpGj88hfbJLiBlz9gRKjLhgFdAJmggJek1TEy4T3GdnBws9xf7LvN5nFQjqBNPpAmVbEANkptVoULicBRliig4YHLwfuMIyfd_hKoF695REJV3z8jSyHpqHLBTERH-lOhxsBuhLbPexJowYK_J4LoDuEZbRvP9uIdCOHD1n2O2eOTzXqVF5kCiBkYXffbKd7elmcYcg7UFyqLMj59p9beApAmzUENKVdCMWW1nZLkl4EToprz2Bjf3GPwO75gjEAzi79qKVgteWf_Gov3M-wnoomcQCAg2gF6-awxPZ_r0WzXMcli2SMPxvhcLzSOc0UNXMzJNEKB4Jk1PTlATistJhKZayWWKbBrXJJx3yel5lnuYbOeZAoWWVhQd5m4eVTXwRr01E5PY--rufIRwLvSX1HrRYh9KtsI2e2cDSeWoPpzxe89DS5AHAI4Mb2_uiFw6upiTQxyN9mw4wfxkd0ReTu8Ar1KVuP1Z73Ic1cjtSBJmp2cn1OZh_-Fs-mSNgMK3wJsbwvzirHszh2TN7UDPGzaNdUEpVzw0xrEUs0SuUMT8L9zh85MAoB2x1JhYtTXylQaRRLGL00UgPSAeUApIdrwxj1c9BG9QeWQ_0H7GvBe_LTykx97WqcH2hRkKSsc0gML_NhdBDmuXepBZ26BMRiA5encDD4kQjPwK5i54nkIT0ingZvkCm4TCSC4GcPIZpIC89fDy5Srpquu701-taRXRJ_86wBNUBIl5EusZKTQVr2J3L-ATL5DrfSyCLGITfTgqPX3wJ8tSpiK8aBBbtEgi_nPgNEyvzaMua2Ns3zr7XR7NOYqwSaJbpmqvI_DdM6PMXgLsITNl8zSJtwLR-ovAABg2GRGm8FrqSvavQK2X68HH88mwmT9ULBRwXRZdYoi_59bnhkfTY6kUzUj5rC4mwGQTyX4xoROC5rBRzw1hSnNfjKT-XIovzqJgLYE9C1fqXBhRsSPUQahYEJkQduWvPiORGDrI-wCZAwF3RBNqTgj-CIiJnMflnfFwJ97xGV-_NyM7XA0EIdPilr4kr_Fdjsy9jjByvz43ldXX5xUD_bdQZi6BlRcHjZ_RXsDK1acjEqEd3tlQlt4S8ZHrI368AIZZ0Rbj2e1JZ-lfW3vFM03isX5UAPH6l7658ONeiW9mDshn3yOgXtvMV4F-M-BuQk6zvn5apMAaayElC8jSPQxF-rIGVFhUdMG2PTV2-jvCADXvdior3Eg39dl1rmTQkV_q-QPa9eKdkQd6rQKyU4ibgxf8DPxPbvAubo2OBygq5Irytmdpg0w7tv9vGCllC1DwxZ-I5h-gX-NdS-xG7jKQRtcW2FLjbjelauRjNOJpeV8hTo4ZLvgEXH_WcxXCX36KjSAq2yKem4AK4FZa1H3-ruZ_WQmve3CnUEILVS1kIja6d9aHj8JRMo2qcyz2Tlb6JyPTRCW6MipMRnjNEuH-HL0MLKisXxjlGLEjtQoEvGlCSpeyZd7srayZar-leaKLSUAhA94lJbqyuWeWHWy07d9_mtQueRb1nJbbBj_syN84sDRGXCt5z1fuaBTSFoSNdeIGxHWHa0ffgxJLQ9cn4dtHDQlW_xJPLgPGPMrNnP2LK-YVzhTZX0qURacwz-Ut2skHxZKytwhpRlh9wMBPgU3t36Gl88eHL5q13wPuhERyyBtnN0vqtVnKF12zCYP2D941_dUUxdZOHuOMTYOW8inTMP2FGsF78-mMFfbGXGUfdRueWQ4P17TnbUbObeXzbfSb70D0Um0GDawMBbZrgXOrDQyE01jXISTHpfpKTZvsWtm9yeoOQ8cW7qGVmKw4XECFBlpGtJqEGCIfFu0Sgu-28R4F8PKnGViK9i-qU4EA47uQuEPPvk7ovIVn_9QUpbXy2r061XSEcQiEc1eQuyD2yAtZraRkrklSi5gF0FGCUZqFNxal8wslspyer0iyDhJrxxqIb5uWPtgkPfpuRG3PXP6dUarP9Nl9FByjRMWspg2BRXzCkt9v2QwkPEAznwUD7AIWCAlAx43sgQ1mw_jfFNUTOmSUytuAyPRpU1uBIBxCYIl2Bx_vckw4FoJMkr2SzrkqbLhEi6rSXgbcbvwuMtDVZXyUXuxFflJpvJOHnyXehBBFAmBhCuGjJQyFbCeX7F4T3DZntvPqcA8pzUHRYvM3y-LZg-3CWvk3hi25Hu9-K1XaxWl4ZNN6-RdmlqwV2dG8XDq15teg1cHvJrq4GDglmyRoevaeVFrvdf2eG0bzHBRzTKeRNaH9jd-FMPeiN-Vb9PRBB5kKRcw6CCMEMOYqur1KIUj1qOgDCc2ltLcUpzuNrrZVtIXte7S78n46UXg6MU0oI5VKEE_Hsv81xi-JJNauIWM3W87UMLX8fmcbbkOFgPLoIWIZUKntcxAVPa1jjdFuXU-BbYgQMhibtXpwABvMKU34NbnK5u30DGqY__HOfw3n5hPrjhnsxilMA3CrPHcS98tAUWhoU0IC-Waak8vAiO9mDg4zSHHhVWzPTR_E_3x4yCyVjI2LAu3XBWWnY0TCIjewYOYO4i6WJfvQBHRY469nKrEb1ia6_vTfhMyRcnGVDKN6A8m9SpRhmKj8ii82fDicTUfznRfaAAXjGhJsoR_CqMO9BU7GtKfksskTc6NLBpnUO-5A_VyahI-3WVsRzVBEzP5TAu0B01pHLr5dhfBcti_P4Z0EVo752OFGvPoxq0nmLgD2ZOoubLUrb9jqFOEv53fjVm0r7bY-Mfw2kE3wrXUtdUKfJgSB-tFnXR5XC5y9hpmUsv1a19jkv-er7FuCvmMOfsiHELo0cpMoDbwJlz0bnDKIasPSNo_p5R9dDpIpMU7-IFGvfozMyxet9X5GR-IUPRDFKSDsCEhhm6KrijFUXaa2xl4rgEFmgdfzzW29gqUeL1P6okEjDUom3TO9uITMJN0nwCvRqDRrD2UHQRTLvNxsPr-hcZgygo1lincklgbrTe5rN97W-b6-kaanqSudvvGGmcuhCpbDUMXBp_TTLoUtKjphkoGDz1ZXQWuj3Owv4QgTuUNbTCXH1SQ5QtH7RtES6qepnpF7zi7o-ad0Mo9QjSmxUZhW1fjQwMpmIAT2EnJNXgl5M-_j1cOkmI_jcRUgF1TD5QhZEKQ-TfDcWH6pFoQ4HpxnvJQWOWONQlltV55iRqwwUq69dnmHW0K0FmUaS3PYop_V6ZxDmn9VZyRKpSt0kLK6y_RBoW8PVTxZQlAGdOhsButuJl_nav3u8635uRsIy9ctXsgOWObnQfIvzNdl-8n3JzM7iYzGU_ka7jW66pl7yEzCUEh1ZOZDfth4d-Mh-zjv6jFvEoJ7sspbrUzyNd-5YqQjVjbIrBZsJCHXpn8N0m1lPJ-BM1rrzIg4lzq1KKEDf2vpcqKXw6R0Klg7tAqQn6btYaC_86Z1802gt749ZdSvOhVwADYs-4nl7QDtNDAqIPzexkaP6PqVdDTdh5kJax2ZetgxwUuhP9XP8RGPYrtzClnLzGKyxzB8bTPunlR-yHK5FRV4Fumr7jXFA--rMVb9tRsBZEw_SwmCdA2aTgR3s_WOSPrsamBRVfSiaU&cid=CAQSTgDICaaNgsA84zmgkHEziPo4uBQI9tkJdUIStBuqGThrnV7GAk0qN2jUFUyIPvINT9ptuWsMcIyoTuk9QCQdBLpB8M_MmWWjxnMi4sg3yhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwelovewolves.club%2F&ds=l&xdt=1&iif=1&cor=263009624836499260&adk=2935317966&idt=152&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 21:52:54 GMT
x-content-type-options: nosniff
server: cafe
age: 631
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 12 Dec 2023 21:52:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8643 31 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4858
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8643 41 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 16:25:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 16:25:15 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjMzMjIwNTY0NzY0OQogIHNlcnZlcl9pcDogMTQ2NTMxMzM3CiAgcHJvY2Vzc19pZDogNDg2OTgyNjk5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDMyNzY4MTcK...
ad.doubleclick.net/ddm/activity/ Frame 8643 0
826 B 83ms
49ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjMzMjIwNTY0NzY0OQogIHNlcnZlcl9pcDogMTQ2NTMxMzM3CiAgcHJvY2Vzc19pZDogNDg2OTgyNjk5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDMyNzY4MTcKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3phbGFuZG8uZGUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMgpldmVudF9pbXByZXNzaW9uX2lkOiAyNTEzNzE5MDgyOTc4MTUzODYxCmRlYnVnX2tleTogMTE1Mzk1NjIwMjEzNDU4NjUyODQKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTExIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzI3NjgxNwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM1NzY5NjU5NwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTExMTc5OTc0MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDMxNzc5NDM5MQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQ2NzA5NzU3MwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5mciIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8ucGwiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x2b4074a7511c05f50000000000000000","13":"0x48d222957979a5480000000000000000","14":"0x8d66c440e71b3dbc0000000000000000","15":"0x53f114e99e1e417b0000000000000000"},"debug_key":"11539562021345865284","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"2513719082978153861"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 8643 43 KB
18 KB 58ms
7ms Script
application/javascript 213.239.199.234
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.239.199.234 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213-239-199-234.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

p3p: CP="CAO PSA OUR"
date: Mon, 11 Dec 2023 22:03:25 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Tue, 12 Dec 2023 01:03:25 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8AEF 0
104 B 148ms
69ms Image
text/plain 2a02:fa8:8806:21::1720
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENNauowxZAuytnWuvp7Aom0&google_cver=1&google_push=AXcoOmQQf7jRwP-wt874Q3IClXKYC7mL-BT0eocfk4VCJlYrO5gE-Y0kq-KQc5yk8TLlcM1OAeJQ1PSnIGKnh5D0VmbhoYB_JyrHJP5HJb1wHTHOYacIBb9B94fbM_1yPnETRY1e0IYVFOKJJ6VOpVJlwrgjbd4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3093830012~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=1&bdt=1472&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8AEF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDkPaIxm7Yfti82GFXk8gpw&google_cver=1&google_push=AXcoOmTDBSIo6EXScVxe6feFsPlNw8O9qgocX_-0CdL2KBG6d_u62XBsv4YGo2wvT3kHm-XxprTX1O5KKXfBpn4OkccqwYI6ounnX...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDkPaIxm7Yfti82GFXk8gpw&google_cver=1&google_push=AXcoOmTDBSIo6EXScVxe6feFsPlNw8O9qgocX_-0CdL2KBG6d_u62XBsv4YGo2wvT3kHm-XxprTX1O5KKXfBpn4OkccqwYI6oun...

43 B
428 B

175ms
174ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDkPaIxm7Yfti82GFXk8gpw&google_cver=1&google_push=AXcoOmTDBSIo6EXScVxe6feFsPlNw8O9qgocX_-0CdL2KBG6d_u62XBsv4YGo2wvT3kHm-XxprTX1O5KKXfBpn4OkccqwYI6ounnXfQpT28bagP3tw-oBEDaP12nwe9libPW0Wz_bM-jOqXev6p9yWpWhS2U9Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTDBSIo6EXScVxe6feFsPlNw8O9qgocX_-0CdL2KBG6d_u62XBsv4YGo2wvT3kHm-XxprTX1O5KKXfBpn4OkccqwYI6ounnXfQpT28bagP3tw-oBEDaP12nwe9libPW0Wz_bM-jOqXev6p9yWpWhS2U9Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8341047facbc18c1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1367
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDkPaIxm7Yfti82GFXk8gpw&google_cver=1&google_push=AXcoOmTDBSIo6EXScVxe6feFsPlNw8O9qgocX_-0CdL2KBG6d_u62XBsv4YGo2wvT3kHm-XxprTX1O5KKXfBpn4OkccqwYI6ounnXfQpT28bagP3tw-oBEDaP12nwe9libPW0Wz_bM-jOqXev6p9yWpWhS2U9Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTDBSIo6EXScVxe6feFsPlNw8O9qgocX_-0CdL2KBG6d_u62XBsv4YGo2wvT3kHm-XxprTX1O5KKXfBpn4OkccqwYI6ounnXfQpT28bagP3tw-oBEDaP12nwe9libPW0Wz_bM-jOqXev6p9yWpWhS2U9Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8341047e8bad18c1-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AEF
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGcTmbienpuJpNJgEjwYcf4&google_cver=1&google_push=AXcoOmTmA5iKWaJ1LOaBhly1y0dS4RfewwuxjdCz_cRcO3e90Btjzgpn7bR3ciZKfC8yTIR3xUuWhkTPOOrI01uIDzMHcaPIXqgxrp...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAACB0D3F5F74FA09C494417A5431454&google_push=AXcoOmTmA5iKWaJ1LOaBhly1y0dS4RfewwuxjdCz_cRcO3e90Btjzgpn7bR3ciZKfC8yTIR3xUuWhkTPOOrI01u...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAACB0D3F5F74FA09C494417A5431454&google_push=AXcoOmTmA5iKWaJ1LOaBhly1y0dS4RfewwuxjdCz_cRcO3e90Btjzgpn7bR3ciZKfC8yTIR3xUuWhkTPOOrI01uIDzMHcaPIXqgxrpY8Kfex9bazJ-ifPILiVSCsRRfbFu3Plh5Np9_ei_AerkqTuqwwVQg8_w

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 22:03:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAACB0D3F5F74FA09C494417A5431454&google_push=AXcoOmTmA5iKWaJ1LOaBhly1y0dS4RfewwuxjdCz_cRcO3e90Btjzgpn7bR3ciZKfC8yTIR3xUuWhkTPOOrI01uIDzMHcaPIXqgxrpY8Kfex9bazJ-ifPILiVSCsRRfbFu3Plh5Np9_ei_AerkqTuqwwVQg8_w
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 10 Dec 2023 22:03:25 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 8AEF 70 B
149 B 109ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOwox_13l7uRkWhrSzXOqHU&google_cver=1&google_push=AXcoOmRvoxToo6aUvUm620KVl21gWKm5DySh8zXtbFHk2T6GKoXpixRwUyS1Ug_GZbSADeDQlMsLgYKaQ3N_i_7aLgGGUwoAQL1q-6P6HyV_VWSzcU_8q3vY6JM7dapTokBF8aT5fWTwHHM7Hz8iEe7vEQEdjco
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3093830012~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=1&bdt=1472&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8AEF 0
187 B 70ms
14ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEI8TTTKA7ERbxL3tW3cIrLI&google_cver=1&google_push=AXcoOmQCIhPftizgDPGxvlnXrgPQSd8yjTSELtnUhpDv6bMIg6rFXiScMz0WLfodf1dvPsg4483l5P-N1gv-_qZ7o8dF3mvMdKyP8jw7VK2PSVKGwUQjRwbHgPKAnl3JNMMckqhVQ3X9AozZKLqqKj0lIE0kkNE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3093830012~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=1&bdt=1472&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 8AEF 43 B
146 B 167ms
7ms Image
image/gif 35.157.253.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFnM0RzdH-knY9n_9k-urrY&google_cver=1&google_push=AXcoOmTRWTfTAfA4jqypr7y7Ep5PaHABl6jzpOqu-7gNUGXSTlqK5sUCB0WkFb3NqUBN1wmBVOnX9oaDricRs08TgJvFAjzyKRcYquEKiPFHOoQ4lpnI4FRTV-xdUphpkl-Xq6275kXGqhqaV5TQi78CdLpe_dI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3093830012~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=1&bdt=1472&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.253.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-253-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 8AEF 43 B
363 B 54ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSTANcjlFR27itJ45eL_YSuuYYazrnf8inD8oKC1UYUayW-FwRTDuEt04pxtPWQXbaEs1d9W75LeVrRDm5YVAWS11q6Y2g4G7rf6tIw777rpffwIQEHfkHDEOno0AjKfruA_pvnBYQsnfX9E0FZ0WwBovU&google_gid=CAESEG_xI5rlHpDOQ1Q_AOyhm1w&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:24 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 190077
expires: Mon, 11 Dec 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8AEF 0
12 B 14ms
14ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWqCYBugQ74q6BBePqziDEX2LEpqAnqh9BjszjKjveg-dpcbtcB1IbhXLOe2fQvIGdZ6Jz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 85CD 0
19 B 54ms
53ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkI6jLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTfAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3p8gFap7KHB23ASKvU-Zomrlc5DhaO-49tClGT4P-VOj4iln4enqqABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTg3MDc3NTUyNjIxNTEyNhgA&sigh=CG6AsLmHo50&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_1rBKNCzwQdcvGl-dZFrmASmKrIWrhuDWvQzxwaPhyuTHzoSmttrshhI_Ls6f8oQ3h83W8D0D1xgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3093830012~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=1&bdt=1472&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12
User-Agent: FreshStoreAva/1.0

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=ISO-8859-1
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 85CD 0
103 B 47ms
18ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jj3g6xazywjrxv7bkb6d080fa708pc7brspn6bhpdzsnn37073zg0cec7ktjv3g869d5at5xxxgbdtswjcsnyxzhek6c0cwqw5zd6901w9896xr0p2p182j5c18b0xdxtx87zt82e3s6zy1v8gcjq8av368sawzwgq3q10atfzk11dqbxbkkbp5562cg5deygwemvqv6yvkck6tcnfdeacw8emn9da9rsrrrdwwzs7fsb7jjct6qx5s9bppezmg7gnkeqzgfbhpq8y6y0nzvqc6agd7a6axeq6mvgy6mfsaqxkahvq8sygny8nqezyt6fmmx7str5jkxq2tnvpppabjh6qe3kss2pvgdhjr4zv6b7e9e5vjgsrvppesb9qe0znbe9npt8&b=ZXeHLQAFIMwK7IQXAAD9nqTVpPTZCs9n2iwi-w&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=2501308132&pi=t.aa~a.3093830012~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=1&bdt=1472&idt=1&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280%2C387x280&nras=4&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=606&ady=1365&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

access-control-allow-origin: *
date: Mon, 11 Dec 2023 22:03:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6BEE 38 KB
13 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 12:30:32 GMT
expires: Tue, 10 Dec 2024 12:30:32 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 7925 115 KB
14 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jtsk8pb6qmn8x6mx9j7ds5t3zyjgdapmnqaypwzg84whdp29qk1rdvmfxvyjg9wbdve3n1jbcwptk5wpqk66rceh254pnja8jdgdvsnyvnasttpxy8r9r0fmqh28jfecsxwtg5vwdcr4x34gd54dkd7zn8zt1zgbess0kyx8s48bh2m6rkvgd2smdnvd7sv97g8a4a8tj82dq7rdqh9rcxbawmkyteyfztfhzr6bbrcdema8k21tpvfajxkf9z94xb0m9wepv69a5h2vw97tjrazcqc4fsgghshdwnz75y4sbdsnkphzaz7j5trfpm7fcw1pcayhznnh7c1xvvemma6nmazfbcxj5b2qv6gqk876zf5h05f7yaxmn8g3ervhm7xn13k497y4qypf5099zwnppg093ex08ycrevtzzgsqz5534&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%26client%3Dca-pub-1870775526215126%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jtsk8pb6qmn8x6mx9j7ds5t3zyjgdapmnqaypwzg84whdp29qk1rdvmfxvyjg9wbdve3n1jbcwptk5wpqk66rceh254pnja8jdgdvsnyvnasttpxy8r9r0fmqh28jfecsxwtg5vwdcr4x34gd54dkd7zn8zt1zgbess0kyx8s48bh2m6rkvgd2smdnvd7sv97g8a4a8tj82dq7rdqh9rcxbawmkyteyfztfhzr6bbrcdema8k21tpvfajxkf9z94xb0m9wepv69a5h2vw97tjrazcqc4fsgghshdwnz75y4sbdsnkphzaz7j5trfpm7fcw1pcayhznnh7c1xvvemma6nmazfbcxj5b2qv6gqk876zf5h05f7yaxmn8g3ervhm7xn13k497y4qypf5099zwnppg093ex08ycrevtzzgsqz5534&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%26client%3Dca-pub-1870775526215126%26adurl%3D
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2473322
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BDdl%2Bpkb%2FcVRBEuRWaW9P2ffdCE1k9qpx85WkV19Rz8a2b9Sco%2BO4Hpjt1LFDAwdhanCrUMRV8bXNopIXvanQGfNqVN4MewAw%2FuktG3OPNwQv8AhKG7Qxl3kRhzGkpq71XVTPz2OCY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8341047ea84f3835-FRA
expires: Tue, 12 Dec 2023 22:03:25 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 7925 24 KB
10 KB 33ms
17ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jtsk8pb6qmn8x6mx9j7ds5t3zyjgdapmnqaypwzg84whdp29qk1rdvmfxvyjg9wbdve3n1jbcwptk5wpqk66rceh254pnja8jdgdvsnyvnasttpxy8r9r0fmqh28jfecsxwtg5vwdcr4x34gd54dkd7zn8zt1zgbess0kyx8s48bh2m6rkvgd2smdnvd7sv97g8a4a8tj82dq7rdqh9rcxbawmkyteyfztfhzr6bbrcdema8k21tpvfajxkf9z94xb0m9wepv69a5h2vw97tjrazcqc4fsgghshdwnz75y4sbdsnkphzaz7j5trfpm7fcw1pcayhznnh7c1xvvemma6nmazfbcxj5b2qv6gqk876zf5h05f7yaxmn8g3ervhm7xn13k497y4qypf5099zwnppg093ex08ycrevtzzgsqz5534&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%26client%3Dca-pub-1870775526215126%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 478117
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TY0PTjbpKazXUorn1oO%2F3SwZHjNwFM2VUEmzsE2O%2FzrJIBRV7dyxZ%2F1ecaKCbE%2B9X4hDYtfqeTsbJD%2F6ydfcJwl4wPaL4%2B7d7SU%2FQNxmI4sYXnF33FzuUDfu9RhmaTrNUxO%2FvsU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8341047ec86e3835-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Dec 2023 09:14:48 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 2494 94 KB
32 KB 93ms
9ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frb/6768) /
Resource Hash: a2592b93b5f78c6fea9afe7755e9c68ce5a4497f7f6f508339bb4f78a0bced38

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
content-md5: 0IifNkWfS/H6/qNjoR1Zaw==
age: 287813
x-cache: HIT
content-length: 32182
x-ms-lease-status: unlocked
last-modified: Fri, 08 Dec 2023 14:00:00 GMT
server: ECAcc (frb/6768)
etag: 0x8DBF7F5F8117829
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 05452503-401e-005b-17df-29c6fe000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 2494 80 KB
27 KB 89ms
25ms Script
application/x-javascript 2.19.244.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.244.218 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

Date: Mon, 11 Dec 2023 22:03:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Tue, 10 Dec 2024 22:03:25 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2494 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 01:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 01:56:04 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2494 30 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 20:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11807
x-xss-protection: 0
server: cafe
etag: 2895842962934950836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:49:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2494 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdF4K87lUcopv82MV0t_IIhCImjET7r-UXJwn_t2G5WAsdfv3kh3PTCq97T_bqGioXc4ixtVc5adfgz6rzHMTRbEGStw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2494 202 KB
64 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Dec 2023 22:03:25 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6BEE 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 11:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 11:45:46 GMT

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 8643 20 KB
7 KB 55ms
7ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:13 GMT
server: ECS (frb/6727)
age: 33
etag: "64e381d9-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Mon, 11 Dec 2023 22:13:25 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame 11D2 2 KB
1 KB 51ms
6ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Fgoogleads.g.doubleclick.net
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668D) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 228
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Mon, 11 Dec 2023 22:03:25 GMT
etag: "64e38310-744+gzip"
expires: Mon, 11 Dec 2023 22:13:25 GMT
last-modified: Mon, 21 Aug 2023 15:30:24 GMT
server: ECS (frb/668D)
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7925 350 B
909 B 79ms
38ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 923441
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIA6foOgdjVHXUDh%2FU7B9NwYn6t4Dg06o3niXMq%2FrBQbvZlOiasDv00y86g0u0Dj2ygrpSF8Hrer5Th7%2B8EbW5vSZdOOk49%2FIqqGxg03Lz6zcKK14FvEyn7xHVIodqAzvsYkti5KhItoxzGSgq7ANUKZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8341047f38cb5d3c-FRA
expires: Sat, 30 Nov 2024 05:32:44 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame FC5B 2 KB
2 KB 19ms
19ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 1147518
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8341047efba935f8-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 11 Dec 2023 22:03:25 GMT
expires: Tue, 28 Nov 2023 16:18:07 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGXlKz9WmeuuIujcvDP1LwcqXVAEazVjV0hSFS8AnYN5hkjPT3dPfOb%2BUJdP2UhpvzcTCxD7oVAvt%2BLcguOg5Ajx5MqpjTK5T203xgXLATPf4xua8Sd4YWWRhh7q7BL9TOYBetk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 tag236615 Show response
ads.revjet.com/ Frame 8643 245 KB
40 KB 24ms
24ms Script
text/javascript 213.239.199.234
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236615?_plc_id=111756833&_key=a27&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRVwwLId3Zc2OGs-z5LcPttypIM7akrx04cKhmuMRwI23ARABIIGUsQVglfrwgYwHoAG5rJCLKcgBCakCByfYTUQHsj6oAwHIA5sEqgT5AU_QXQMVBCIhmEYwPD9G1U_VufIrZ4zEWUo5xMBWcx2hc5_uwgCKjqpBI4gP_4h_lP5RQ5GYtQDtxSrlUNn5aDhEIBh0GWEd3jd9VxCJh56EkqrpkPWHH25vBBaYJ1Y-vWwjVEV_Gu_sCcJFULR9Xjkh20OntBgpKgBoA6gc-A4B0DGkBsvM2ZtGvNPk5DwqyvtkDS35-YF7aPrGFjBPmvhRkY52Gz7xg9p_YetWMpjimkWwjWhIy2mi3x58dToWKdWbu5I6GrSrCoIl261wzw-VSKtMAYw3dFOJ-2jUamffJWf4DIyZ8W6aCCVzhl5uUdFFxn5VWl83pMAEjYWb1rAE4AQDiAXX4KPYS5AGAaAGTYAHueTg6gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljGktLSsYiDA4AKAZgLAcgLAYAMAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7ECqg0CREWwE6Dn7BXYEw2IFAXYFAHQFQH4FgGAFwE%26num%3D1%26cid%3DCAQSTgDICaaNgsA84zmgkHEziPo4uBQI9tkJdUIStBuqGThrnV7GAk0qN2jUFUyIPvINT9ptuWsMcIyoTuk9QCQdBLpB8M_MmWWjxnMi4sg3yhgB%26sig%3DAOD64_1UBM-f904SdGYMfPcsA8K34bWqhw%26client%3Dca-pub-1870775526215126%26dbm_c%3DAKAmf-A6Kpnu3rnpqeyI_A77wDNNN_qFVmnkfLHpqWPcj4lgqnAODAB2NtdfHe3FPw2ybGx2dvTwRVeKJux7bf9-i2IIUSQvhwTIMoldZw1t_GlKFpKQuGjC230AC7NRMaywI9BMBJrEXuQHxixX2ZNr5jqzAUJnod6cxkQGOewsMhs403CMs4o%26cry%3D1%26dbm_d%3DAKAmf-CIF6b7QQrYM82deeU5E85ftX_9rGbfyBdb7ZGXlKepQ8GioxiuctBOyP0B0YzTsApCXr4OXPzIuoUjmQ6BjhWMJQPRbI5hwNWvO3JPA7zFkxo2KNv-UBmXrFDnG658sWCyN8ZW945xoiXwclggWk8WsrWb_qYDDZ1cEaod6F1KjYh83cKj3Lmn0s0pZBQqkzAeYiY3TiWW-VqfNbRfAb75S2J269Tg__4AclcgrYT7pTHtpSjH6rIH6xQMQ0Zcar3d0nkChy5keKo64TlZF3rMYUaD8X0jCeldiR-CkhmlyMTDqYY8ZCQ1SEF8Yg1z53LPmCTuhdN-4B0Pw87XkmuoHV2OchwIEmGxTWB3peOrkj3sBEdoZYaTEkNFwBrJnvorJMO9J_2d8KupTihxRLRXU_3u-LyHaZkZUvHnWQANptBET84EAVDE7r2cJYMrs_56VNWmQjWUxcLwvhHSOzZ9k-UTWKEMyNm-pwV2Md7rzCVN-O90A8Ge0MMh6j_QkMT5OomIoUX9bAGWTGohIxYJCEuJmvT0rNEK9xPJM1DUapaT6ZLikesBt355kR5uRZgF6vzv%26adurl%3D&dv360_cmp_id=20317794391&dv360_li_id=1013245245&dv360_crv_id=467097573&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-1870775526215126%26fa%3D1%26ifi%3D8%26uci%3Da!8%26btvi%3D4&_js_site_ref=https%3A%2F%2Fwelovewolves.club%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=87785e4f8509bab6347d_1702332205948&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fwelovewolves.club&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1702332205953
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 213.239.199.234 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213-239-199-234.clients.your-server.de
Software: nginx /
Resource Hash: ba13b618463e362fb4ae8739f0c2e1897b93fb491872aaaaf3528e6fb2d52b76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip56021
expires: Sat, 01 Jan 2000 12:00:00 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 39ms
30ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: FreshStoreAva/1.0

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8341047f4ec59156-FRA
content-length: 24
content-type: text/plain
date: Mon, 11 Dec 2023 22:03:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7D5XTbZMWxsSyhC5GFCmRMLjtXXQLNyY0%2FmBTE%2BileMnkXXE5OkN5YPixyGC%2BCWtJ0AIEWI0tXb2h01oY2h9GSFZHb0NmUmQelBELDFNZ2hqfH%2BJQJEYPBcO4eda4y73TJiAKY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0rkl

POST
H3 200 rs Show response
ad4m.at/ Frame 7925 2 KB
2 KB 33ms
33ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45405dbece10ad1479f7862b51c195cce298d4ccd440d71b2838027f824bd218

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0
Content-Type: application/json

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HBr9GAOzuo%2FUmTgBPDL9uRkOGyiiv1MbYnW2889521eJiVqhDQGv6T0SsF11rsqlR%2F%2FCe4UDyOr%2F43RpE0Bx4s%2BKfade75zDMDAx4%2FVo5J256g%2BsVT33E8KUyTdqbXOkl4s9%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8341047f7eea9156-FRA
x-backend-server: aa-reachservice-group-europe-west1-0rkl
alt-svc: h3=":443"; ma=86400

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BEE 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bc5RiLYd3ZeHDJ4nI7_UPq4ib6AEAAAAAOAHgBAI&bg=!VFelVxjNAAY3kmNgF5I7ADQBe5WfOLVXWzqr0jJy422wcOw5GKY_cPrE4QEo9iXDKXefs860qDpozNmzZ8EV1zi8vbrnAgAAAC9SAAAAAWgBBwoAe7jk4GgccRuduDwRJeZv3iLCruqfeI4Z8kZku0C6kSBPlKs0NI4z327X3E_z0XArl-4t1kKsUKZe_jv9rJJLGEQwQAxJSG5RmbiTRAbV5B29T3dY0LDOpO5fU8hFyLuj7hYtqn3jbejP5lc1fNHSUqlsvP17Vi-wOZwe3ZkC_epGE1irgOXdtaDa4-IzkBq1J8ZS5Y3kTnA_qiimuUQec85x2fmctZB4aPy42okHt4QvsCxJ0aBc2_rtB7KA5qF2_tkDJBYkftn-rEMPIfl56vReUy2QsV4iVFQ3KRiI3tZVMNw6JtFoBHr8RGNHpeteaDFbbto9wZATSXa8-olA7AgQ9CiKcRX1ftHHA7Rg5Q4MNEfXYL9VF3Pc1jWpfmL3RpT0c35CKuwJ7rjCpgc9NTKH-xAVKa1FHOGWQuUd1O2605qaRk9ZR1U11R1v7GkYhNzYcVfDOQjqSijCBz2typzFVfBeToIE8vyxLbFJfMaJKRTipMvly--T1pCaDU0BEUjzjXhLbUgVVYGDPhpa7HUVjR5607Oll-5YZPBrjpc-M1feNcZKRKJQXFZ5D4WwKooVqNZ_GPS6y5vFdjTgm1SwH1xPxE9mpLWljCmPKZ-kVvMcncM6cSEU5NYPCmAKtqb5DG0DpI0NAoSs5lhOmQUyjJbQxgGrw0TH8k-pl4JGmiJOJZGO-KfMVA41LohEiAtO-jaXEYyYu5MqKan7DRXzqd_nwe_urkBMsd6-E5sPuMtZSQreVnWiDIQ9kplevJ7QexeEGOPhrORBWCYRRrU7F_uVmiaeVyeXvTpk3ER5v-JivX8oOCa1J1XVnM1XSddaZiUHHrVefwtNI-SHQLzLb6iDaaJUsCm0L2thnnPqoM9C7xYEL4BoUinIzjQNWsxnmi10r6jswMnk4kf01LRTnBy0jTV6G6mlWnD2FuvI1upjpVjHjUU6a3-4bh4cN6pLCttN-Gj2e7138khg2wJ_kRTDRoP2OjXFdMDO7oTadXFIt29GLg4t7do2SW-AlUzmMbG7McpC5y8vL0GgEZpH5vQ7htLqSVy2qtN-RSO_PvVWTLVarPySgmOS3j2sd-voGprgwuz2AQjwvNcf9ZQIk6b-LDYRdDGRycblyPax2a93tkikut7mnpQGQB66qz9iUxZifiamh0wJOAqiwAKYHvEu-Qqryz65Ew

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 2494
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=762b3ac5-e219-4869-9045-5dac0d1fd7da&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=13132c1a-06e0-45c3-82d...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(24-0)?&RG=48874735429f45ca919e37b6d0aa6510&SNR=1&GV=2&med=10

0
545 B

40ms
40ms

Image
text/plain

2a02:26f0:3500:1b::1724:a393
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(24-0)?&RG=48874735429f45ca919e37b6d0aa6510&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a393 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 06F49AE9BF034915B18178AC85C981A9 Ref B: FRA31EDGE0712 Ref C: 2023-12-11T22:03:26Z
x-cdn-traceid: 0.93a12417.1702332206.acb3299
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 11 Dec 2023 22:03:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 53B25EE988DA4A818203B90D823A11A2 Ref B: FRAEDGE1216 Ref C: 2023-12-11T22:03:26Z
x-cdn-traceid: 0.93a12417.1702332206.acb3210
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0(24-0)?&RG=48874735429f45ca919e37b6d0aa6510&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 156
expires: 0

GET
H2 200 th
www.bing.com/ Frame 2494 11 KB
11 KB 53ms
17ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a393
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7902803125318_1U0AX0BNXORF7D8UIE&pid=21.2&c=16&roil=0&roit=0.0355&roir=1&roib=0.9663&w=336&h=176&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a393 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 52d31d5bd42c6229d751ffc9e98da72a7f74f8793eb16a9ff5cbc02aa6b13477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.93a12417.1702332206.acb320f
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 11170
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 2494 0
528 B 51ms
13ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwelovewolves.club&e=wqT_3QLrA-jrAQAAAwDWAAUBCK2O3qsGEPjTzajmhtmsDBgAKjYJD_wGt5D3nD8Ry9-Na7E8nD8ZAAAAYGZm8j8hyw0SBCkPDSTQMQAAAOBRuK4_MNv4pgM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeKT0BYABAYoBA1VTRJIFBvCfmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhlodHRwczovL3dlbG92ZXdvbHZlcy5jbHVigAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEugHBWIgFAZgFAKAFw4-bmqbagtpPwAUAyQUABQEU8D_SBQkJBQt0AAAA2AUB4AUB8AUI-gUECAAQAJAGAJgGALgGAMEGAR80AADwP9AGwo0E2gYWChAJEhkBAYlg4AYB8gYCCACABwGIBwCgBwHIB6T0BdIHDRVjASYI2gcGAV6kGADgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=a33aed7b32ae7f517f79ea8bd2d2a02f82d5be99&bdref=https%3A%2F%2Fwelovewolves.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwelovewolves.club%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1870775526215126%26output%3Dhtml%26h%3D280%26adk%3D4110419616%26adf%3D1910187367%26pi%3Dt.aa~a.2047551317~rp.4%26w%3D387%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1702332205%26rafmt%3D1%26to%3Dqs%26pwprc%3D2144566648%26format%3D387x280%26url%3Dhttps%253A%252F%252Fwelovewolves.club%252F%253Fbypass-cdn%253D1%26ea%3D0%26host%3Dca-host-pub-2644536267352236%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702332205231%26bpp%3D3%26bdt%3D1473%26idt%3D-M%26shv%3Dr20231207%26mjsv%3Dm202312050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dbadde255f2211f2c%253AT%253D1702332204%253ART%253D1702332204%253AS%253DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ%26gpic%3DUID%253D00000ce529b08e6d%253AT%253D1702332204%253ART%253D1702332204%253AS%253DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D5599824519156%26frm%3D20%26pv%3D1%26ga_vid%3D1719194481.1702332204%26ga_sid%3D1702332204%26ga_hid%3D1698558509%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1034%26ady%3D520%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079758%252C31079921%252C31079980%252C95320884%26oid%3D2%26pvsid%3D1761861794546958%26tmod%3D647427898%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D4,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1870775526215126%26output%3Dhtml%26h%3D280%26adk%3D4110419616%26adf%3D1910187367%26pi%3Dt.aa~a.2047551317~rp.4%26w%3D387%26fwrn%3D1%26fwrnh%3D100%26lmt%3D1702332205%26rafmt%3D1%26to%3Dqs%26pwprc%3D2144566648%26format%3D387x280%26url%3Dhttps%253A%252F%252Fwelovewolves.club%252F%253Fbypass-cdn%253D1%26ea%3D0%26host%3Dca-host-pub-2644536267352236%26fwr%3D0%26fwrattr%3Dfalse%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702332205231%26bpp%3D3%26bdt%3D1473%26idt%3D-M%26shv%3Dr20231207%26mjsv%3Dm202312050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dbadde255f2211f2c%253AT%253D1702332204%253ART%253D1702332204%253AS%253DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ%26gpic%3DUID%253D00000ce529b08e6d%253AT%253D1702332204%253ART%253D1702332204%253AS%253DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D5599824519156%26frm%3D20%26pv%3D1%26ga_vid%3D1719194481.1702332204%26ga_sid%3D1702332204%26ga_hid%3D1698558509%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1034%26ady%3D520%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079758%252C31079921%252C31079980%252C95320884%26oid%3D2%26pvsid%3D1761861794546958%26tmod%3D647427898%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D4&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
an-x-request-uuid: 7bf64efe-b206-4726-a853-8453ff463be0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.42; 81.95.5.42; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 elements-2.10.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 16BF 167 KB
49 KB 53ms
34ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.10.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 14:15:13 GMT
server: ECS (frb/67C1)
age: 372
etag: "64ecabf1-29d9b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50474
expires: Mon, 11 Dec 2023 22:13:26 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame 16BF 43 B
170 B 101ms
29ms Image
image/gif 95.217.106.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=ec073e09e1fa210ac5217d1ef1c80044&__adt=8240604252559503735&__ade=1&vid=5104451964329528197
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.106.24 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.106.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 lifestyle_optimized.jpg
cdn.revjet.com/s3/csp/1671558630301/ Frame 16BF 33 KB
33 KB 8ms
8ms Image
image/jpeg 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1671558630301/lifestyle_optimized.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
x-amz-version-id: GWmWzsiL4gZfS8p3bOBsR38yaINgc04d
age: 1878
x-amz-request-id: JB4R8C1WRA1393S7
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 33574
x-amz-id-2: JRqUgTdHarNyBkRMq6lJz5JEFNSJBMzyMouvsIHjzNEX9C5IxNqxIVm5C4Xzik1cVy4tySn9xm0=
last-modified: Tue, 20 Dec 2022 17:50:32 GMT
server: ECS (frb/6712)
etag: "432e30fdf56b7e1babca672b7e5398e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 12 Dec 2023 22:03:26 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame 16BF 56 KB
15 KB 9ms
9ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:32:04 GMT
server: ECS (frb/668C)
age: 268
etag: "6283ce04-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Mon, 11 Dec 2023 22:13:26 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame 16BF 3 KB
2 KB 11ms
10ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 83306
x-amz-request-id: 9D4418591NP9JNSA
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: 5jBICVXVkF537wQcLuRewXIAsPL6Z1f5osqXAnwOt1Ohlh01UHuCiJ2UjV/fyRVb/6sunqoEr/Q=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/673A)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 12 Dec 2023 22:03:26 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame 16BF 632 B
625 B 11ms
11ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674B) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 1882
x-amz-request-id: 0R1ZG2H2SWRXPTXZ
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: AP9X9wwi4K94Cirj4OKeQCMWHR0zbCkRxmCdwnQ0nTdRxn0LfLyzy7Tfikh9QImeuRcutQXeaOU=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (frb/674B)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 12 Dec 2023 22:03:26 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame 16BF 7 KB
4 KB 12ms
12ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 85947
x-amz-request-id: D8F4QHV4D3HXX7XA
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: kaesOnNZnJS6pObR+43DtTJs/YKmsZ3iXpPGXJlrD557SLIhVhfCLThvnVd3S3YpwDxOfPo4YtU=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (frb/67A8)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 12 Dec 2023 22:03:26 GMT

GET
H2 200 B29257362.357505518;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702332205970
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame 16BF 42 B
118 B 29ms
29ms Image
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29257362.357505518;dc_trk_aid=548396843;dc_trk_cid=185777229;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1702332205970

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame 16BF 470 KB
470 KB 15ms
10ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 85947
x-amz-request-id: D8F1K4VYECABAP1P
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: SCHTCb1WzKo26UQ5rC+np/mf0ssSyjwEMTTetFYItgnRjO6OOnJvvL1ApD07YqZuoRKa4akSxVo=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (frb/6727)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 12 Dec 2023 22:03:26 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame 16BF 33 KB
33 KB 29ms
29ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (frb/6772)
age: 379
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Mon, 11 Dec 2023 22:13:26 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame 16BF 13 KB
13 KB 29ms
29ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 15111
x-amz-request-id: F8A7K7SJCRC9WHRE
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: 220jlJjHRK2BWCmBcjm49AD2FoW8tXyIdEmQ1jzkfmJTIuDjmBjqdNWXgyX1dh2v/pZCaRNTC/g=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (frb/6795)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 12 Dec 2023 22:03:26 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame 16BF 286 B
455 B 7ms
7ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 1881
x-amz-request-id: CFT485JFYNGA8C70
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: hpOUSd86INoSr/UMqPk/Pci7i1B8hD00ERs8uC0R2jvW38vfcAsT2ARuCJT8Pd4HTTDdeWXGBW0=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (frb/674C)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 12 Dec 2023 22:03:26 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame F509 9 KB
4 KB 31ms
31ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fa321029f9d5ba45d5a1b9d153e47006c0f28000a8c42109d88f412bbba0f05

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jtsk8pb6qmn8x6mx9j7ds5t3zyjgdapmnqaypwzg84whdp29qk1rdvmfxvyjg9wbdve3n1jbcwptk5wpqk66rceh254pnja8jdgdvsnyvnasttpxy8r9r0fmqh28jfecsxwtg5vwdcr4x34gd54dkd7zn8zt1zgbess0kyx8s48bh2m6rkvgd2smdnvd7sv97g8a4a8tj82dq7rdqh9rcxbawmkyteyfztfhzr6bbrcdema8k21tpvfajxkf9z94xb0m9wepv69a5h2vw97tjrazcqc4fsgghshdwnz75y4sbdsnkphzaz7j5trfpm7fcw1pcayhznnh7c1xvvemma6nmazfbcxj5b2qv6gqk876zf5h05f7yaxmn8g3ervhm7xn13k497y4qypf5099zwnppg093ex08ycrevtzzgsqz5534&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%26client%3Dca-pub-1870775526215126%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8341047fbc4435f8-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 22:03:26 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B5ED 1 KB
645 B 7ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: FreshStoreAva/1.0
accept-language: de-DE,de;q=0.9

Response headers

age: 5012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 12 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 2494 0
551 B 117ms
116ms Ping
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwelovewolves.club&e=wqT_3QKfB-ifAwAAAwDWAAUBCK2O3qsGEPjTzajmhtmsDBgAKjYJD_wGt5D3nD8Ry9-Na7E8nD8ZAAAAYGZm8j8hyw0SBCkPDSTQMQAAAOBRuK4_MNv4pgM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeKT0BYABAYoBA1VTRJIFBvBhmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhlodHRwczovL3dlbG92ZXdvbHZlcy5jbHVigAMAiAMBkAMAmAMJoAMBqgOwAwrLAmh0dHAFL_CGd3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTMxMzJjMWEtMDZlMC00NWMzLTgyZGItMDc1NDViOWExNDJjJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5BVgYcHVibGlzaAUpLDE2MjY0NTMzMCZySZptALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAHhfcDJmX2NwX2kxJmFpZD0ke0FVQ1RJT05fSUR9JndwHRHwUlBSSUNFfRIFMTIwODUaEjg4OTg1MjU4NjE2OTE2NjMyOCIJMzgxODQ2NzE0KgRiaW5nOjRVMlZoY21Ob1FXUWpPREE0T0RNd01USXdPVE15TmpBERTwUnhPVEEzTkRBd01EQT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6QXJYiAUBmAUAoAXDj5uaptqC2k_ABQDJBQAFARTwP9IFCQkFCzgAAADYBQHgBQHwBQj6BQQBWiiQBgCYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAQGJYOAGAfIGAggAgAcBiAcAoAcByAek9AXSBw0VYwEmCNoHBgFesBgA4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=af29d50658a2f8783729c1a683235ca18fb2bbc3&type=nv&nvt=5&jm=1003&px=26&py=0&bw=336&bh=176&sid=5784367971359917200&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=unknown&pl=unknown&x=v&tag_id=6929499&sw=1600&sh=1200&pw=387&ph=280&ww=387&wh=280&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
an-x-request-uuid: 65f12999-58c9-4d6e-8069-931d8c7066be
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.42; 81.95.5.42; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2494 0
19 B 50ms
49ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cw6mzLYd3ZZ6MFKqF5LcPhv-y2A_S4Nfgbo-ktpOTCsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqAMByAMCqgTZAU_Qai4THy4_bLtOIXZEIKKPe2BuwjKFBmAGovm9HDJpc_yhVEhASJfcMrMONOomFvP4YTsMcFHMVGQW7gWpAguSjbVmzgEOXwMXySX0fUa_R2yS3eCpFIpMR2LtXuVBA8rMSqPvqF6MZJP1b60nRe-MO_tvtOV7BAGIt_kNtn0lNiE0lOKzJViBfj07BeCw-SjbEYe2Ue_Y5UIBePo0aUUzbBdxEihQtrzarQ6MI4tOrjNWyvwdS8qZF3WKMttUVTpULauTtme3391t_zy1JocFJsJ1eDpreL-ABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYrp-J07GIgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTg3MDc3NTUyNjIxNTEyNhgA&sigh=pzkTe4MSHT8&uach_m=%5BUACH%5D&cid=CAQSPADICaaNfd5V0NRH3szvIzHIDu-K9VhOyg1iag3jOcmBXmBjbnT5QLfEfBE4pmnXNKHKqFrbi7DQVlcqYRgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4
User-Agent: FreshStoreAva/1.0

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Dec 2023 22:03:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=ISO-8859-1
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 2494 0
527 B 22ms
22ms Image
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwelovewolves.club&e=wqT_3QKfB-ifAwAAAwDWAAUBCK2O3qsGEPjTzajmhtmsDBgAKjYJD_wGt5D3nD8Ry9-Na7E8nD8ZAAAAYGZm8j8hyw0SBCkPDSTQMQAAAOBRuK4_MNv4pgM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeKT0BYABAYoBA1VTRJIFBvBhmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhlodHRwczovL3dlbG92ZXdvbHZlcy5jbHVigAMAiAMBkAMAmAMJoAMBqgOwAwrLAmh0dHAFL_CGd3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTMxMzJjMWEtMDZlMC00NWMzLTgyZGItMDc1NDViOWExNDJjJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5BVgYcHVibGlzaAUpLDE2MjY0NTMzMCZySZptALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAHhfcDJmX2NwX2kxJmFpZD0ke0FVQ1RJT05fSUR9JndwHRHwUlBSSUNFfRIFMTIwODUaEjg4OTg1MjU4NjE2OTE2NjMyOCIJMzgxODQ2NzE0KgRiaW5nOjRVMlZoY21Ob1FXUWpPREE0T0RNd01USXdPVE15TmpBERTwUnhPVEEzTkRBd01EQT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6QXJYiAUBmAUAoAXDj5uaptqC2k_ABQDJBQAFARTwP9IFCQkFCzgAAADYBQHgBQHwBQj6BQQBWiiQBgCYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAQGJYOAGAfIGAggAgAcBiAcAoAcByAek9AXSBw0VYwEmCNoHBgFesBgA4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=af29d50658a2f8783729c1a683235ca18fb2bbc3&pp=ZXeHLQAFBh4A-QKqAAy_hjlG9DFn0tgWSw98Ng&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1DVbLYd3ZZ6MFKqF5LcPhv-y2A_S4Nfgbo-ktpOTCsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi0xODcwNzc1NTI2MjE1MTI2yAEJqAMByAMCqgTcAU_Qai4THy4_bLtOIXZEIKKPe2BuwjKFBmAGovm9HDJpc_yhVEhASJfcMrMONOomFvP4YTsMcFHMVGQW7gWpAguSjbVmzgEOXwMXySX0fUa_R2yS3eCpFIpMR2LtXuVBA8rMSqPvqF6MZJP1b60nRe-MO_tvtOV7BAGIt_kNtn0lNiE0lOKzJViBfj07BeCw-SjbEYe2Ue_Y5UIBePo0aUUzbBdxEihQtrzarQ6MI4tOrjNWiP482Qg97RgeyK_hy2PQm6-wvOO-8cW0XbrsojuFDO5tuLuJFSvWi4WABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYrp-J07GIgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lsqXUJ2ROOheWLzCPGew1Is2vzQ%26client%3Dca-pub-1870775526215126%26adurl%3D&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
an-x-request-uuid: 15f8c929-11ed-47ef-b5bc-d0f21643d779
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.42; 81.95.5.42; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame F509 115 KB
14 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137824
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYPlCy3VRm6B6gIlCKKq4PApu41GFl3s98zE8kWkjL2pFcIXz10MqoE5eVcE7DaS2rdGnR81ZY8MFgHXEH4%2FaPbxnFC0vRgM3CZLhIiSZpJKE6Bkvyjwh1DWKwaLTJRkROE0El495so%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8341047ffc8635f8-FRA
expires: Tue, 12 Dec 2023 22:03:26 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame F509 9 KB
9 KB 37ms
19ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1188778
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R84zBEMEc9JVLWoEu9oTEhtKLZL3RL%2F1MT2NRpu%2B9aFdgH3rTDNG4SCUspfWVm2e2sQOEN1e014e5JHhueGzHEfZSby2Ot4bS3VcEr9kp6Hm6RQKp5kPk7aTqzM6bWDFsVCPCTpisNehmC%2BC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83410480199e3835-FRA

GET
H2 200 279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
assets.ad4m.at/ Frame F509 22 KB
23 KB 35ms
17ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45941cddb32c44e5eff43b00a2f5ead40b9d0e6323ae161a40c426bc8c500f71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1194485
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 22596
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:47 GMT
server: cloudflare
etag: "80c578a48f16f48e135bcb3d2ea2c9e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BKmMbJgQorK8AbwgSd0abEEXBpauC82MYaR86eZEEXqOUgb36wo%2FpTnfhrx3LNfSS0sejPuEEGThStT7kkP49it9R6kTy8k4tcv9TMot0olDcdlLJE5eBoJLsO5GrDvuPIubUiQyGum8Fv1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83410480199c3835-FRA

GET
H2 200 2aed39855b5f46b777481d90b61d111f
pv.medialead.de/trck/epv/ Frame F509 0
327 B 66ms
18ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneid13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9boneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720105030","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
assets.ad4m.at/logo/ Frame F509 7 KB
7 KB 28ms
20ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 273959
cf-polished: qual=85, origFmt=jpeg, origSize=20298
alt-svc: h3=":443"; ma=86400
content-length: 6740
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:49:29 GMT
server: cloudflare
etag: "dcdbfc63ef930c205a6c8ec70a6f5e71"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BYkjD%2BuxTo%2FpLkFnu7lFiJZxQKeEsWRyvYJDRfxoCDx74vmjSebm%2BMgLELaONTcz4vYcgfvPIUFUBb8Atj6QyyW4qmpz245cXrJoSURzzSBx7evBfZ7dPhWXbFt29nRHBe05JBp%2F8wQmCf0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8341048019a03835-FRA

GET
H2 200 EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
assets.ad4m.at/product_image/ Frame F509 26 KB
26 KB 26ms
18ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c50cef0534fcc9f901046ad6c0dffe00209ffbe4319e019fb960a262a6b2ec71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2665876
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 26621
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:09:50 GMT
server: cloudflare
etag: "0a62ebe3b3faad549be8ad7d4386119f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BQVoieLN3J74U3yfGHNNEOyP0wk11mwk4DHIilOVb6fg9ikCcVHCX6ncCB%2B7oyxu0%2F1Vrgmv1RMkp8DCd8QJOCVlLnyMQjcO%2FBmXrma%2FUXVPHUgHfkeNzqdlSU2yEd7fKLQQrq7DetwX3bt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83410480199d3835-FRA

GET
H2

200

/
pvx.freenet-mobilfunk.de/ Frame F509
Redirect Chain

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRGoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702332206_1c072226-9871-11ee-a9f2-22382f104756

43 B
1020 B

88ms
44ms

Image
image/gif

2606:4700:4400::ac40:9b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702332206_1c072226-9871-11ee-a9f2-22382f104756

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700:4400::ac40:9b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
p3p: CP="ALL CUR DEV PSA OUR IND STA"
cf-ray: 8341048399701987-FRA
x-xss-protection: 1; mode=block

Redirect headers

Date: Mon, 11 Dec 2023 22:03:26 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1702332206_1c072226-9871-11ee-a9f2-22382f104756
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 1AE0100679DEA6E9828359DAE5AB4B1AB525BBCDF569E1787E77DFD9660F62D2DF4AC066EB75440D95DA25F6D03F1BC74148475AEF4F371AA66ADFD1FA3DB542
assets.ad4m.at/logo/ Frame F509 28 KB
29 KB 28ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/1AE0100679DEA6E9828359DAE5AB4B1AB525BBCDF569E1787E77DFD9660F62D2DF4AC066EB75440D95DA25F6D03F1BC74148475AEF4F371AA66ADFD1FA3DB542
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0f5ca105c0dd7238152fd0c4eb909adf2470bb35797e74aeeb82f6efe1d5a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 270032
cf-polished: origFmt=png, origSize=51775
alt-svc: h3=":443"; ma=86400
content-length: 28956
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:42:55 GMT
server: cloudflare
etag: "45d997fbeb0b1a01c930edce3362ff44"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvJDH4PaYdcNDUkzjoc0kaPQE4U9EPyqFEv67b5ogbHL3GjIhqa95oJ3qmP9ZExfjr3E%2Fp5d4C1ZggQ5%2BTEi3tRPla%2BnLmyQOchKVqzBPj%2FqUyAONsbF2%2FWyopNrGCgbPz7No%2Fclba2GLQxM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83410480199f3835-FRA

GET
H2 200 4013933CDEDC7102075E0ACAB11A1F181544B574ABA13DF8D1F786921DBDE25A4D7B19D64182B83AD8E3064E11E94354EC5129747A977462AC4029E44CCF2920
assets.ad4m.at/ Frame F509 86 KB
87 KB 33ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/4013933CDEDC7102075E0ACAB11A1F181544B574ABA13DF8D1F786921DBDE25A4D7B19D64182B83AD8E3064E11E94354EC5129747A977462AC4029E44CCF2920
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C29002%2C819&b=13ZsbfKfD47Xt9HdH9tAtb9rC2SKT7Mjf9b%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG%2C4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5&f=wA3SdfjfDQ58tEHRH2tEC867tzSATDzRTXj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP%2Cr2GcQf9fbbFAH7HjtJCq6bSYS8TKxdh1p&c=300&d=250&e=&g=c26784d8293e733d94adfb9ab67a9519%2F17440512243747516584&i=26474%2C25052%2C17775&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702332206004&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ks5vhz4mzpq4k4xesdksrenwnrc8qankwebhtfr5r5zrmkr9e274c75z0vwzkespvvw5h0mw7xz8dav91yv97xz44t1zkqchzrvyjmhd0xnk1qy0wm32dds4y5cb4pbaqaywx5ndsdj2btn3t9r7edgrvq6wdh9cn4ph85xe2gk7hfz7t2602vganc5vb5y5hgvn053zda1rqmjkjgsdkd6yqhtta9h7qva2vjr22z3kc1xxv1gagpv5epr5qs0dh5wcbv14t17prgdfxyg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCgBJLLYd3ZczBFJeIsgee-4OIBZDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTE4NzA3NzU1MjYyMTUxMjbIAQmpAgcn2E1EB7I-qAMByAMCqgTiAU_QRUZcUh_MLjEkCctWgW-ooNMcu8Hb72IdmGkFkq0FDTa6btCj9d29wAtavu8BfSNaqiuGfKI5_CWrWutd8VgXcZ1E-JeRltkXbNOAYa5bpa1dZoZsNsUj5GlQcVWaLbfK3EcH-w1gbEzdT6UUEyH7VcV2_8j9Qu2-hWMb8SdhRGmUW8yP5VH2_EMhpa9weEg5JU7F_sVeJaiskJKsAoEeqVLeB2C2dqVy4WaKKlYb74d5gC6BzD3psAN7NWV-gC0Iz-NCI9O0XG4tBLuE1ZewipPacgcBJBI6Q6KB3mJFEFOABp6-hfn80dyG3QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0dSJ07GIgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zRKzmgCS17Xb3w07NziNoVZ9WYg%2526client%253Dca-pub-1870775526215126%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2da65ecc845d49077b36941fd1c37e66f544e20188bd5861fd9193deaab62961

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 261336
cf-polished: origFmt=png, origSize=105062
alt-svc: h3=":443"; ma=86400
content-length: 88196
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 13:33:36 GMT
server: cloudflare
etag: "41509d71ed35ad54f2e0a11e6d168662"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPGsXjPJa4hWA24NMnW3KIKF94GDKKbWgoVz5WMKjvRQtf2p6VTNyurpTVakrWJTiB15L2ZOwnB8zKSMP0Yzy72mF%2Bk0%2BaxBiGuX8MKm4%2B7nD1K2dAbrbxVUyjGhbGm%2BwbvQGCvrTL9jOr%2Fo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8341048019a23835-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F509 43 B
705 B 83ms
60ms Image
image/gif 2.23.68.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3075674&v=11400&q=348971&r=412871&pv=1&pref3=oneid4rehEf5fQQFGH9HdtAtqG2SbSpTr6XuZ5oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.23.68.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-68-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: FreshStoreAva/1.0

Response headers

Pragma: no-cache
Date: Mon, 11 Dec 2023 22:03:26 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B5ED
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJnhu4LVRGKzC68L-KhfPBY&google_cver=1&google_push=AXcoOmSEFPEhY_7c34IyRtZhARyk1PWEHPFNO7zrB2x8FNCPhIzWjTTby_XCh1o32-fttRVDV-3-tT4KKpInyjTN5Doj_oVga5Rdm...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDUyOTg1MTE3ODM4OTAxMjI0Mg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJnhu4LVRGKzC68L-KhfPBY&google_cver=1

43 B
398 B

43ms
16ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJnhu4LVRGKzC68L-KhfPBY&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJnhu4LVRGKzC68L-KhfPBY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame B5ED 43 B
407 B 173ms
171ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEKzdx1MGtm4yvHHYKjRieAw&google_cver=1&google_push=AXcoOmTF6hIa1E56CNYZE4LBVLA_OtjIio_hoU1433QX2jWRaoq2omx_7Mm-knG-3Fp3u0BQuQUpQoy-iaqX03dLL612QsP4D0f6ETUklwYURT1eYDhCiOWPeLGLXBtl3G1DSEmbR6L7juleqnMcJceeUGd9H0w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTF6hIa1E56CNYZE4LBVLA_OtjIio_hoU1433QX2jWRaoq2omx_7Mm-knG-3Fp3u0BQuQUpQoy-iaqX03dLL612QsP4D0f6ETUklwYURT1eYDhCiOWPeLGLXBtl3G1DSEmbR6L7juleqnMcJceeUGd9H0w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 834104800d1818c1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5ED
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHV_PQUrv_Sk6CmIAc1eLfM&google_cver=1&google_push=AXcoOmS4tdk8SVJ-BwD_d-52LqjX8nas4b4FKd0hWK-5PgohMmCijGK7UDokOdNGypr3RF7u6Fggg7ROrI0o8T2cud20P3p6XWnA8s...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAACB0D3F5F74FA09C494417A5431454&google_push=AXcoOmS4tdk8SVJ-BwD_d-52LqjX8nas4b4FKd0hWK-5PgohMmCijGK7UDokOdNGypr3RF7u6Fggg7ROrI0o8T2...

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAACB0D3F5F74FA09C494417A5431454&google_push=AXcoOmS4tdk8SVJ-BwD_d-52LqjX8nas4b4FKd0hWK-5PgohMmCijGK7UDokOdNGypr3RF7u6Fggg7ROrI0o8T2cud20P3p6XWnA8swnCTBRWK95AJqAJSo7RcISZ1tnKBmT9gr9yWsh5_GE9hObobL1fiN2aZE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 22:03:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAACB0D3F5F74FA09C494417A5431454&google_push=AXcoOmS4tdk8SVJ-BwD_d-52LqjX8nas4b4FKd0hWK-5PgohMmCijGK7UDokOdNGypr3RF7u6Fggg7ROrI0o8T2cud20P3p6XWnA8swnCTBRWK95AJqAJSo7RcISZ1tnKBmT9gr9yWsh5_GE9hObobL1fiN2aZE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 10 Dec 2023 22:03:26 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B5ED 70 B
148 B 32ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKRzaagiaUmmPpARAkVp-Jo&google_cver=1&google_push=AXcoOmSc8okGJaPN4Gjhbvkq-pFWJs6sPv9FOLXQyXVYetfCqy33Mwisw-xruIJURhXZZ4hshWTBnIG4WTK0HhlQXVmLzrpwxsgK8KHPgxq4F25m7VDoRh6ZUcNHhRPdjdWxyMweSZT2_B95f_UpU9DqbQk2uw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 451 466606.gif
id.rlcdn.com/ Frame B5ED 0
98 B 39ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTgxdxQSgysxpxVFCa8xqtfIt2C_GHKGIzGzy_1bKskjHsavk-yclMWKyyMl6Kcg_mwh4G6tP0Qw-3jKJVZzvAv4RWSEObGBsz9d7d62agmIYs2ue7_TZtwx0m2kss9zVqJkzliJ7TPSOc4Ie6IPUphALg&google_gid=CAESEAoSdBmBfHr5W_sbq2GdJZo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5ED
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEVQb0hwW4ejzNdXhRPZAzo&google_cver=1&google_push=AXcoOmRbU9QDu0mTIlMs7fPUo5bfSNiP83i-Cs_Hr_ms6DKE6icXLH9j6rnkx1jLZGn_Qow7RMlKEBEpDq4Vwmj7...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ahzSFCzZStgQvh3t5E3kbA&google_push=AXcoOmRbU9QDu0mTIlMs7fPUo5bfSNiP83i-Cs_Hr_ms6DKE6icXLH9j6rnkx1jLZGn_Qow7RMlKEBEpDq4Vwmj7N5brF0Li8-Uwe6K...

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ahzSFCzZStgQvh3t5E3kbA&google_push=AXcoOmRbU9QDu0mTIlMs7fPUo5bfSNiP83i-Cs_Hr_ms6DKE6icXLH9j6rnkx1jLZGn_Qow7RMlKEBEpDq4Vwmj7N5brF0Li8-Uwe6KSOjqty8pvhsRCEJ2ElPv9l19Rp8SIscOfwHeTCRF3i5UN4x6RgO9eog

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Dec 2023 22:03:26 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ahzSFCzZStgQvh3t5E3kbA&google_push=AXcoOmRbU9QDu0mTIlMs7fPUo5bfSNiP83i-Cs_Hr_ms6DKE6icXLH9j6rnkx1jLZGn_Qow7RMlKEBEpDq4Vwmj7N5brF0Li8-Uwe6KSOjqty8pvhsRCEJ2ElPv9l19Rp8SIscOfwHeTCRF3i5UN4x6RgO9eog
x-host: tde-deliveryengine-production-699fcc6655-dhdxx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B5ED 43 B
362 B 14ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSlkz9HbzkHXXMuHjfLbOdWRQVM0-8QE1bHuRVgQcVFZvg7JNqfIg3aTCh10flmXrksTCuHYn3IPPX9qkXzsUDw2Z4oFqvrBWnyHxt6r-1wAAs4UbFHUcT0TJBZeeB41d-vZR4awnLtu5RpF36nPlJNRh8&google_gid=CAESEO3BzFuUlKX0DQZT51tWOnY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:25 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 280485
expires: Mon, 11 Dec 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B5ED 0
12 B 16ms
15ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1dx4Fb763HnMTNASHsjFnM3H5gonhSjqjYUctfyyrLGAFfTnAJ-UBYWa69NPSk0XZmQak

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1870775526215126&output=html&h=280&adk=4110419616&adf=1910187367&pi=t.aa~a.2047551317~rp.4&w=387&fwrn=1&fwrnh=100&lmt=1702332205&rafmt=1&to=qs&pwprc=2144566648&format=387x280&url=https%3A%2F%2Fwelovewolves.club%2F%3Fbypass-cdn%3D1&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702332205231&bpp=3&bdt=1473&idt=-M&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dbadde255f2211f2c%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ&gpic=UID%3D00000ce529b08e6d%3AT%3D1702332204%3ART%3D1702332204%3AS%3DALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg&prev_fmts=0x0%2C1200x280&nras=3&correlator=5599824519156&frm=20&pv=1&ga_vid=1719194481.1702332204&ga_sid=1702332204&ga_hid=1698558509&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1034&ady=520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079921%2C31079980%2C95320884&oid=2&pvsid=1761861794546958&tmod=647427898&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1761861794546958&bg=!GRqlGlXNAAY3kmNgF5I7ADQBe5WfOAVTE6Nkv5P8mZVeElS2x4dcdZchxGxW37FuqpK-pVRQDG4y4lZmX1P8-ch_6VJwAgAAALZSAAAAAmgBB5kCoDavA8VAbs0L1jxWH0yPJq8qpzmN7j4Go-cOZTizLRhkdAJ3uRiKbI70SVmTa3fXgGh_avKH566XrZeUshQezOlk0MI4k2obWgACHIRwgHA-PoOMOjqlCHVr9TGQQLaaZNoOs_CW__aFCXOQDppYAhNXC7RgHd2dPCIBnvm-1KNNVJMc7CTLiHP0w2ysaFHq438Mizvoa9z6kgp1Fl4KZri0dnBUkB43uQIXPufT0p_0X_cpRU1tTNGLy8GSWNfRlc_ttbh0MNqnVdN2DUX2uXvS5KcKx-MyOoCkEaTqCHDLTHXZDsOPQRhXOAL4lQ0v5vk_C6n2-EnVxAhHkYjcKo2Bfi8x-LXJe2b7wPpio-PgGkO53tlIx11FWKJe3c9qCIz4DC7GtdydHVQNZumzjuz42wOn7L6FDHzrw7c0_oQJZIfNXBmWw7h5Roo_z44LyWclM7CYGE-ie_Ns_8ymimfa08Tai5FNuxpU9w0kYjWDfSbpjhDkZbNuzCL4jXvmwjpVt7Y3b3d2-NSQOQ2CSiCehfnvD41C12x2y2rDPfVAl96-YNDyoqpBi0lfwWXFR-u5rkE9Vo4PHjs4nqYsoh_2lQMKtoG0cH580TrK25BV4IvyMNpxiWvHcAkhEaoaFUOCC8sj3BPbyCM7E0TJvjWne7p364RGibH4KhwSqA63qoQElODKdKocZTGCBFOA50y9BrYxxogihzkVi1G6jMX3n0a3dmCuD4yzUeDDpkQuUyE5uO1HEKBHA5SftVq3AgVa7PzGxbwdtKAr96_WV69vjklz4FPHP0_5z8DPWrirLHyL9AAoGzqEg-I5oL_SOwvLAo9iFRcr9aZnynHfoPHz4ID3QoSO4xP1YpiCAeCmg8XnCq8q9eJiWjL6s1N-3w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://welovewolves.club/
User-Agent: FreshStoreAva/1.0

Response headers

GET
H2 200 1000
pix.revjet.com/interaction/ Frame 16BF 43 B
169 B 30ms
29ms Image
image/gif 95.217.106.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=ec073e09e1fa210ac5217d1ef1c80044&__adt=8240604252559503735&__ade=1&vid=5104451964329528197&__clstampdif=112&__stamp=1702332206110
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.106.24 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.106.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 240096858_uc
cdn.revjet.com/s3/csp/1701857404766/ Frame 16BF 77 KB
78 KB 7ms
7ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1701857404766/240096858_uc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 Brigham City, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: f9a1c0f5d1cd22b59973e8f0e160d83469126e4a383a9fdf9961e7c702e1db4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

date: Mon, 11 Dec 2023 22:03:26 GMT
x-amz-version-id: inrS5Co2LJxjRywPyxPqImRdfZ5bRxCp
age: 39830
x-amz-request-id: YJYVC71091KGGRZ4
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 79340
x-amz-id-2: AkBi5x23+FQ9dMS6tIIgM3qemd24A2PiDt6NWQvXB514u/MJHXJppWNbrhRTY3OyE1Aw900kWcg=
last-modified: Wed, 06 Dec 2023 10:10:07 GMT
server: ECS (frb/67BE)
etag: "4ce288c3d0c6676c6a4149cb6ef26abf"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 12 Dec 2023 22:03:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C1F4 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvb9B_eEFztG4x9NnNDaho5nIaYBqBVPbo_cFfT4LcNcS5hDdeJq4TOJbRpny0LKg6p5yzNRwlo163qoqL5-eudo-5lebVvcaguMRivYSRZfXbtH2Yx_2aGaJh28fiySdFV5Ww67olJ7JE1f5YxmwvVvPNi&sai=AMfl-YQtcHsZmvNBK9dvwRba35dm62Bj03JhYmIyrN3MP24RGGPc4JyQrcc3utUUnd1p5fTlpAp5oHf9ZPokYFsK_xcc8KEQ0jJV9q5x5UT9IFUGyze8_PGQgkbshl0tnEYGWeQvvasgW6v5teS2Bvhb&sig=Cg0ArKJSzGhAgUbh5pYvEAE&cid=CAQSTgDICaaNgsA84zmgkHEziPo4uBQI9tkJdUIStBuqGThrnV7GAk0qN2jUFUyIPvINT9ptuWsMcIyoTuk9QCQdBLpB8M_MmWWjxnMi4sg3yhgB&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702332205420&rpt=222&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8643 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvaqAaZgKUx4y9PjYQu1nuTgTi1g5ylTkV4hFBQq6Ag7En2ffAbCm60ru0yB6CJmrcmd-BEK9bFxLlBmnYvarxuMhVvFrYUDxjN2kryxxXdbYOGw_IguL7iYvPnx8Mg36pJqER11LK3-Uh42hGi5zF9-Y1&sai=AMfl-YTIr0_MqNpCGF__apbokYXxNz6ZF8doq1JcbBFGmiQUmjICwj6ipsqkdxzQg8ayf3CWL7H6rufTTSxnZlY4DF9hq_jEd173enScNzTa6ZJ5UaToMzpvOXj2tews_AHwpUJlXer-w6dJIVQ9V-IH&sig=Cg0ArKJSzNBTY5Pi0m7gEAE&cid=CAQSTgDICaaNgsA84zmgkHEziPo4uBQI9tkJdUIStBuqGThrnV7GAk0qN2jUFUyIPvINT9ptuWsMcIyoTuk9QCQdBLpB8M_MmWWjxnMi4sg3yhgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=455,949,1000,1000,1000&tos=455,494,51,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702332205450&rpt=402&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 2494
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=762b3ac5-e219-4869-9045-5dac0d1fd7da&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=13132c1a-06e0-45c3-82d...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=48874735429f45ca919e37b6d0aa6510&tids=1&med=10

0
18 B

44ms
44ms

Image
text/plain

2a02:26f0:3500:1b::1724:a393
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=48874735429f45ca919e37b6d0aa6510&tids=1&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a393 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E305D31AF9404E539D7D47D354E242E4 Ref B: DUS30EDGE0311 Ref C: 2023-12-11T22:03:27Z
x-cdn-traceid: 0.93a12417.1702332207.acb3e6d
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 11 Dec 2023 22:03:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AE099B17C1F44BC79AF0AFBBC97D2A55 Ref B: FRAEDGE1721 Ref C: 2023-12-11T22:03:27Z
x-cdn-traceid: 0.93a12417.1702332206.acb3de3
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=48874735429f45ca919e37b6d0aa6510&tids=1&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 2494 0
551 B 14ms
14ms Ping
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwelovewolves.club&e=wqT_3QKfB-ifAwAAAwDWAAUBCK2O3qsGEPjTzajmhtmsDBgAKjYJD_wGt5D3nD8Ry9-Na7E8nD8ZAAAAYGZm8j8hyw0SBCkPDSTQMQAAAOBRuK4_MNv4pgM4tQFAtV5I4wNQuomKtgFYv7E9YABon6RUeKT0BYABAYoBA1VTRJIFBvBhmAHQAqABmAKoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAhlodHRwczovL3dlbG92ZXdvbHZlcy5jbHVigAMAiAMBkAMAmAMJoAMBqgOwAwrLAmh0dHAFL_CGd3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9MTMxMzJjMWEtMDZlMC00NWMzLTgyZGItMDc1NDViOWExNDJjJmJpZElkPTEmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5BVgYcHVibGlzaAUpLDE2MjY0NTMzMCZySZptALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YjYZAHhfcDJmX2NwX2kxJmFpZD0ke0FVQ1RJT05fSUR9JndwHRHwUlBSSUNFfRIFMTIwODUaEjg4OTg1MjU4NjE2OTE2NjMyOCIJMzgxODQ2NzE0KgRiaW5nOjRVMlZoY21Ob1FXUWpPREE0T0RNd01USXdPVE15TmpBERTwUnhPVEEzTkRBd01EQT3AA9gEyAMA2AMA4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6QXJYiAUBmAUAoAXDj5uaptqC2k_ABQDJBQAFARTwP9IFCQkFCzgAAADYBQHgBQHwBQj6BQQBWiiQBgCYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAQGJYOAGAfIGAggAgAcBiAcAoAcByAek9AXSBw0VYwEmCNoHBgFesBgA4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=af29d50658a2f8783729c1a683235ca18fb2bbc3&type=pv&jm=1003&px=26&py=0&bw=336&bh=176&sf=1&sid=5784367971359917200&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=unknown&pl=unknown&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:27 GMT
an-x-request-uuid: cbba569c-9378-4462-846a-cffca33d5ed8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.42; 81.95.5.42; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2494 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVDEqRfwFLtn5qyaHp3vozubcaJmPWpP2IUogEgF_xLA3jogquCA0eUfghAVWyKnAU01oBSZuVkpConjXYiouAoc2fHdbHl2aiwi5hdPHrOCxL0C1GYQ&sig=Cg0ArKJSzJBnZS-F26nKEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4110419616&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702332205871&rpt=193&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8643 0
22 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=729924016837&version=m202309260101&ct=77&x=1&cor=263009624836499260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:03:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 900
pix.revjet.com/interaction/ Frame 16BF 43 B
169 B 29ms
29ms Image
image/gif 95.217.106.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/900?__ads=ec073e09e1fa210ac5217d1ef1c80044&vid=5104451964329528197&__adt=8240604252559503735&__ade=1&latent=0&vis_type=8&__stamp=1702332207128
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.217.106.24 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.106.217.95.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: FreshStoreAva/1.0

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Dec 2023 22:03:27 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:35:24	Name: userId Value: aP0MoXXgLRnCCYpcIudR_GQJsX-0SZ5L
.welovewolves.club/	1970-01-20 16:53:38	Name: _gid Value: GA1.2.361710279.1702332204
.welovewolves.club/	1970-01-20 16:52:12	Name: _gat_gtag_UA_100410125_1 Value: 1
.welovewolves.club/	1970-01-21 02:28:12	Name: _ga Value: GA1.1.1719194481.1702332204
.welovewolves.club/	1970-01-21 02:13:48	Name: __gads Value: ID=badde255f2211f2c:T=1702332204:RT=1702332204:S=ALNI_MZ3sidO1CurDP3w0VnRC3dukhM4QQ
.welovewolves.club/	1970-01-21 02:13:48	Name: __gpi Value: UID=00000ce529b08e6d:T=1702332204:RT=1702332204:S=ALNI_MYZhIcIWALtxhgGxu2ZuvB79l1GUg
.casalemedia.com/	1970-01-20 19:01:48	Name: CMPS Value: 2157
.casalemedia.com/	1970-01-21 01:37:48	Name: CMID Value: ZXeHLSDUVcVy34E9zAv9GwAA
.casalemedia.com/	1970-01-20 19:01:48	Name: CMPRO Value: 2157
.doubleclick.net/	1970-01-20 16:52:15	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:13:48	Name: IDE Value: AHWqTUkPQaN-rXywDSS0ig8dH29uyh9b2bTYhMDApSi8Rf0StDTPXllgu-FGiq2B4nI
.simpli.fi/	1970-01-21 01:39:14	Name: suid Value: DAACB0D3F5F74FA09C494417A5431454
.doubleclick.net/	1970-01-20 17:35:24	Name: ar_debug Value: 1
.revjet.com/	1970-01-21 02:28:12	Name: trx Value: 5104451964329528197
.revjet.com/	1970-01-20 16:53:38	Name: ads Value: ec073e09e1fa210ac5217d1ef1c80044
.bing.com/	1970-01-21 02:13:48	Name: MUID Value: 0E05FFD045576EF916DEEC3444856F5A
.welovewolves.club/	1970-01-21 02:28:12	Name: _ga_RJ1MXGPJPF Value: GS1.1.1702332203.1.0.1702332206.57.0.0
.travelaudience.com/	1970-01-21 02:23:53	Name: _tracker Value: %7B%22UUID%22%3A%226A1CD214-2CD9-4AD8-10BE-1DEDE44DE46C%22%7D
.awin1.com/	1970-01-20 16:55:05	Name: awpv11400 Value: 412871\|1702332206\|1be06040-9871-11ee-9488-2234841a3abe
.tribalfusion.com/	1970-01-20 19:01:48	Name: ANON_ID Value: alnt6ZatZdPuem7SpBmPo7VqsF6nsBZbxj3hUvRaT4MvcpcTGjHWNWHiXVZaXrTMxJZaycZcxkkJff6vsXiUUcG6sdrHeXYkOl
.turn.com/	1970-01-20 21:11:24	Name: uid Value: 4529851178389012242
.awin1.com/	1970-01-20 17:02:17	Name: awpv11420 Value: 412871\|1702332206\|1c072226-9871-11ee-a9f2-22382f104756
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 392147:2524318
.freenet-mobilfunk.de/	1970-01-20 17:02:17	Name: VPCommission Value: 41006061
.freenet-mobilfunk.de/	1970-01-20 17:02:17	Name: eventid Value: 11420_412871_1702332206_1c072226-9871-11ee-a9f2-22382f104756
.freenet-mobilfunk.de/	1970-01-20 17:02:17	Name: subvpid Value: 412871
.freenet-mobilfunk.de/	1970-01-20 16:52:14	Name: __cf_bm Value: IS3k2nIG5Lsu4AUnb7UDd825aWUnM7jXPerN5sql6f8-1702332206-1-ATv3iox2vJ22AwBRx8dLr9q1b4GEEnxz3edLZy42jk1YoYLoGgjYy0zgohac/G03L8yeaUnY/MTiiEOAm2q48bc=
.freenet-mobilfunk.de/	1969-12-31 23:59:59	Name: _cfuvid Value: dwhd1BuaC37zuZdWS0sM9r2JoL4_mTRHLQ27v1PQWFo-1702332206696-0-604800000

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmTgxdxQSgysxpxVFCa8xqtfIt2C_GHKGIzGzy_1bKskjHsavk-yclMWKyyMl6Kcg_mwh4G6tP0Qw-3jKJVZzvAv4RWSEObGBsz9d7d62agmIYs2ue7_TZtwx0m2kss9zVqJkzliJ7TPSOc4Ie6IPUphALg&google_gid=CAESEAoSdBmBfHr5W_sbq2GdJZo&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.revjet.com
ads.travelaudience.com
adsdk.microsoft.com
ams3-ib.adnxs.com
as.ad4m.at
assets.ad4m.at
cdn.adnxs.com
cdn.revjet.com
cm.g.doubleclick.net
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
match.adsrvr.org
pagead2.googlesyndication.com
pix.revjet.com
pixel-sync.sitescout.com
prod-rtb.ad4mat.net
pv.medialead.de
pvx.freenet-mobilfunk.de
r.turn.com
region1.analytics.google.com
s.tribalfusion.com
s0.2mdn.net
static-de.ad4mat.net
stats.g.doubleclick.net
tpc.googlesyndication.com
um.simpli.fi
welovewolves.club
www.awin1.com
www.bing.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.18.36.155
142.250.185.98
15.197.193.217
172.217.16.134
172.217.18.2
178.250.1.9
185.89.210.122
185.89.210.244
192.229.233.6
2.19.244.218
2.23.68.89
2001:4860:4802:34::36
213.239.199.234
2400:52e0:1e00::1081:1
2600:1901:0:76b9::
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:4400::ac40:9b32
2606:4700::6812:19ad
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2006
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a00:1450:400c:c09::9b
2a02:26f0:3500:1b::1724:a393
2a02:fa8:8806:21::1720
35.157.253.10
35.190.0.66
35.204.158.49
35.244.174.68
46.228.164.11
91.121.248.44
95.217.106.24
98.98.134.243
06a4985ddeefbd112b1f64b1db40a32f7a1b22fddf810aa12ae57ebfaca8fcb3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb91d1ee79bb03fcc0e6f6368bfe3450d59208d9739f8fd486ae98ce280d29b
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1ee696a7f7a7a0401e2e3a1f81fd8e8e6e4a1c875eda791e81cb42a6a98c4f87
2da65ecc845d49077b36941fd1c37e66f544e20188bd5861fd9193deaab62961
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33132c478940a5b241e07cdb26d0f28c6cfb17d17c0276cd87ea3863cb2a3dde
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3362ad234c6da8ce5f7db4d53504f1b909c258b2028abdb6709c6a14df627138
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3b87aaf942758a5e007daa885d0e92fd189f5da0eb5135395e7d9c11e6b907a0
3ba56d2d49f34187487e370afc0207fa941eaf8586b6c39cb390e70b54fca447
3e1406c94587637a7460b7a2089dc1db426ce759c728f4a5479215e1f9360a8b
3ef37de34244f627f95f6478562a1153c64bdfd03a51125a0e4ee7654f10582b
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44ae8b0cf4590c4d2ed6a9b82c402524cb4de5a7b5c27682b1bfe178da1d7088
45405dbece10ad1479f7862b51c195cce298d4ccd440d71b2838027f824bd218
45941cddb32c44e5eff43b00a2f5ead40b9d0e6323ae161a40c426bc8c500f71
48106a711ba6b8469395c27723713c37f2076fbb68e3c6a458f0647bced65c38
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
51ac6181d4f3f2c537c5761f642158c593b61f0fbb57675ba1340603f148cbdf
52d31d5bd42c6229d751ffc9e98da72a7f74f8793eb16a9ff5cbc02aa6b13477
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
5366cb9693295f3a5b3139c2019e453ce7b13618768cfd53f534135bfb95d9bb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60fed3181b6988afdf2820001db18b9ebde443b9899fc4e89c6ae5c6bf6bdd33
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
650786bcf4f941b13370042a766dbbd1995e3524e0046b620c29deb379fa65ef
6521ed5ca6b8cb0dbf0fb8571e37b8497cb888005c615bbb0b0d3f83fa7449d7
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
6f7cbe6a6a0350070440a0c5cc0ac998bf39c62fa63b65ec995a86279a42daa1
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fa321029f9d5ba45d5a1b9d153e47006c0f28000a8c42109d88f412bbba0f05
900c064667e28c705ad2be69c21d56ae970546beab96bd721a85a27eea62fb43
90aa8105602fac230b09110c709bec96885e62bdcbfa876d1d2b6fa4e694a883
93eab9366d31cc71d2a27c14b0b2946e8fdaac0973d6841a4111a241b91a189a
9849846c7a01fd5f4bfa25977c5b71e9c0cb5c6641ce4ba87f17d883cde4fa82
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a18847464e3aaf21065e9e7ffce0cf2ec5ac03c9799a6ed0d0463c96d9f9b9cb
a2592b93b5f78c6fea9afe7755e9c68ce5a4497f7f6f508339bb4f78a0bced38
a2653eac85c0e5d5cd119bcf4245d02143d64f5b2eac7aba62f73dc94424111f
a2e1e1d8f6d2d84122d848d7db02a324a80b4a40c4c892b3d653ade0a177fd27
a7c5e3b9bd5fab03d8efdf7885f4fbd4c2bafdafc35bcaa97291e823d641d270
a8f924bbc3f381636d98cfff0cb411053b4bbbf78ada2b499f8ef8f087c7b179
a911d00cf9bae444cd4c844a65fca6e8d079337a0456e36dedc5a6e7cf636a26
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
afe89fe2627e2661d781a84f97d6756b1c3918e34c1c19602192ffbd96d14c8e
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b35f4e21f3254008cb06cf756ce16f29a6f30df77c3129ac4ada5dfe46ccd1f2
b496fae0bf22e95b2ff8eb5477cb418c118245ac7e9a042dc5bac4a59e7ec249
ba13b618463e362fb4ae8739f0c2e1897b93fb491872aaaaf3528e6fb2d52b76
be62dcd9be0d9bc619ea4b12d44e7ac1da40db23011580272cf0129a3226de9c
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c3958950542c3d4350757a80f8b16785b6b72aafcccaa6deca82bb70b8be692e
c49ea72eb719dc487321fbf87c2f54313d67fabad62f9cb7cbe66700eeb1216b
c50cef0534fcc9f901046ad6c0dffe00209ffbe4319e019fb960a262a6b2ec71
c59e045f05274327afab76d3338e31e5ae5ac357ba4428c9d81b95eb395c06f1
cdbe9b84c30a00229826b0b1e354c94d36dd6bf16e6580bbef43877689c8f5bb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d1be5c00c4748de2de674b71af59a7cf0060673953caee9d24e3826d4cc40fe6
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d6689f5194509eaf1423dab888f54a0b30278820c9272e7e5849d7e046689cc7
dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
dd824ca47370640d99212636ddd97cbe07c530e398ee7806fef090abbdb8b433
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e89ea0d080365119977aa1b54759cdbf8c2010746cfcecb1960be67abae7c78d
e99bcf98f47326f9a0b5c74930d797a3d3e3a1491ae4d698d62ccb7e1025c397
ea0f5ca105c0dd7238152fd0c4eb909adf2470bb35797e74aeeb82f6efe1d5a9
eb1c6dfc10537497d3a4a7481eb85b9fca99fb72a39ce04c4b04c2a1561e3cd5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ee945c54dff07802e81a7d57d7cb271e7b7deaeb9c868594ccefe22cfa19ac82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505
f0125e3b0134cc123d18987c208c2266ad12de3f298c91ec7a40b38b9d25f3c5
f13b1f1ccb620c828ce5c2e97a86c492f47b744a6fbf92fa07c34a50eb0d2945
f6925c37beb5cd101abb3f8c2d87b58915fda304a97ef6ec978eb1ec471c60d3
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f9a1c0f5d1cd22b59973e8f0e160d83469126e4a383a9fdf9961e7c702e1db4c

welovewolves.club Open in urlscan Pro 2400:52e0:1e00::1081:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

204 Requests

93 %HTTPS

53 %IPv6

31 Domains

47 Subdomains

42 IPs

9 Countries

4979 kBTransfer

8319 kBSize

28 Cookies

5 Outgoing links

Redirected requests

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

welovewolves.club Open in urlscan Pro
2400:52e0:1e00::1081:1 Public Scan

Screenshot
Live screenshot

Full Image

204
Requests

93 %
HTTPS

53 %
IPv6

31
Domains

47
Subdomains

42
IPs

9
Countries

4979 kB
Transfer

8319 kB
Size

28
Cookies

204 HTTP transactions
-1 data transactions